diff options
-rw-r--r-- | ChangeLog | 13 | ||||
-rw-r--r-- | ext/bigdecimal/bigdecimal.c | 3 | ||||
-rw-r--r-- | intern.h | 1 | ||||
-rw-r--r-- | io.c | 7 | ||||
-rw-r--r-- | lib/complex.rb | 10 | ||||
-rw-r--r-- | lib/net/smtp.rb | 4 | ||||
-rw-r--r-- | ruby.h | 2 |
7 files changed, 30 insertions, 10 deletions
@@ -1,8 +1,20 @@ +Tue Jul 29 16:38:44 2003 Yukihiro Matsumoto <matz@ruby-lang.org> + + * lib/net/smtp.rb (Net::SMTP::send0): add taint check. + Tue Jul 29 15:41:02 2003 WATANABE Hirofumi <eban@ruby-lang.org> * instruby.rb (install): preserve the timestamp for Mac OS X ranlib problem. +Tue Jul 29 01:14:51 2003 Rick Ohnemus <rick_ohnemus@acm.org> + + * ruby.h (LLONG_MIN): wrong value. + +Mon Jul 28 22:57:52 2003 Yukihiro Matsumoto <matz@ruby-lang.org> + + * io.c (rb_f_getc): $stdin may not be IO. [ruby-dev:20973] + Tue Jul 29 12:22:28 2003 why the lucky stiff <ruby-cvs@whytheluckystiff.net> * ext/syck/token.c: prefixed many constants and definitions @@ -43,6 +55,7 @@ Mon Jul 28 18:53:03 2003 WATANABE Hirofumi <eban@ruby-lang.org> * ext/openssl/extconf.rb: check again after pkg-config for MinGW on Cygwin. +>>>>>>> 1.1963 Mon Jul 28 15:32:04 2003 Yukihiro Matsumoto <matz@ruby-lang.org> * ext/stringio/stringio.c (strio_gets): only "gets" should set $_. diff --git a/ext/bigdecimal/bigdecimal.c b/ext/bigdecimal/bigdecimal.c index 542f9ab520..d01dbc4f5d 100644 --- a/ext/bigdecimal/bigdecimal.c +++ b/ext/bigdecimal/bigdecimal.c @@ -31,6 +31,7 @@ * */ +#include "ruby.h" #include <ctype.h> #include <stdio.h> #include <stdlib.h> @@ -38,8 +39,6 @@ #include <errno.h> #include <float.h> #include <math.h> -#include "ruby.h" -#include "math.h" #include "version.h" /* #define ENABLE_NUMERIC_STRING */ @@ -249,6 +249,7 @@ VALUE rb_hash_delete _((VALUE,VALUE)); int rb_path_check _((char*)); int rb_env_path_tainted _((void)); /* io.c */ +#define rb_defout rb_stdout RUBY_EXTERN VALUE rb_fs; RUBY_EXTERN VALUE rb_output_fs; RUBY_EXTERN VALUE rb_rs; @@ -94,7 +94,7 @@ VALUE rb_cIO; VALUE rb_eEOFError; VALUE rb_eIOError; -VALUE rb_stdin, rb_stdout, rb_stderr; +VALUE rb_stdin, rb_stdout, rb_stderr, rb_defout; static VALUE orig_stdout, orig_stderr; VALUE rb_output_fs; @@ -3180,6 +3180,9 @@ static VALUE rb_f_getc() { rb_warn("getc is obsolete; use STDIN.getc instead"); + if (TYPE(rb_stdin) != T_FILE) { + return rb_funcall3(rb_stdin, rb_intern("getc"), 0, 0); + } return rb_io_getc(rb_stdin); } @@ -4134,7 +4137,7 @@ Init_IO() rb_stderr = prep_stdio(stderr, FMODE_WRITABLE, rb_cIO); rb_define_hooked_variable("$stderr", &rb_stderr, 0, set_output_var); rb_define_hooked_variable("$>", &rb_stdout, 0, set_output_var); - orig_stdout = rb_stdout; + rb_defout = orig_stdout = rb_stdout; orig_stderr = rb_stderr; /* variables to be removed in 1.8.1 */ diff --git a/lib/complex.rb b/lib/complex.rb index 3d761beb6b..9b5419ba61 100644 --- a/lib/complex.rb +++ b/lib/complex.rb @@ -75,14 +75,14 @@ class Complex < Numeric end def initialize(a, b) - raise "non numeric 1st arg `#{a.inspect}'" if !a.kind_of? Numeric - raise "`#{a.inspect}' for 1st arg" if a.kind_of? Complex - raise "non numeric 2nd arg `#{b.inspect}'" if !b.kind_of? Numeric - raise "`#{b.inspect}' for 2nd arg" if b.kind_of? Complex + raise TypeError, "non numeric 1st arg `#{a.inspect}'" if !a.kind_of? Numeric + raise TypeError, "`#{a.inspect}' for 1st arg" if a.kind_of? Complex + raise TypeError, "non numeric 2nd arg `#{b.inspect}'" if !b.kind_of? Numeric + raise TypeError, "`#{b.inspect}' for 2nd arg" if b.kind_of? Complex @real = a @image = b end - + # # Addition with real or complex number. # diff --git a/lib/net/smtp.rb b/lib/net/smtp.rb index 240b41d6c7..3991eb18b8 100644 --- a/lib/net/smtp.rb +++ b/lib/net/smtp.rb @@ -490,6 +490,10 @@ module Net def send0( from_addr, to_addrs ) raise IOError, "closed session" unless @socket raise ArgumentError, 'mail destination does not given' if to_addrs.empty? + raise SecurityError, 'tainted from_addr' if from_addr.tainted? + to_addrs.each{|to| + raise SecurityError, 'tainted to_addr' if to.tainted? + } mailfrom from_addr to_addrs.each do |to| @@ -109,7 +109,7 @@ typedef unsigned long ID; # define LLONG_MIN LONG_LONG_MIN # else # ifdef _I64_MIN -# define LLONG_MIN _I64_MAX +# define LLONG_MIN _I64_MIX # else # define LLONG_MIN (-LLONG_MAX-1) # endif |