diff options
| author | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-02-14 20:05:04 +0000 |
|---|---|---|
| committer | naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2012-02-14 20:05:04 +0000 |
| commit | 0c8cfb4eabc5c00e17439a61d274e8c74eefeef2 (patch) | |
| tree | 7d34f209a3c7c3446d87335c0e5cd400aa23ec4a | |
| parent | 44d3cf03fd13ba0d83aca858cc53e71b71958354 (diff) | |
merge revision(s) 32720: [Backport #6015]
* ext/dl/cptr.c (rb_dlptr_aref, rb_dlptr_aset): check NULL pointer
dereference.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_3@34603 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | ext/dl/cptr.c | 16 | ||||
| -rw-r--r-- | test/dl/test_cptr.rb | 6 | ||||
| -rw-r--r-- | version.h | 2 |
4 files changed, 22 insertions, 7 deletions
@@ -1,4 +1,7 @@ -Wed Feb 15 05:03:41 2012 Masatoshi SEKI <m_seki@mva.biglobe.ne.jp> +Wed Feb 15 05:04:47 2012 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * ext/dl/cptr.c (rb_dlptr_aref, rb_dlptr_aset): check NULL pointer + dereference. * test/rinda/test_rinda.rb: decrease the code that depends on timing. [Bug #372] [Bug #4160] diff --git a/ext/dl/cptr.c b/ext/dl/cptr.c index 478fb7126e..0f6271fd8e 100644 --- a/ext/dl/cptr.c +++ b/ext/dl/cptr.c @@ -487,16 +487,19 @@ rb_dlptr_aref(int argc, VALUE argv[], VALUE self) VALUE arg0, arg1; VALUE retval = Qnil; size_t offset, len; + struct ptr_data *data; + TypedData_Get_Struct(self, struct ptr_data, &dlptr_data_type, data); + if (!data->ptr) rb_raise(rb_eDLError, "NULL pointer dereference"); switch( rb_scan_args(argc, argv, "11", &arg0, &arg1) ){ case 1: offset = NUM2ULONG(arg0); - retval = INT2NUM(*((char*)RPTR_DATA(self)->ptr + offset)); + retval = INT2NUM(*((char *)data->ptr + offset)); break; case 2: offset = NUM2ULONG(arg0); len = NUM2ULONG(arg1); - retval = rb_tainted_str_new((char *)RPTR_DATA(self)->ptr + offset, len); + retval = rb_tainted_str_new((char *)data->ptr + offset, len); break; default: rb_bug("rb_dlptr_aref()"); @@ -520,17 +523,20 @@ rb_dlptr_aset(int argc, VALUE argv[], VALUE self) VALUE retval = Qnil; size_t offset, len; void *mem; + struct ptr_data *data; + TypedData_Get_Struct(self, struct ptr_data, &dlptr_data_type, data); + if (!data->ptr) rb_raise(rb_eDLError, "NULL pointer dereference"); switch( rb_scan_args(argc, argv, "21", &arg0, &arg1, &arg2) ){ case 2: offset = NUM2ULONG(arg0); - ((char*)RPTR_DATA(self)->ptr)[offset] = NUM2UINT(arg1); + ((char*)data->ptr)[offset] = NUM2UINT(arg1); retval = arg1; break; case 3: offset = NUM2ULONG(arg0); len = NUM2ULONG(arg1); - if( TYPE(arg2) == T_STRING ){ + if (RB_TYPE_P(arg2, T_STRING)) { mem = StringValuePtr(arg2); } else if( rb_obj_is_kind_of(arg2, rb_cDLCPtr) ){ @@ -539,7 +545,7 @@ rb_dlptr_aset(int argc, VALUE argv[], VALUE self) else{ mem = NUM2PTR(arg2); } - memcpy((char *)RPTR_DATA(self)->ptr + offset, mem, len); + memcpy((char *)data->ptr + offset, mem, len); retval = arg2; break; default: diff --git a/test/dl/test_cptr.rb b/test/dl/test_cptr.rb index 953af286e1..c3793859d7 100644 --- a/test/dl/test_cptr.rb +++ b/test/dl/test_cptr.rb @@ -212,5 +212,11 @@ module DL assert_equal ptr3.to_i, ptr[0,2] = ptr3.to_i check.call(str, ptr) end + + def test_null_pointer + nullpo = CPtr.new(0) + assert_raise(DLError) {nullpo[0]} + assert_raise(DLError) {nullpo[0] = 1} + end end end @@ -1,5 +1,5 @@ #define RUBY_VERSION "1.9.3" -#define RUBY_PATCHLEVEL 113 +#define RUBY_PATCHLEVEL 114 #define RUBY_RELEASE_DATE "2012-02-15" #define RUBY_RELEASE_YEAR 2012 |