* ext/socket/raddrinfo.c (host_str, port_str): Use StringValueCStr

instead of (Safe)StringValue, to detect NUL byte in the string. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@55222 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2016-05-30 15:33:06 +0000
committer: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2016-05-30 15:33:06 +0000
commit: 3e5fe9f5522bfbc58b35e9c68d3f843620ddeb53 (patch)
tree: 3d3ad52fa8d8b3a3345dad40a94041eb8851ad6c
parent: a11b5364b6d924f1d9c86543d1365e02336e2147 (diff)
download: ruby-3e5fe9f5522bfbc58b35e9c68d3f843620ddeb53.tar.gz
3 files changed, 17 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 28dfd653fb..44dd365286 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Tue May 31 00:30:11 2016  NAKAMURA Usaku  <usa@ruby-lang.org>
+
+	* ext/socket/raddrinfo.c (host_str, port_str): Use StringValueCStr
+	  instead of (Safe)StringValue, to detect NUL byte in the string.
+
 Mon May 30 22:02:01 2016  Kazuki Yamaguchi  <k@rhe.jp>
 
 	* ext/openssl/ossl_asn1.c (time_to_time_t): Use NUM2TIMET() instead of
diff --git a/ext/socket/raddrinfo.c b/ext/socket/raddrinfo.c
index b0c80399de..11f5d1f5a6 100644
--- a/ext/socket/raddrinfo.c
+++ b/ext/socket/raddrinfo.c
@@ -429,6 +429,10 @@ str_is_number(const char *p)
 #define str_equal(ptr, len, name) \
     ((ptr)[0] == name[0] && \
      rb_strlen_lit(name) == (len) && memcmp(ptr, name, len) == 0)
+#define SafeStringValueCStr(v) do {\
+    StringValueCStr(v);\
+    rb_check_safe_obj(v);\
+} while(0)
 
 static char*
 host_str(VALUE host, char *hbuf, size_t hbuflen, int *flags_ptr)
@@ -447,7 +451,7 @@ host_str(VALUE host, char *hbuf, size_t hbuflen, int *flags_ptr)
         const char *name;
         size_t len;
 
-        SafeStringValue(host);
+        SafeStringValueCStr(host);
         RSTRING_GETMEM(host, name, len);
         if (!len || str_equal(name, len, "<any>")) {
             make_inetaddr(INADDR_ANY, hbuf, hbuflen);
@@ -486,7 +490,7 @@ port_str(VALUE port, char *pbuf, size_t pbuflen, int *flags_ptr)
         const char *serv;
         size_t len;
 
-        SafeStringValue(port);
+        SafeStringValueCStr(port);
         RSTRING_GETMEM(port, serv, len);
         if (len >= pbuflen) {
             rb_raise(rb_eArgError, "service name too long (%"PRIdSIZE")",
diff --git a/test/socket/test_addrinfo.rb b/test/socket/test_addrinfo.rb
index e010731af8..132d172380 100644
--- a/test/socket/test_addrinfo.rb
+++ b/test/socket/test_addrinfo.rb
@@ -42,6 +42,9 @@ class TestSocketAddrinfo < Test::Unit::TestCase
       Addrinfo.ip(addr)
     end
     assert_equal([0, "127.0.0.1"], Socket.unpack_sockaddr_in(ai))
+    assert_raise(ArgumentError) do
+      Addrinfo.ip("127.0.0.1\000x")
+    end
   end
 
   def test_addrinfo_tcp
@@ -56,6 +59,9 @@ class TestSocketAddrinfo < Test::Unit::TestCase
       Addrinfo.tcp("127.0.0.1", "0000000000000000000000080x".chop)
     end
     assert_equal([80, "127.0.0.1"], Socket.unpack_sockaddr_in(ai))
+    assert_raise(ArgumentError) do
+      Addrinfo.ip("127.0.0.1", "80\000x")
+    end
   end
 
   def test_addrinfo_udp
author	usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2016-05-30 15:33:06 +0000
committer	usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2016-05-30 15:33:06 +0000
commit	3e5fe9f5522bfbc58b35e9c68d3f843620ddeb53 (patch)
tree	3d3ad52fa8d8b3a3345dad40a94041eb8851ad6c
parent	a11b5364b6d924f1d9c86543d1365e02336e2147 (diff)
download	ruby-3e5fe9f5522bfbc58b35e9c68d3f843620ddeb53.tar.gz