diff options
author | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2013-05-14 11:27:08 +0000 |
---|---|---|
committer | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2013-05-14 11:27:08 +0000 |
commit | bede15ac5e701ed08f3fc64c2dba03d3f393c652 (patch) | |
tree | 1326c625c233ba2554043203a7697f5e3d4c49e5 /ext/fiddle | |
parent | 1b1fdc3c09d4bbe18c2d71daeb25257d10221e3f (diff) |
merge revision(s) 40728:
* ext/dl/lib/dl/func.rb (DL::Function#call): check tainted when
$SAFE > 0.
* ext/fiddle/function.c (function_call): check tainted when $SAFE > 0.
* test/fiddle/test_func.rb (module Fiddle): add test for above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_3@40732 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ext/fiddle')
-rw-r--r-- | ext/fiddle/function.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/ext/fiddle/function.c b/ext/fiddle/function.c index ada37a4942..52f7695eb7 100644 --- a/ext/fiddle/function.c +++ b/ext/fiddle/function.c @@ -101,6 +101,15 @@ function_call(int argc, VALUE argv[], VALUE self) TypedData_Get_Struct(self, ffi_cif, &function_data_type, cif); + if (rb_safe_level() >= 1) { + for (i = 0; i < argc; i++) { + VALUE src = argv[i]; + if (OBJ_TAINTED(src)) { + rb_raise(rb_eSecurityError, "tainted parameter not allowed"); + } + } + } + values = xcalloc((size_t)argc + 1, (size_t)sizeof(void *)); generic_args = xcalloc((size_t)argc, (size_t)sizeof(fiddle_generic)); |