Permalink
Browse files

add tag v1_9_3_426

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/tags/v1_9_3_426@40737 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
  • Loading branch information...
unak committed May 14, 2013
2 parents aa6e981 + bede15a commit e76eb06feb024828034379797129d92522e28516
Showing 3,669 changed files with 21 additions and 1,484,128 deletions.
The diff you're trying to view is too large. We only load the first 3000 changed files.
View
@@ -1,3 +1,11 @@
+Tue May 14 20:25:58 2013 CHIKANAGA Tomoyuki <nagachika@ruby-lang.org>
+
+ * ext/dl/lib/dl/func.rb (DL::Function#call): check tainted when
+ $SAFE > 0.
+ * ext/fiddle/function.c (function_call): check tainted when $SAFE > 0.
+ * test/fiddle/test_func.rb (module Fiddle): add test for above.
+
+
Tue May 14 11:36:22 2013 Shugo Maeda <shugo@ruby-lang.org>
* lib/net/imap.rb (getacl_response): parse the mailbox of an ACL
View
@@ -92,6 +92,9 @@ def call(*args, &block)
super
else
funcs = []
+ if $SAFE >= 1 && args.any? { |x| x.tainted? }
+ raise SecurityError, "tainted parameter not allowed"
+ end
_args = wrap_args(args, @stack.types, funcs, &block)
r = @cfunc.call(@stack.pack(_args))
funcs.each{|f| f.unbind_at_call()}
View
@@ -101,6 +101,15 @@ function_call(int argc, VALUE argv[], VALUE self)
TypedData_Get_Struct(self, ffi_cif, &function_data_type, cif);
+ if (rb_safe_level() >= 1) {
+ for (i = 0; i < argc; i++) {
+ VALUE src = argv[i];
+ if (OBJ_TAINTED(src)) {
+ rb_raise(rb_eSecurityError, "tainted parameter not allowed");
+ }
+ }
+ }
+
values = xcalloc((size_t)argc + 1, (size_t)sizeof(void *));
generic_args = xcalloc((size_t)argc, (size_t)sizeof(fiddle_generic));
View
@@ -1,22 +0,0 @@
-# This file determines which files in the
-# Ruby hierarchy will be processed by the RDoc
-# tool when it is given the top-level directory
-# as an argument
-
-# Process all the C source files
-*.c
-
-# prelude
-prelude.rb
-
-# the lib/ directory (which has its own .document file)
-
-lib
-
-
-# and some of the ext/ directory (which has its own .document file)
-
-ext
-
-# rdoc files
-doc/*.rdoc
Oops, something went wrong.

0 comments on commit e76eb06

Please sign in to comment.