diff options
| author | suke <suke@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2008-11-06 12:38:49 +0000 |
|---|---|---|
| committer | suke <suke@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2008-11-06 12:38:49 +0000 |
| commit | 696e6a9b7655c5dd32c4468c105e2a471f712cd6 (patch) | |
| tree | dbd4b5fc2e27c72c4bf12028dd22f4032892fc71 | |
| parent | 0ca8c28e4d250e90e368a62fd2cc5edb2098cb90 (diff) | |
* ext/win32ole/win32ole.c (fole_s_connect, fole_initialize,
folevariant_initialize): check argument type of WIN32OLE.connect,
WIN32OLE.new, WIN32OLE_VARIANT.new.
* test/win32ole/test_win32ole.rb (test_s_new_exc, test_s_connect_exc):
ditto.
* test/win32ole/test_win32ole_variant.rb (test_s_new_exc): ditto.
* test/win32ole/test_win32ole_method.rb: add assertion of
WIN32OLE_METHOD.new.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20113 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 14 | ||||
| -rw-r--r-- | ext/win32ole/win32ole.c | 25 | ||||
| -rw-r--r-- | test/win32ole/test_win32ole.rb | 15 | ||||
| -rw-r--r-- | test/win32ole/test_win32ole_method.rb | 3 | ||||
| -rw-r--r-- | test/win32ole/test_win32ole_variant.rb | 6 |
5 files changed, 62 insertions, 1 deletions
@@ -1,3 +1,17 @@ +Thu Nov 6 21:21:46 2008 Masaki Suketa <masaki.suketa@nifty.ne.jp> + + * ext/win32ole/win32ole.c (fole_s_connect, fole_initialize, + folevariant_initialize): check argument type of WIN32OLE.connect, + WIN32OLE.new, WIN32OLE_VARIANT.new. + + * test/win32ole/test_win32ole.rb (test_s_new_exc, test_s_connect_exc): + ditto. + + * test/win32ole/test_win32ole_variant.rb (test_s_new_exc): ditto. + + * test/win32ole/test_win32ole_method.rb: add assertion of + WIN32OLE_METHOD.new. + Tue Nov 4 13:08:01 2008 NAKAMURA Usaku <usa@ruby-lang.org> * lib/test/unit.rb (Test::Unit.setup_argv): now can specify ``-xname'' diff --git a/ext/win32ole/win32ole.c b/ext/win32ole/win32ole.c index 9d919e02da..da9421a421 100644 --- a/ext/win32ole/win32ole.c +++ b/ext/win32ole/win32ole.c @@ -128,7 +128,7 @@ const IID IID_IMultiLanguage2 = {0xDCCFC164, 0x2B38, 0x11d2, {0xB7, 0xEC, 0x00, #define WC2VSTR(x) ole_wc2vstr((x), TRUE) -#define WIN32OLE_VERSION "1.3.8" +#define WIN32OLE_VERSION "1.3.9" typedef HRESULT (STDAPICALLTYPE FNCOCREATEINSTANCEEX) (REFCLSID, IUnknown*, DWORD, COSERVERINFO*, DWORD, MULTI_QI*); @@ -2733,6 +2733,7 @@ fole_s_connect(int argc, VALUE *argv, VALUE self) ole_initialize(); rb_scan_args(argc, argv, "1*", &svr_name, &others); + Check_SafeStr(svr_name); if (rb_safe_level() > 0 && OBJ_TAINTED(svr_name)) { rb_raise(rb_eSecurityError, "Insecure Object Connection - %s", StringValuePtr(svr_name)); @@ -3220,11 +3221,13 @@ fole_initialize(int argc, VALUE *argv, VALUE self) rb_call_super(0, 0); rb_scan_args(argc, argv, "11*", &svr_name, &host, &others); + Check_SafeStr(svr_name); if (rb_safe_level() > 0 && OBJ_TAINTED(svr_name)) { rb_raise(rb_eSecurityError, "Insecure Object Creation - %s", StringValuePtr(svr_name)); } if (!NIL_P(host)) { + Check_SafeStr(host); if (rb_safe_level() > 0 && OBJ_TAINTED(host)) { rb_raise(rb_eSecurityError, "Insecure Object Creation - %s", StringValuePtr(svr_name)); @@ -8621,6 +8624,26 @@ folevariant_initialize(VALUE self, VALUE args) } VariantInit(&var); val = rb_ary_entry(args, 0); + + if(!rb_obj_is_kind_of(val, cWIN32OLE) && + !rb_obj_is_kind_of(val, cWIN32OLE_VARIANT) && + !rb_obj_is_kind_of(val, rb_cTime)) { + switch (TYPE(val)) { + case T_ARRAY: + case T_STRING: + case T_FIXNUM: + case T_BIGNUM: + case T_FLOAT: + case T_TRUE: + case T_FALSE: + case T_NIL: + break; + default: + rb_raise(rb_eTypeError, "can not convert WIN32OLE_VARIANT from type %s", + rb_obj_classname(val)); + } + } + Data_Get_Struct(self, struct olevariantdata, pvar); if (len == 1) { ole_val2variant(val, &(pvar->var)); diff --git a/test/win32ole/test_win32ole.rb b/test/win32ole/test_win32ole.rb index 983c47929e..b946aa6ff0 100644 --- a/test/win32ole/test_win32ole.rb +++ b/test/win32ole/test_win32ole.rb @@ -153,6 +153,15 @@ if defined?(WIN32OLE) assert_instance_of(WIN32OLE, @dict2) end + def test_s_new_exc + assert_raise(TypeError) { + WIN32OLE.new(1) + } + assert_raise(TypeError) { + WIN32OLE.new("Scripting.Dictionary", 1) + } + end + def test_s_new_DCOM rshell = WIN32OLE.new("Shell.Application") assert_instance_of(WIN32OLE, rshell) @@ -172,6 +181,12 @@ if defined?(WIN32OLE) assert_instance_of(WIN32OLE, obj) end + def test_s_connect_exc + assert_raise(TypeError) { + WIN32OLE.connect(1) + } + end + def test_invoke_accept_symbol_hash_key fso = WIN32OLE.new('Scripting.FileSystemObject') afolder = fso.getFolder(".") diff --git a/test/win32ole/test_win32ole_method.rb b/test/win32ole/test_win32ole_method.rb index 161b10233f..f2ed0c622c 100644 --- a/test/win32ole/test_win32ole_method.rb +++ b/test/win32ole/test_win32ole_method.rb @@ -24,6 +24,9 @@ if defined?(WIN32OLE_METHOD) def test_initialize ole_type = WIN32OLE_TYPE.new("Microsoft Shell Controls And Automation", "Shell") + assert_raise(TypeError) { + WIN32OLE_METHOD.new(1, 2) + } assert_raise(ArgumentError) { method = WIN32OLE_METHOD.new("foo") } diff --git a/test/win32ole/test_win32ole_variant.rb b/test/win32ole/test_win32ole_variant.rb index 1226e0de50..af3876837d 100644 --- a/test/win32ole/test_win32ole_variant.rb +++ b/test/win32ole/test_win32ole_variant.rb @@ -18,6 +18,12 @@ if defined?(WIN32OLE_VARIANT) assert_instance_of(WIN32OLE_VARIANT, obj) end + def test_s_new_exc + assert_raise(TypeError) { + WIN32OLE_VARIANT.new(/foo/) + } + end + def test_s_new_no_argument ex = nil begin |