* io.c (rb_f_syscall): should check argument string taint before

invoking system calls. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28296 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2010-06-12 01:05:20 +0000
committer: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2010-06-12 01:05:20 +0000
commit: 622fb1ca50ca273924a2cd6ad58a6a6ff2a7f18e (patch)
tree: 8cd5f1b7ecb143b9387aed7e43197dfcf14c1812
parent: ff0252701e43f8f0ff40a5c4ba55977b5d902612 (diff)
download: ruby-622fb1ca50ca273924a2cd6ad58a6a6ff2a7f18e.tar.gz
2 files changed, 6 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 9adafc8e82..1f84caa708 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Sat Jun 12 10:02:26 2010  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* io.c (rb_f_syscall): should check argument string taint before
+	  invoking system calls.
+
 Sat Jun 12 09:18:31 2010  Yukihiro Matsumoto  <matz@ruby-lang.org>
 
 	* variable.c (uninitialized_constant): process through
diff --git a/io.c b/io.c
index e293728847..f09d0d273b 100644
--- a/io.c
+++ b/io.c
@@ -7520,7 +7520,7 @@ rb_f_syscall(int argc, VALUE *argv)
 	VALUE v = rb_check_string_type(*argv);
 
 	if (!NIL_P(v)) {
-	    StringValue(v);
+	    SafeStringValue(v);
 	    rb_str_modify(v);
 	    arg[i] = (unsigned long)StringValueCStr(v);
 	}
author	matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2010-06-12 01:05:20 +0000
committer	matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2010-06-12 01:05:20 +0000
commit	622fb1ca50ca273924a2cd6ad58a6a6ff2a7f18e (patch)
tree	8cd5f1b7ecb143b9387aed7e43197dfcf14c1812
parent	ff0252701e43f8f0ff40a5c4ba55977b5d902612 (diff)
download	ruby-622fb1ca50ca273924a2cd6ad58a6a6ff2a7f18e.tar.gz