diff options
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | string.c | 16 | ||||
-rw-r--r-- | test/ruby/test_string.rb | 8 |
3 files changed, 29 insertions, 1 deletions
@@ -1,3 +1,9 @@ +Fri Dec 12 10:49:18 2014 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * string.c (rb_str_crypt): check arguments more strictly. + * crypt() is not for wide char strings + * salt bytes should not be NUL + Fri Dec 12 08:16:01 2014 Matt Hoyle <matt@deployable.co> * io.c (io_read) Fix spelling in docco for read. [Fix GH-781] @@ -179,6 +179,15 @@ mustnot_broken(VALUE str) } } +static void +mustnot_wchar(VALUE str) +{ + rb_encoding *enc = STR_ENC_GET(str); + if (rb_enc_mbminlen(enc) > 1) { + rb_raise(rb_eArgError, "wide char encoding: %s", rb_enc_name(enc)); + } +} + static int fstring_cmp(VALUE a, VALUE b); /* in case we restart MVM development, this needs to be per-VM */ @@ -7629,12 +7638,17 @@ rb_str_crypt(VALUE str, VALUE salt) #endif StringValue(salt); - if (RSTRING_LEN(salt) < 2) + mustnot_wchar(str); + mustnot_wchar(salt); + if (RSTRING_LEN(salt) < 2) { + short_salt: rb_raise(rb_eArgError, "salt too short (need >=2 bytes)"); + } s = RSTRING_PTR(str); if (!s) s = ""; saltp = RSTRING_PTR(salt); + if (!saltp[0] || !saltp[1]) goto short_salt; #ifdef BROKEN_CRYPT if (!ISASCII((unsigned char)saltp[0]) || !ISASCII((unsigned char)saltp[1])) { salt_8bit_clean[0] = saltp[0] & 0x7f; diff --git a/test/ruby/test_string.rb b/test/ruby/test_string.rb index 1285a1c120..bb24f508d3 100644 --- a/test/ruby/test_string.rb +++ b/test/ruby/test_string.rb @@ -504,6 +504,14 @@ class TestString < Test::Unit::TestCase def test_crypt assert_equal(S('aaGUC/JkO9/Sc'), S("mypassword").crypt(S("aa"))) assert_not_equal(S('aaGUC/JkO9/Sc'), S("mypassword").crypt(S("ab"))) + assert_raise(ArgumentError) {S("mypassword").crypt(S(""))} + assert_raise(ArgumentError) {S("mypassword").crypt(S("\0a"))} + assert_raise(ArgumentError) {S("mypassword").crypt(S("a\0"))} + [Encoding::UTF_16BE, Encoding::UTF_16LE, + Encoding::UTF_32BE, Encoding::UTF_32LE].each do |enc| + assert_raise(ArgumentError) {S("mypassword").crypt(S("aa".encode(enc)))} + assert_raise(ArgumentError) {S("mypassword".encode(enc)).crypt(S("aa"))} + end end def test_delete |