diff options
author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-05-16 00:25:18 +0000 |
---|---|---|
committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-05-16 00:25:18 +0000 |
commit | 1b3beecb548cc2f28fdd4ecf92f3a976b84ad675 (patch) | |
tree | 51b0f27454080680af25950650be7e311c44d477 /re.c | |
parent | bb73409497858cb684999af86bd2832be43d2c76 (diff) |
* re.c (rb_reg_initialize): should not modify untainted objects in
safe levels higher than 3.
* re.c (rb_memcmp): type change from char* to const void*.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@10156 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 're.c')
-rw-r--r-- | re.c | 15 |
1 files changed, 9 insertions, 6 deletions
@@ -70,10 +70,11 @@ static const char casetable[] = { #endif int -rb_memcicmp(p1, p2, len) - char *p1, *p2; +rb_memcicmp(x, y, len) + const void *x, *y; long len; { + const unsigned char *p1 = x, *p2 = y; int tmp; while (len--) { @@ -85,7 +86,7 @@ rb_memcicmp(p1, p2, len) int rb_memcmp(p1, p2, len) - char *p1, *p2; + const void *p1, *p2; long len; { if (!ruby_ignorecase) { @@ -96,11 +97,11 @@ rb_memcmp(p1, p2, len) long rb_memsearch(x0, m, y0, n) - char *x0, *y0; + const void *x0, *y0; long m, n; { - unsigned char *x = (unsigned char *)x0, *y = (unsigned char *)y0; - unsigned char *s, *e; + const unsigned char *x = (unsigned char *)x0, *y = (unsigned char *)y0; + const unsigned char *s, *e; long i; int d; unsigned long hx, hy; @@ -1332,6 +1333,8 @@ rb_reg_initialize(obj, s, len, options) { struct RRegexp *re = RREGEXP(obj); + if (!OBJ_TAINTED(obj) && rb_safe_level() >= 4) + rb_raise(rb_eSecurityError, "Insecure: can't modify regexp"); if (re->ptr) re_free_pattern(re->ptr); if (re->str) free(re->str); re->ptr = 0; |