diff options
Diffstat (limited to 'ext/fiddle/function.c')
-rw-r--r-- | ext/fiddle/function.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/ext/fiddle/function.c b/ext/fiddle/function.c index c184c78663..eecd755f1f 100644 --- a/ext/fiddle/function.c +++ b/ext/fiddle/function.c @@ -126,6 +126,15 @@ function_call(int argc, VALUE argv[], VALUE self) TypedData_Get_Struct(self, ffi_cif, &function_data_type, cif); + if (rb_safe_level() >= 1) { + for (i = 0; i < argc; i++) { + VALUE src = argv[i]; + if (OBJ_TAINTED(src)) { + rb_raise(rb_eSecurityError, "tainted parameter not allowed"); + } + } + } + values = xcalloc((size_t)argc + 1, (size_t)sizeof(void *)); generic_args = xcalloc((size_t)argc, (size_t)sizeof(fiddle_generic)); |