From e3b9424dfa99b6027d6a7c370eaa62db369cef6d Mon Sep 17 00:00:00 2001 From: yugui Date: Fri, 2 Jul 2010 10:14:05 +0000 Subject: * io.c (argf_inplace_mode_set): prohibits an assignment of a tainted value. Patch by unak. * util.c, file.c: prevents a buffer over-run on windows. Patch by unak. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_1@28522 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 8 ++++ file.c | 149 +++++++++++++++++++++++++++++++++++++++++++------------------- io.c | 3 ++ util.c | 94 +++++++++++++++++++++------------------ version.h | 6 +-- 5 files changed, 169 insertions(+), 91 deletions(-) diff --git a/ChangeLog b/ChangeLog index 78032569d3..52b02d1180 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,11 @@ +Fri Jul 2 19:07:09 2010 Yuki Sonoda (Yugui) + + * io.c (argf_inplace_mode_set): prohibits an assignment + of a tainted value. Patch by unak. + + * util.c, file.c: prevents a buffer over-run on windows. + Patch by unak. + Wed May 26 13:27:18 2010 Yuki Sonoda (Yugui) * random.c: refactoring. diff --git a/file.c b/file.c index 553919a574..0973df8901 100644 --- a/file.c +++ b/file.c @@ -2982,36 +2982,15 @@ rmext(const char *p, int l1, const char *e) return 0; } -/* - * call-seq: - * File.basename(file_name [, suffix] ) -> base_name - * - * Returns the last component of the filename given in file_name, - * which must be formed using forward slashes (``/'') - * regardless of the separator used on the local file system. If - * suffix is given and present at the end of file_name, - * it is removed. - * - * File.basename("/home/gumby/work/ruby.rb") #=> "ruby.rb" - * File.basename("/home/gumby/work/ruby.rb", ".rb") #=> "ruby" - */ - -static VALUE -rb_file_s_basename(int argc, VALUE *argv) +const char * +ruby_find_basename(const char *name, long *len, long *ext) { - VALUE fname, fext, basename; - const char *name, *p; + const char *p; #if defined DOSISH_DRIVE_LETTER || defined DOSISH_UNC const char *root; #endif - int f, n; + long f, n = -1; - if (rb_scan_args(argc, argv, "11", &fname, &fext) == 2) { - StringValue(fext); - } - FilePathStringValue(fname); - if (RSTRING_LEN(fname) == 0 || !*(name = RSTRING_PTR(fname))) - return rb_str_new_shared(fname); name = skipprefix(name); #if defined DOSISH_DRIVE_LETTER || defined DOSISH_UNC root = name; @@ -3050,11 +3029,57 @@ rb_file_s_basename(int argc, VALUE *argv) #else n = chompdirsep(p) - p; #endif + } + + if (len) + *len = f; + if (ext) + *ext = n; + return p; +} + +/* + * call-seq: + * File.basename(file_name [, suffix] ) -> base_name + * + * Returns the last component of the filename given in file_name, + * which must be formed using forward slashes (``/'') + * regardless of the separator used on the local file system. If + * suffix is given and present at the end of file_name, + * it is removed. + * + * File.basename("/home/gumby/work/ruby.rb") #=> "ruby.rb" + * File.basename("/home/gumby/work/ruby.rb", ".rb") #=> "ruby" + */ + +static VALUE +rb_file_s_basename(int argc, VALUE *argv) +{ + VALUE fname, fext, basename; + const char *name, *p; + long f, n; + + if (rb_scan_args(argc, argv, "11", &fname, &fext) == 2) { + rb_encoding *enc; + StringValue(fext); + if (!rb_enc_asciicompat(enc = rb_enc_get(fext))) { + rb_raise(rb_eEncCompatError, "ascii incompatible character encodings: %s", + rb_enc_name(enc)); + } + } + FilePathStringValue(fname); + if (!NIL_P(fext)) rb_enc_check(fname, fext); + if (RSTRING_LEN(fname) == 0 || !*(name = RSTRING_PTR(fname))) + return rb_str_new_shared(fname); + + p = ruby_find_basename(name, &f, &n); + if (n >= 0) { if (NIL_P(fext) || !(f = rmext(p, n, StringValueCStr(fext)))) { f = n; } if (f == RSTRING_LEN(fname)) return rb_str_new_shared(fname); } + basename = rb_str_new(p, f); rb_enc_copy(basename, fname); OBJ_INFECT(basename, fname); @@ -3114,32 +3139,27 @@ rb_file_s_dirname(VALUE klass, VALUE fname) } /* - * call-seq: - * File.extname(path) -> string - * - * Returns the extension (the portion of file name in path - * after the period). - * - * File.extname("test.rb") #=> ".rb" - * File.extname("a/b/d/test.rb") #=> ".rb" - * File.extname("test") #=> "" - * File.extname(".profile") #=> "" - * + * accept a String, and return the pointer of the extension. + * if len is passed, set the length of extension to it. + * returned pointer is in ``name'' or NULL. + * returns *len + * no dot NULL 0 + * dotfile top 0 + * end with dot dot 1 + * .ext dot len of .ext + * .ext:stream dot len of .ext without :stream (NT only) + * */ - -static VALUE -rb_file_s_extname(VALUE klass, VALUE fname) +const char * +ruby_find_extname(const char *name, long *len) { - const char *name, *p, *e; - VALUE extname; + const char *p, *e; - FilePathStringValue(fname); - name = StringValueCStr(fname); p = strrdirsep(name); /* get the last path component */ if (!p) p = name; else - name = ++p; + do name = ++p; while (isdirsep(*p)); e = 0; while (*p && *p == '.') p++; @@ -3170,9 +3190,46 @@ rb_file_s_extname(VALUE klass, VALUE fname) break; p = CharNext(p); } - if (!e || e == name || e+1 == p) /* no dot, or the only dot is first or end? */ + + if (len) { + /* no dot, or the only dot is first or end? */ + if (!e || e == name) + *len = 0; + else if (e+1 == p) + *len = 1; + else + *len = p - e; + } + return e; +} + +/* + * call-seq: + * File.extname(path) -> string + * + * Returns the extension (the portion of file name in path + * after the period). + * + * File.extname("test.rb") #=> ".rb" + * File.extname("a/b/d/test.rb") #=> ".rb" + * File.extname("test") #=> "" + * File.extname(".profile") #=> "" + * + */ + +static VALUE +rb_file_s_extname(VALUE klass, VALUE fname) +{ + const char *name, *e; + long len; + VALUE extname; + + FilePathStringValue(fname); + name = StringValueCStr(fname); + e = ruby_find_extname(name, &len); + if (len <= 1) return rb_str_new(0, 0); - extname = rb_str_new(e, p - e); /* keep the dot, too! */ + extname = rb_str_new(e, len); /* keep the dot, too! */ rb_enc_copy(extname, fname); OBJ_INFECT(extname, fname); return extname; diff --git a/io.c b/io.c index 3f188ad531..ce6ce38896 100644 --- a/io.c +++ b/io.c @@ -8368,6 +8368,9 @@ opt_i_get(ID id, VALUE *var) static VALUE argf_inplace_mode_set(VALUE argf, VALUE val) { + if (rb_safe_level() >= 1 && OBJ_TAINTED(val)) + rb_raise(rb_eSecurityError, "Insecure operation - ARGF.inplace_mode="); + if (!RTEST(val)) { if (ARGF.inplace) free(ARGF.inplace); ARGF.inplace = 0; diff --git a/util.c b/util.c index 0d9a7a35d4..d863905833 100644 --- a/util.c +++ b/util.c @@ -266,70 +266,80 @@ static int valid_filename(const char *s); static const char suffix1[] = ".$$$"; static const char suffix2[] = ".~~~"; -#define ext (&buf[1000]) - #define strEQ(s1,s2) (strcmp(s1,s2) == 0) +extern const char *ruby_find_basename(const char *, long *, long *); +extern const char *ruby_find_extname(const char *, long *); + void ruby_add_suffix(VALUE str, const char *suffix) { int baselen; int extlen = strlen(suffix); - char *s, *t, *p; + char *p, *q; long slen; char buf[1024]; + const char *name; + const char *ext; + long len; - if (RSTRING_LEN(str) > 1000) - rb_fatal("Cannot do inplace edit on long filename (%ld characters)", - RSTRING_LEN(str)); + name = StringValueCStr(str); + slen = strlen(name); + if (slen > sizeof(buf) - 1) + rb_fatal("Cannot do inplace edit on long filename (%ld characters)", + slen); -#if defined(__CYGWIN32__) || defined(_WIN32) /* Style 0 */ - slen = RSTRING_LEN(str); rb_str_cat(str, suffix, extlen); if (valid_filename(RSTRING_PTR(str))) return; /* Fooey, style 0 failed. Fix str before continuing. */ rb_str_resize(str, slen); -#endif - - slen = extlen; - t = buf; baselen = 0; s = RSTRING_PTR(str); - while ((*t = *s) && *s != '.') { - baselen++; - if (*s == '\\' || *s == '/') baselen = 0; - s++; t++; - } - p = t; - - t = ext; extlen = 0; - while ((*t++ = *s++) != 0) extlen++; - if (extlen == 0) { ext[0] = '.'; ext[1] = 0; extlen++; } + name = StringValueCStr(str); + ext = ruby_find_extname(name, &len); if (*suffix == '.') { /* Style 1 */ - if (strEQ(ext, suffix)) goto fallback; - strcpy(p, suffix); - } - else if (suffix[1] == '\0') { /* Style 2 */ - if (extlen < 4) { - ext[extlen] = *suffix; - ext[++extlen] = '\0'; - } - else if (baselen < 8) { - *p++ = *suffix; + if (ext) { + if (strEQ(ext, suffix)) goto fallback; + slen = ext - name; } - else if (ext[3] != *suffix) { - ext[3] = *suffix; + rb_str_resize(str, slen); + rb_str_cat(str, suffix, extlen); + } + else { + strncpy(buf, name, slen); + if (ext) + p = buf + (ext - name); + else + p = buf + slen; + p[len] = '\0'; + if (suffix[1] == '\0') { /* Style 2 */ + if (len <= 3) { + p[len] = *suffix; + p[++len] = '\0'; + } + else if ((q = (char *)ruby_find_basename(buf, &baselen, 0)) && + baselen < 8) { + q += baselen; + *q++ = *suffix; + if (ext) { + strncpy(q, ext, ext - name); + q[ext - name + 1] = '\0'; + } + else + *q = '\0'; + } + else if (len == 4 && p[3] != *suffix) + p[3] = *suffix; + else if (baselen == 8 && q[7] != *suffix) + q[7] = *suffix; + else + goto fallback; } - else if (buf[7] != *suffix) { - buf[7] = *suffix; + else { /* Style 3: Panic */ + fallback: + (void)memcpy(p, !ext || strEQ(ext, suffix1) ? suffix2 : suffix1, 5); } - else goto fallback; - strcpy(p, ext); - } - else { /* Style 3: Panic */ -fallback: - (void)memcpy(p, strEQ(ext, suffix1) ? suffix2 : suffix1, 5); } rb_str_resize(str, strlen(buf)); memcpy(RSTRING_PTR(str), buf, RSTRING_LEN(str)); diff --git a/version.h b/version.h index a39b9b326d..cbd38a69eb 100644 --- a/version.h +++ b/version.h @@ -1,13 +1,13 @@ #define RUBY_VERSION "1.9.1" -#define RUBY_PATCHLEVEL 428 +#define RUBY_PATCHLEVEL 429 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 9 #define RUBY_VERSION_TEENY 1 #define RUBY_RELEASE_YEAR 2010 #define RUBY_RELEASE_MONTH 7 -#define RUBY_RELEASE_DAY 1 -#define RUBY_RELEASE_DATE "2010-07-01" +#define RUBY_RELEASE_DAY 2 +#define RUBY_RELEASE_DATE "2010-07-02" #ifdef RUBY_EXTERN RUBY_EXTERN const char ruby_version[]; -- cgit v1.2.3