diff options
| author | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-12-16 12:30:28 +0000 |
|---|---|---|
| committer | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-12-16 12:30:28 +0000 |
| commit | 073cc5e815fcf5178fe4e515fcde74dc3597adeb (patch) | |
| tree | ff58ba88488fdcbbb385575804206ca82c78fc95 /ext/dl/handle.c | |
| parent | 0bdadc5b7e4b77ced3acbf0ff3e436a4b945c9ed (diff) | |
merge revision(s): 53153 and 23405@ruby_1_9_1ruby_2_0_0
* ext/fiddle/handle.c: check tainted string arguments.
Patch provided by tenderlove and nobu.
* test/fiddle/test_handle.rb (class TestHandle): add test for above.
* ext/dl/handle.c (rb_dlhandle_initialize): prohibits DL::dlopen
with a tainted name of library.
Patch by sheepman <sheepman AT sheepman.sakura.ne.jp>.
* ext/dl/handle.c (rb_dlhandle_sym): ditto
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@53161 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/dl/handle.c')
| -rw-r--r-- | ext/dl/handle.c | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/ext/dl/handle.c b/ext/dl/handle.c index 6b90e089ee..c967b2fb8e 100644 --- a/ext/dl/handle.c +++ b/ext/dl/handle.c @@ -5,6 +5,8 @@ #include <ruby.h> #include "dl.h" +#define SafeStringValuePtr(v) (rb_string_value(&v), rb_check_safe_obj(v), RSTRING_PTR(v)) + VALUE rb_cDLHandle; #ifdef _WIN32 @@ -132,11 +134,11 @@ rb_dlhandle_initialize(int argc, VALUE argv[], VALUE self) cflag = RTLD_LAZY | RTLD_GLOBAL; break; case 1: - clib = NIL_P(lib) ? NULL : StringValuePtr(lib); + clib = NIL_P(lib) ? NULL : SafeStringValuePtr(lib); cflag = RTLD_LAZY | RTLD_GLOBAL; break; case 2: - clib = NIL_P(lib) ? NULL : StringValuePtr(lib); + clib = NIL_P(lib) ? NULL : SafeStringValuePtr(lib); cflag = NUM2INT(flag); break; default: @@ -265,13 +267,16 @@ VALUE rb_dlhandle_sym(VALUE self, VALUE sym) { struct dl_handle *dlhandle; + const char *name; + + name = SafeStringValuePtr(sym); TypedData_Get_Struct(self, struct dl_handle, &dlhandle_data_type, dlhandle); if( ! dlhandle->open ){ rb_raise(rb_eDLError, "closed handle"); } - return dlhandle_sym(dlhandle->ptr, StringValueCStr(sym)); + return dlhandle_sym(dlhandle->ptr, name); } #ifndef RTLD_NEXT |