diff options
| author | aamine <aamine@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2003-07-29 13:29:53 +0000 |
|---|---|---|
| committer | aamine <aamine@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2003-07-29 13:29:53 +0000 |
| commit | f1d9d32a678cac7ce3b2fea71780312c8391c753 (patch) | |
| tree | a34104a8874e3e1545a7972349a18cb92527692f | |
| parent | 42f3ae0286dde31fa217a95f11d3264ef4fba60f (diff) | |
| download | ruby-f1d9d32a678cac7ce3b2fea71780312c8391c753.tar.gz | |
* lib/net/smtp.rb (send0): do taint check only when $SAFE > 0
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@4214 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | lib/net/smtp.rb | 8 |
2 files changed, 9 insertions, 3 deletions
@@ -1,3 +1,7 @@ +Tue Jul 29 22:36:50 2003 Minero Aoki <aamine@loveruby.net> + + * lib/net/smtp.rb (send0): do taint check only when $SAFE > 0 + Tue Jul 29 19:20:34 2003 WATANABE Hirofumi <eban@ruby-lang.org> * lib/fileutils.rb (install): support preserve timestamp. diff --git a/lib/net/smtp.rb b/lib/net/smtp.rb index 1f36f4ba12..ba4f43c377 100644 --- a/lib/net/smtp.rb +++ b/lib/net/smtp.rb @@ -490,9 +490,11 @@ module Net def send0( from_addr, to_addrs ) raise IOError, 'closed session' unless @socket raise ArgumentError, 'mail destination does not given' if to_addrs.empty? - raise SecurityError, 'tainted from_addr' if from_addr.tainted? - to_addrs.each do |to| - raise SecurityError, 'tainted to_addr' if to.tainted? + if $SAFE > 0 + raise SecurityError, 'tainted from_addr' if from_addr.tainted? + to_addrs.each do |to| + raise SecurityError, 'tainted to_addr' if to.tainted? + end end mailfrom from_addr |