diff options
author | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-09-01 17:34:33 +0000 |
---|---|---|
committer | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-09-01 17:34:33 +0000 |
commit | 3513d07732e00be85d2b3cb49fa9b72a8ed404ec (patch) | |
tree | e4d246b69499f8d4d80e31f3b4782ac70b0549e3 | |
parent | 06042f854ff815c6287bce132ed8e23d2a600a93 (diff) |
merge revision(s) r46547: [Backport #9976]
* hash.c (env_aset, env_has_key, env_assoc, env_has_value),
(env_rassoc, env_key): prohibit tainted strings if $SAFE is
non-zero. [Bug #9976]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@47346 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | hash.c | 14 | ||||
-rw-r--r-- | test/ruby/test_env.rb | 81 | ||||
-rw-r--r-- | version.h | 2 |
4 files changed, 97 insertions, 6 deletions
@@ -1,3 +1,9 @@ +Tue Sep 2 02:21:58 2014 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * hash.c (env_aset, env_has_key, env_assoc, env_has_value), + (env_rassoc, env_key): prohibit tainted strings if $SAFE is + non-zero. [Bug #9976] + Tue Sep 2 02:08:12 2014 Nobuyoshi Nakada <nobu@ruby-lang.org> * signal.c (rb_f_kill): directly enqueue an ignored signal to self, @@ -2876,8 +2876,8 @@ env_aset(VALUE obj, VALUE nm, VALUE val) env_delete(obj, nm); return Qnil; } - StringValue(nm); - StringValue(val); + SafeStringValue(nm); + SafeStringValue(val); name = RSTRING_PTR(nm); value = RSTRING_PTR(val); if (memchr(name, '\0', RSTRING_LEN(nm))) @@ -3372,7 +3372,8 @@ env_has_key(VALUE env, VALUE key) { char *s; - s = StringValuePtr(key); + SafeStringValue(key); + s = RSTRING_PTR(key); if (memchr(s, '\0', RSTRING_LEN(key))) rb_raise(rb_eArgError, "bad environment variable name"); if (getenv(s)) return Qtrue; @@ -3391,7 +3392,8 @@ env_assoc(VALUE env, VALUE key) { char *s, *e; - s = StringValuePtr(key); + SafeStringValue(key); + s = RSTRING_PTR(key); if (memchr(s, '\0', RSTRING_LEN(key))) rb_raise(rb_eArgError, "bad environment variable name"); e = getenv(s); @@ -3413,6 +3415,7 @@ env_has_value(VALUE dmy, VALUE obj) obj = rb_check_string_type(obj); if (NIL_P(obj)) return Qnil; + rb_check_safe_obj(obj); env = GET_ENVIRON(environ); while (*env) { char *s = strchr(*env, '='); @@ -3443,6 +3446,7 @@ env_rassoc(VALUE dmy, VALUE obj) obj = rb_check_string_type(obj); if (NIL_P(obj)) return Qnil; + rb_check_safe_obj(obj); env = GET_ENVIRON(environ); while (*env) { char *s = strchr(*env, '='); @@ -3473,7 +3477,7 @@ env_key(VALUE dmy, VALUE value) char **env; VALUE str; - StringValue(value); + SafeStringValue(value); env = GET_ENVIRON(environ); while (*env) { char *s = strchr(*env, '='); diff --git a/test/ruby/test_env.rb b/test/ruby/test_env.rb index 0ada9606ae..ddbdcf24bc 100644 --- a/test/ruby/test_env.rb +++ b/test/ruby/test_env.rb @@ -451,4 +451,85 @@ class TestEnv < Test::Unit::TestCase end; end end + + def test_taint_aref + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV["FOO".taint] + end.call + end + end + + def test_taint_fetch + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.fetch("FOO".taint) + end.call + end + end + + def test_taint_assoc + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.assoc("FOO".taint) + end.call + end + end + + def test_taint_rassoc + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.rassoc("FOO".taint) + end.call + end + end + + def test_taint_key + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.key("FOO".taint) + end.call + end + end + + def test_taint_key_p + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.key?("FOO".taint) + end.call + end + end + + def test_taint_value_p + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.value?("FOO".taint) + end.call + end + end + + def test_taint_aset_value + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV["FOO"] = "BAR".taint + end.call + end + end + + def test_taint_aset_key + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV["FOO".taint] = "BAR" + end.call + end + end end @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.1.2" #define RUBY_RELEASE_DATE "2014-09-02" -#define RUBY_PATCHLEVEL 217 +#define RUBY_PATCHLEVEL 218 #define RUBY_RELEASE_YEAR 2014 #define RUBY_RELEASE_MONTH 9 |