summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoryugui <yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2009-05-11 15:07:00 +0000
committeryugui <yugui@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2009-05-11 15:07:00 +0000
commit7269e3de3cee3bbb6ab77fc708f3a10cab00b65e (patch)
tree2e53fabc3395503e360f9e96347dae5d679280ed
parentfa0c48186e87e596c5082a6516f74b2158396013 (diff)
* ext/dl/lib/dl/func.rb (DL::Function#call): prevents
passing tainted arguments to a C function. Patch by sheepman <sheepman AT sheepman.sakura.ne.jp>. * ext/dl/lib/dl/func.rb (DL::Function#check_safe_obj): new method for checking #call's arguments. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_1@23404 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r--ChangeLog9
-rw-r--r--ext/dl/lib/dl/func.rb8
2 files changed, 17 insertions, 0 deletions
diff --git a/ChangeLog b/ChangeLog
index 80b1f0ff40..1de38d3638 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+Mon May 11 22:33:46 2009 Yuki Sonoda (Yugui) <yugui@yugui.jp>
+
+ * ext/dl/lib/dl/func.rb (DL::Function#call): prevents
+ passing tainted arguments to a C function.
+ Patch by sheepman <sheepman AT sheepman.sakura.ne.jp>.
+
+ * ext/dl/lib/dl/func.rb (DL::Function#check_safe_obj):
+ new method for checking #call's arguments.
+
Tue Mar 10 04:53:16 2009 Nobuyoshi Nakada <nobu@ruby-lang.org>
* configure.in (MINIRUBY): keep macro into Makefile.
diff --git a/ext/dl/lib/dl/func.rb b/ext/dl/lib/dl/func.rb
index b29aebcc8b..a2e6d40fbe 100644
--- a/ext/dl/lib/dl/func.rb
+++ b/ext/dl/lib/dl/func.rb
@@ -25,8 +25,16 @@ module DL
@cfunc.to_i
end
+ def check_safe_obj(val)
+ if $SAFE > 0 and val.tainted?
+ raise SecurityError, 'Insecure operation'
+ end
+ end
+
def call(*args, &block)
funcs = []
+ args.each{|e| check_safe_obj(e) }
+ check_safe_obj(block)
args = wrap_args(args, @stack.types, funcs, &block)
r = @cfunc.call(@stack.pack(args))
funcs.each{|f| f.unbind_at_call()}