summaryrefslogtreecommitdiff
path: root/object.c
diff options
context:
space:
mode:
authormatz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2005-07-19 08:25:39 +0000
committermatz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2005-07-19 08:25:39 +0000
commit5b7e24d744340345c11578911e3f1fa4ab0fb9cc (patch)
treee91a96aa41166abd1bd8c531fb548999fde63869 /object.c
parent0a5aab8679ca7d876f064f8fa1633d92a30cc346 (diff)
* io.c (rb_io_inspect): replace sprintf() with "%s" format all
over the place by snprintf() to avoid integer overflow. * sample/svr.rb: service can be stopped by ill-behaved client; use tsvr.rb instead. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@8799 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'object.c')
-rw-r--r--object.c17
1 files changed, 11 insertions, 6 deletions
diff --git a/object.c b/object.c
index b250b52..27af5b3 100644
--- a/object.c
+++ b/object.c
@@ -354,10 +354,12 @@ rb_any_to_s(obj)
VALUE obj;
{
char *cname = rb_obj_classname(obj);
+ size_t len;
VALUE str;
- str = rb_str_new(0, strlen(cname)+6+16+1); /* 6:tags 16:addr 1:nul */
- sprintf(RSTRING(str)->ptr, "#<%s:0x%lx>", cname, obj);
+ len = strlen(cname)+6+16+1;
+ str = rb_str_new(0, len); /* 6:tags 16:addr 1:nul */
+ snprintf(RSTRING(str)->ptr, len, "#<%s:0x%lx>", cname, obj);
RSTRING(str)->len = strlen(RSTRING(str)->ptr);
if (OBJ_TAINTED(obj)) OBJ_TAINT(str);
@@ -433,17 +435,20 @@ rb_obj_inspect(obj)
&& ROBJECT(obj)->iv_tbl
&& ROBJECT(obj)->iv_tbl->num_entries > 0) {
VALUE str;
+ size_t len;
char *c;
c = rb_obj_classname(obj);
if (rb_inspecting_p(obj)) {
- str = rb_str_new(0, strlen(c)+10+16+1); /* 10:tags 16:addr 1:nul */
- sprintf(RSTRING(str)->ptr, "#<%s:0x%lx ...>", c, obj);
+ len = strlen(c)+10+16+1;
+ str = rb_str_new(0, len); /* 10:tags 16:addr 1:nul */
+ snprintf(RSTRING(str)->ptr, len, "#<%s:0x%lx ...>", c, obj);
RSTRING(str)->len = strlen(RSTRING(str)->ptr);
return str;
}
- str = rb_str_new(0, strlen(c)+6+16+1); /* 6:tags 16:addr 1:nul */
- sprintf(RSTRING(str)->ptr, "-<%s:0x%lx", c, obj);
+ len = strlen(c)+6+16+1;
+ str = rb_str_new(0, len); /* 6:tags 16:addr 1:nul */
+ snprintf(RSTRING(str)->ptr, len, "-<%s:0x%lx", c, obj);
RSTRING(str)->len = strlen(RSTRING(str)->ptr);
return rb_protect_inspect(inspect_obj, obj, str);
}