diff options
author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-12-12 01:49:20 +0000 |
---|---|---|
committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2014-12-12 01:49:20 +0000 |
commit | 01e621579af0b2e3dba283b9e53e358adb170ab4 (patch) | |
tree | db7f716d4101ed188e0d910966d6ea49e3c637b7 /string.c | |
parent | 9cabd72f5fbf969b5b2d231cbc6fd4222c6f0977 (diff) | |
download | ruby-01e621579af0b2e3dba283b9e53e358adb170ab4.tar.gz |
string.c: check arguments for crypt
* string.c (rb_str_crypt): check arguments more strictly.
* crypt() is not for wide char strings
* salt bytes should not be NUL
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@48779 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'string.c')
-rw-r--r-- | string.c | 16 |
1 files changed, 15 insertions, 1 deletions
@@ -179,6 +179,15 @@ mustnot_broken(VALUE str) } } +static void +mustnot_wchar(VALUE str) +{ + rb_encoding *enc = STR_ENC_GET(str); + if (rb_enc_mbminlen(enc) > 1) { + rb_raise(rb_eArgError, "wide char encoding: %s", rb_enc_name(enc)); + } +} + static int fstring_cmp(VALUE a, VALUE b); /* in case we restart MVM development, this needs to be per-VM */ @@ -7629,12 +7638,17 @@ rb_str_crypt(VALUE str, VALUE salt) #endif StringValue(salt); - if (RSTRING_LEN(salt) < 2) + mustnot_wchar(str); + mustnot_wchar(salt); + if (RSTRING_LEN(salt) < 2) { + short_salt: rb_raise(rb_eArgError, "salt too short (need >=2 bytes)"); + } s = RSTRING_PTR(str); if (!s) s = ""; saltp = RSTRING_PTR(salt); + if (!saltp[0] || !saltp[1]) goto short_salt; #ifdef BROKEN_CRYPT if (!ISASCII((unsigned char)saltp[0]) || !ISASCII((unsigned char)saltp[1])) { salt_8bit_clean[0] = saltp[0] & 0x7f; |