diff options
author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-06-25 01:20:01 +0000 |
---|---|---|
committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-06-25 01:20:01 +0000 |
commit | 51a1c68bc748f1fce2461b3c8a2a75c9c20477d6 (patch) | |
tree | a4edcf3abada40121589dcf7ff2bef62aaa28c5a | |
parent | 20014eb3e06ea70a80caddea35c50ef3bb403c8c (diff) | |
download | ruby-51a1c68bc748f1fce2461b3c8a2a75c9c20477d6.tar.gz |
hash.c: prohibit tainted strings
* hash.c (env_aset, env_has_key, env_assoc, env_has_value),
(env_rassoc, env_key): prohibit tainted strings if $SAFE is
non-zero. [Bug #9976]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@46547 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | hash.c | 14 | ||||
-rw-r--r-- | test/ruby/test_env.rb | 81 |
3 files changed, 96 insertions, 5 deletions
@@ -1,3 +1,9 @@ +Wed Jun 25 10:19:59 2014 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * hash.c (env_aset, env_has_key, env_assoc, env_has_value), + (env_rassoc, env_key): prohibit tainted strings if $SAFE is + non-zero. [Bug #9976] + Tue Jun 24 14:46:17 2014 SHIBATA Hiroshi <shibata.hiroshi@gmail.com> * lib/gserver.rb: remove redundant use of to_s in interpolation. @@ -2871,8 +2871,8 @@ env_aset(VALUE obj, VALUE nm, VALUE val) env_delete(obj, nm); return Qnil; } - StringValue(nm); - StringValue(val); + SafeStringValue(nm); + SafeStringValue(val); name = RSTRING_PTR(nm); value = RSTRING_PTR(val); if (memchr(name, '\0', RSTRING_LEN(nm))) @@ -3369,7 +3369,8 @@ env_has_key(VALUE env, VALUE key) { char *s; - s = StringValuePtr(key); + SafeStringValue(key); + s = RSTRING_PTR(key); if (memchr(s, '\0', RSTRING_LEN(key))) rb_raise(rb_eArgError, "bad environment variable name"); if (getenv(s)) return Qtrue; @@ -3388,7 +3389,8 @@ env_assoc(VALUE env, VALUE key) { char *s, *e; - s = StringValuePtr(key); + SafeStringValue(key); + s = RSTRING_PTR(key); if (memchr(s, '\0', RSTRING_LEN(key))) rb_raise(rb_eArgError, "bad environment variable name"); e = getenv(s); @@ -3410,6 +3412,7 @@ env_has_value(VALUE dmy, VALUE obj) obj = rb_check_string_type(obj); if (NIL_P(obj)) return Qnil; + rb_check_safe_obj(obj); env = GET_ENVIRON(environ); while (*env) { char *s = strchr(*env, '='); @@ -3440,6 +3443,7 @@ env_rassoc(VALUE dmy, VALUE obj) obj = rb_check_string_type(obj); if (NIL_P(obj)) return Qnil; + rb_check_safe_obj(obj); env = GET_ENVIRON(environ); while (*env) { char *s = strchr(*env, '='); @@ -3470,7 +3474,7 @@ env_key(VALUE dmy, VALUE value) char **env; VALUE str; - StringValue(value); + SafeStringValue(value); env = GET_ENVIRON(environ); while (*env) { char *s = strchr(*env, '='); diff --git a/test/ruby/test_env.rb b/test/ruby/test_env.rb index 847b5f819b..41d1ccf306 100644 --- a/test/ruby/test_env.rb +++ b/test/ruby/test_env.rb @@ -426,4 +426,85 @@ class TestEnv < Test::Unit::TestCase assert_predicate(ENV.fetch(k), :frozen?, "fetch(#{k.dump})") end end + + def test_taint_aref + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV["FOO".taint] + end.call + end + end + + def test_taint_fetch + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.fetch("FOO".taint) + end.call + end + end + + def test_taint_assoc + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.assoc("FOO".taint) + end.call + end + end + + def test_taint_rassoc + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.rassoc("FOO".taint) + end.call + end + end + + def test_taint_key + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.key("FOO".taint) + end.call + end + end + + def test_taint_key_p + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.key?("FOO".taint) + end.call + end + end + + def test_taint_value_p + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV.value?("FOO".taint) + end.call + end + end + + def test_taint_aset_value + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV["FOO"] = "BAR".taint + end.call + end + end + + def test_taint_aset_key + assert_raise(SecurityError) do + proc do + $SAFE = 2 + ENV["FOO".taint] = "BAR" + end.call + end + end end |