diff options
author | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-12-16 12:08:49 +0000 |
---|---|---|
committer | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-12-16 12:08:49 +0000 |
commit | 79c7a51893e1c8b95d98728feb7c75bc31671ed8 (patch) | |
tree | 97a2de4140f10c60d5b748c38e2ad3b060330b3a /test/fiddle | |
parent | ed57f299b243842e4e874189771d93340aaadddc (diff) |
* ext/fiddle/handle.c: check tainted string arguments.
Patch provided by tenderlove and nobu.
* test/fiddle/test_handle.rb (class TestHandle): add test for above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53153 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/fiddle')
-rw-r--r-- | test/fiddle/test_handle.rb | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/test/fiddle/test_handle.rb b/test/fiddle/test_handle.rb index f14357c6cb..fecf366f4f 100644 --- a/test/fiddle/test_handle.rb +++ b/test/fiddle/test_handle.rb @@ -10,6 +10,23 @@ module Fiddle include Test::Unit::Assertions + def test_safe_handle_open + t = Thread.new do + $SAFE = 1 + Fiddle::Handle.new(LIBC_SO.taint) + end + assert_raise(SecurityError) { t.value } + end + + def test_safe_function_lookup + t = Thread.new do + h = Fiddle::Handle.new(LIBC_SO) + $SAFE = 1 + h["qsort".taint] + end + assert_raise(SecurityError) { t.value } + end + def test_to_i handle = Fiddle::Handle.new(LIBC_SO) assert_kind_of Integer, handle.to_i |