diff options
| author | akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-01-12 16:00:03 +0000 |
|---|---|---|
| committer | akr <akr@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-01-12 16:00:03 +0000 |
| commit | 91ff87c05df679b84ba4c537a71b10cd9e2b9613 (patch) | |
| tree | 62a24bb3648bfde88da9ba2f297cedb950f32b5f | |
| parent | 73757753aef81b97b69a82ccbbcdd7fcfafc6e16 (diff) | |
| download | ruby-91ff87c05df679b84ba4c537a71b10cd9e2b9613.tar.gz | |
* ext/socket/socket.c (sock_s_unpack_sockaddr_in): check too short
sockaddr.
(sock_s_unpack_sockaddr_un): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@21469 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 6 | ||||
| -rw-r--r-- | ext/socket/socket.c | 10 | ||||
| -rw-r--r-- | test/socket/test_socket.rb | 2 |
3 files changed, 18 insertions, 0 deletions
@@ -1,3 +1,9 @@ +Tue Jan 13 00:57:56 2009 Tanaka Akira <akr@fsij.org> + + * ext/socket/socket.c (sock_s_unpack_sockaddr_in): check too short + sockaddr. + (sock_s_unpack_sockaddr_un): ditto. + Mon Jan 12 23:55:19 2009 Tanaka Akira <akr@fsij.org> * ext/socket/socket.c (addrinfo_ip_unpack): new method diff --git a/ext/socket/socket.c b/ext/socket/socket.c index b161f038f6..098fd3a8c5 100644 --- a/ext/socket/socket.c +++ b/ext/socket/socket.c @@ -4328,6 +4328,11 @@ sock_s_unpack_sockaddr_in(VALUE self, VALUE addr) VALUE host; sockaddr = (struct sockaddr_in*)SockAddrStringValuePtr(addr); + if (RSTRING_LEN(addr) < + (char*)&((struct sockaddr *)sockaddr)->sa_family + + sizeof(((struct sockaddr *)sockaddr)->sa_family) - + (char*)sockaddr) + rb_raise(rb_eArgError, "too short sockaddr"); if (((struct sockaddr *)sockaddr)->sa_family != AF_INET #ifdef INET6 && ((struct sockaddr *)sockaddr)->sa_family != AF_INET6 @@ -4397,6 +4402,11 @@ sock_s_unpack_sockaddr_un(VALUE self, VALUE addr) VALUE path; sockaddr = (struct sockaddr_un*)SockAddrStringValuePtr(addr); + if (RSTRING_LEN(addr) < + (char*)&((struct sockaddr *)sockaddr)->sa_family + + sizeof(((struct sockaddr *)sockaddr)->sa_family) - + (char*)sockaddr) + rb_raise(rb_eArgError, "too short sockaddr"); if (((struct sockaddr *)sockaddr)->sa_family != AF_UNIX) { rb_raise(rb_eArgError, "not an AF_UNIX sockaddr"); } diff --git a/test/socket/test_socket.rb b/test/socket/test_socket.rb index 4055c825c9..e35cedbbc1 100644 --- a/test/socket/test_socket.rb +++ b/test/socket/test_socket.rb @@ -93,6 +93,8 @@ class TestSocket < Test::Unit::TestCase assert_raise(ArgumentError) { Socket.unpack_sockaddr_un(sockaddr_in) } sockaddr_un = Socket.sockaddr_un("/tmp/s") assert_raise(ArgumentError) { Socket.unpack_sockaddr_in(sockaddr_un) } + assert_raise(ArgumentError) { Socket.unpack_sockaddr_in("") } + assert_raise(ArgumentError) { Socket.unpack_sockaddr_un("") } end if Socket.respond_to?(:sockaddr_un) def test_sysaccept |