Skip to content
Browse files

Avoid dangerous rb_raise() usage.

Passing a variable as the format string to rb_raise() is potentially dangerous
because the variable might contain a formatting sequence (e.g., "%s").
  • Loading branch information...
1 parent 76aa7e9 commit d9718debc6ada2567ad13f669bdf795b0db06769 @neilconway neilconway committed May 15, 2012
Showing with 8 additions and 8 deletions.
  1. +8 −8 ext/rubymain.cpp
View
16 ext/rubymain.cpp
@@ -507,7 +507,7 @@ static VALUE t_connect_server (VALUE self, VALUE server, VALUE port)
rb_raise (EM_eConnectionError, "no connection");
return ULONG2NUM (f);
} catch (std::runtime_error e) {
- rb_raise (EM_eConnectionError, e.what());
+ rb_raise (EM_eConnectionError, "%s", e.what());
}
return Qnil;
}
@@ -528,7 +528,7 @@ static VALUE t_bind_connect_server (VALUE self, VALUE bind_addr, VALUE bind_port
rb_raise (EM_eConnectionError, "no connection");
return ULONG2NUM (f);
} catch (std::runtime_error e) {
- rb_raise (EM_eConnectionError, e.what());
+ rb_raise (EM_eConnectionError, "%s", e.what());
}
return Qnil;
}
@@ -848,7 +848,7 @@ static VALUE t_watch_filename (VALUE self, VALUE fname)
try {
return ULONG2NUM(evma_watch_filename(StringValuePtr(fname)));
} catch (std::runtime_error e) {
- rb_raise (EM_eUnsupported, e.what());
+ rb_raise (EM_eUnsupported, "%s", e.what());
}
return Qnil;
}
@@ -874,7 +874,7 @@ static VALUE t_watch_pid (VALUE self, VALUE pid)
try {
return ULONG2NUM(evma_watch_pid(NUM2INT(pid)));
} catch (std::runtime_error e) {
- rb_raise (EM_eUnsupported, e.what());
+ rb_raise (EM_eUnsupported, "%s", e.what());
}
return Qnil;
}
@@ -1074,7 +1074,7 @@ static VALUE t_start_proxy (VALUE self, VALUE from, VALUE to, VALUE bufsize, VAL
try {
evma_start_proxy(NUM2ULONG (from), NUM2ULONG (to), NUM2ULONG(bufsize), NUM2ULONG(length));
} catch (std::runtime_error e) {
- rb_raise (EM_eConnectionError, e.what());
+ rb_raise (EM_eConnectionError, "%s", e.what());
}
return Qnil;
}
@@ -1089,7 +1089,7 @@ static VALUE t_stop_proxy (VALUE self, VALUE from)
try{
evma_stop_proxy(NUM2ULONG (from));
} catch (std::runtime_error e) {
- rb_raise (EM_eConnectionError, e.what());
+ rb_raise (EM_eConnectionError, "%s", e.what());
}
return Qnil;
}
@@ -1103,7 +1103,7 @@ static VALUE t_proxied_bytes (VALUE self, VALUE from)
try{
return ULONG2NUM(evma_proxied_bytes(NUM2ULONG (from)));
} catch (std::runtime_error e) {
- rb_raise (EM_eConnectionError, e.what());
+ rb_raise (EM_eConnectionError, "%s", e.what());
}
return Qnil;
}
@@ -1128,7 +1128,7 @@ static VALUE t_get_idle_time (VALUE self, VALUE from)
return Qnil;
}
} catch (std::runtime_error e) {
- rb_raise (EM_eConnectionError, e.what());
+ rb_raise (EM_eConnectionError, "%s", e.what());
}
return Qnil;
}

0 comments on commit d9718de

Please sign in to comment.
Something went wrong with that request. Please try again.