Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP

Loading…

Kernel.exec should raise an ArgumentError if the command includes a null byte #704

Merged
merged 1 commit into from

2 participants

@atambo
Collaborator

No description provided.

@headius
Owner

I think the spirit of this spec is that if a null byte appears anywhere in the String, we should raise the error.

A couple other notes:

  • Don't remove the convertToString. The error that results from passing a non-String would go away.
  • After the convertToString, you have a RubyString in hand. You can get the ByteList out of it and walk the bytes directly, which will be more efficient than converting to a Java string.
@atambo
Collaborator

Done. Let me know if the amended commit above doesn't cover everything.

@headius
Owner

you can actually iterate the raw bytes directly, using "getUnsafeBytes", but this is fine for now. I doubt anyone will have a command line long enough to be a performance problem :-)

Merging shortly.

@headius headius merged commit d90f2db into from
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
This page is out of date. Refresh to see the latest.
View
2  spec/tags/1.8/ruby/core/kernel/exec_tags.txt
@@ -1,10 +1,8 @@
-fails:Kernel#exec raises an ArgumentError if the command includes a null byte
fails:Kernel#exec raises Errno::EACCES when passed a directory
fails:Kernel#exec with a single argument subjects the specified command to shell expansion
fails:Kernel#exec with a command array uses the first element as the command name and the second as the argv[0] value
fails:Kernel#exec with a command array coerces the argument using to_ary
fails:Kernel#exec with a command array raises Argument error if the Array does not have exactly two elements
-fails:Kernel.exec raises an ArgumentError if the command includes a null byte
fails:Kernel.exec raises Errno::EACCES when passed a directory
fails:Kernel.exec with a single argument subjects the specified command to shell expansion
fails:Kernel.exec with a command array uses the first element as the command name and the second as the argv[0] value
View
2  spec/tags/1.9/ruby/core/kernel/exec_tags.txt
@@ -1,11 +1,9 @@
-fails:Kernel#exec raises an ArgumentError if the command includes a null byte
fails:Kernel#exec raises Errno::EACCES when passed a directory
fails:Kernel#exec unsets other environment variables when given a true :unsetenv_others option
fails:Kernel#exec sets the current directory when given the :chdir option
fails:Kernel#exec with a single argument subjects the specified command to shell expansion
fails:Kernel#exec with a command array uses the first element as the command name and the second as the argv[0] value
fails:Kernel#exec with a command array coerces the argument using to_ary
-fails:Kernel.exec raises an ArgumentError if the command includes a null byte
fails:Kernel.exec raises Errno::EACCES when passed a directory
fails:Kernel.exec unsets other environment variables when given a true :unsetenv_others option
fails:Kernel.exec sets the current directory when given the :chdir option
View
13 src/org/jruby/RubyKernel.java
@@ -1755,8 +1755,17 @@ public static IRubyObject _exec_internal(ThreadContext context, IRubyObject recv
private static IRubyObject execCommon(Ruby runtime, IRubyObject env, IRubyObject prog, IRubyObject options, IRubyObject[] args) {
// This is a fairly specific hack for empty string, but it does the job
- if (args.length == 1 && args[0].convertToString().isEmpty()) {
- throw runtime.newErrnoENOENTError(args[0].convertToString().toString());
+ if (args.length == 1) {
+ RubyString command = args[0].convertToString();
+ if (command.isEmpty()) {
+ throw runtime.newErrnoENOENTError(command.toString());
+ } else {
+ for(byte b : command.getBytes()) {
+ if (b == 0x00) {
+ throw runtime.newArgumentError("string contains null byte");
+ }
+ }
+ }
}
ThreadContext context = runtime.getCurrentContext();
Something went wrong with that request. Please try again.