summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--ext/Win32API/Win32API.c31
-rw-r--r--version.h4
3 files changed, 32 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index 48b28d3..87bee36 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -7,6 +7,9 @@ Wed Aug 30 11:31:47 2000 Nobuyoshi Nakada <nobu.nakada@nifty.ne.jp>
* ext/Win32API/Win32API.c (Win32API_initialize): add the
arguments checking.
+ * ext/Win32API/Win32API.c (Win32API_initialize): add taint
+ checking. allow String object in the third argument.
+
Wed Aug 30 10:29:40 2000 Masahiro Tomita <tommy@tmtm.org>
* io.c (rb_f_p): flush output buffer.
diff --git a/ext/Win32API/Win32API.c b/ext/Win32API/Win32API.c
index d62e60e..6558e38 100644
--- a/ext/Win32API/Win32API.c
+++ b/ext/Win32API/Win32API.c
@@ -48,10 +48,13 @@ Win32API_initialize(self, dllname, proc, import, export)
VALUE str;
VALUE a_import;
VALUE *ptr;
+ char *s;
int i;
int len;
int ex;
+ Check_SafeStr(dllname);
+ Check_SafeStr(proc);
hdll = LoadLibrary(RSTRING(dllname)->ptr);
if (!hdll)
rb_raise(rb_eRuntimeError, "LoadLibrary: %s\n", RSTRING(dllname)->ptr);
@@ -70,11 +73,13 @@ Win32API_initialize(self, dllname, proc, import, export)
rb_iv_set(self, "__proc__", UINT2NUM((unsigned long)hproc));
a_import = rb_ary_new();
- if (!NIL_P(import)) {
- Check_Type(import, T_ARRAY);
+ switch (TYPE(import)) {
+ case T_NIL:
+ break;
+ case T_ARRAY:
ptr = RARRAY(import)->ptr;
for (i = 0, len = RARRAY(import)->len; i < len; i++) {
- Check_Type(ptr[i], T_STRING);
+ Check_SafeStr(ptr[i]);
switch (*(char *)RSTRING(ptr[i])->ptr) {
case 'N': case 'n': case 'L': case 'l':
rb_ary_push(a_import, INT2FIX(_T_NUMBER));
@@ -87,13 +92,31 @@ Win32API_initialize(self, dllname, proc, import, export)
break;
}
}
+ break;
+ default:
+ Check_SafeStr(import);
+ s = RSTRING(import)->ptr;
+ for (i = 0, len = RSTRING(import)->len; i < len; i++) {
+ switch (*s++) {
+ case 'N': case 'n': case 'L': case 'l':
+ rb_ary_push(a_import, INT2FIX(_T_NUMBER));
+ break;
+ case 'P': case 'p':
+ rb_ary_push(a_import, INT2FIX(_T_POINTER));
+ break;
+ case 'I': case 'i':
+ rb_ary_push(a_import, INT2FIX(_T_INTEGER));
+ break;
+ }
+ }
+ break;
}
rb_iv_set(self, "__import__", a_import);
if (NIL_P(export)) {
ex = _T_VOID;
} else {
- Check_Type(export, T_STRING);
+ Check_SafeStr(export);
switch (*RSTRING(export)->ptr) {
case 'V': case 'v':
ex = _T_VOID;
diff --git a/version.h b/version.h
index 4008e6b..5fcfd6e 100644
--- a/version.h
+++ b/version.h
@@ -1,4 +1,4 @@
#define RUBY_VERSION "1.6.0"
-#define RUBY_RELEASE_DATE "2000-08-29"
+#define RUBY_RELEASE_DATE "2000-08-30"
#define RUBY_VERSION_CODE 160
-#define RUBY_RELEASE_CODE 20000829
+#define RUBY_RELEASE_CODE 20000830