diff options
Diffstat (limited to 'lib/net/smtp.rb')
| -rw-r--r-- | lib/net/smtp.rb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/net/smtp.rb b/lib/net/smtp.rb index 240b41d6c7..3991eb18b8 100644 --- a/lib/net/smtp.rb +++ b/lib/net/smtp.rb @@ -490,6 +490,10 @@ module Net def send0( from_addr, to_addrs ) raise IOError, "closed session" unless @socket raise ArgumentError, 'mail destination does not given' if to_addrs.empty? + raise SecurityError, 'tainted from_addr' if from_addr.tainted? + to_addrs.each{|to| + raise SecurityError, 'tainted to_addr' if to.tainted? + } mailfrom from_addr to_addrs.each do |to| |