3 files changed, 11 insertions, 2 deletions

diff --git a/ChangeLog b/ChangeLog
index 7fe479ef34..1f6c1e061f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+Sun May 10 11:44:37 2015  Masaki Matsushita <glass.saga@gmail.com>
+
+	* string.c (rb_str_crypt): Raise ArgumentError when
+	  string passed to String#crypt contains null.
+	  the patch is from jrusnack <jrusnack at redhat.com>.
+	  [Bug #10988] [fix GH-853]
+
+	* test/ruby/test_string.rb: test for above.
+
 Sun May 10 11:23:03 2015  Masaki Matsushita <glass.saga@gmail.com>
 
 	* enum.c (enum_to_a): Use size to set array capa when possible.
diff --git a/string.c b/string.c
index d85033ea6c..7e18f69027 100644
--- a/string.c
+++ b/string.c
@@ -7711,8 +7711,7 @@ rb_str_crypt(VALUE str, VALUE salt)
 	rb_raise(rb_eArgError, "salt too short (need >=2 bytes)");
     }
 
-    s = RSTRING_PTR(str);
-    if (!s) s = "";
+    s = StringValueCStr(str);
     saltp = RSTRING_PTR(salt);
     if (!saltp[0] || !saltp[1]) goto short_salt;
 #ifdef BROKEN_CRYPT
diff --git a/test/ruby/test_string.rb b/test/ruby/test_string.rb
index 4cd6afdd80..2768a65441 100644
--- a/test/ruby/test_string.rb
+++ b/test/ruby/test_string.rb
@@ -507,6 +507,7 @@ class TestString < Test::Unit::TestCase
     assert_raise(ArgumentError) {S("mypassword").crypt(S(""))}
     assert_raise(ArgumentError) {S("mypassword").crypt(S("\0a"))}
     assert_raise(ArgumentError) {S("mypassword").crypt(S("a\0"))}
+    assert_raise(ArgumentError) {S("poison\u0000null").crypt(S("aa"))}
     [Encoding::UTF_16BE, Encoding::UTF_16LE,
      Encoding::UTF_32BE, Encoding::UTF_32LE].each do |enc|
       assert_raise(ArgumentError) {S("mypassword").crypt(S("aa".encode(enc)))}