From 696e6a9b7655c5dd32c4468c105e2a471f712cd6 Mon Sep 17 00:00:00 2001
From: suke <suke@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Thu, 6 Nov 2008 12:38:49 +0000
Subject: * ext/win32ole/win32ole.c (fole_s_connect, fole_initialize,  
 folevariant_initialize): check argument type of WIN32OLE.connect,  
 WIN32OLE.new, WIN32OLE_VARIANT.new.

* test/win32ole/test_win32ole.rb (test_s_new_exc, test_s_connect_exc):
  ditto.

* test/win32ole/test_win32ole_variant.rb (test_s_new_exc): ditto.

* test/win32ole/test_win32ole_method.rb: add assertion of
  WIN32OLE_METHOD.new.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@20113 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ext/win32ole/win32ole.c | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

(limited to 'ext/win32ole')

diff --git a/ext/win32ole/win32ole.c b/ext/win32ole/win32ole.c
index 9d919e02da..da9421a421 100644
--- a/ext/win32ole/win32ole.c
+++ b/ext/win32ole/win32ole.c
@@ -128,7 +128,7 @@ const IID IID_IMultiLanguage2 = {0xDCCFC164, 0x2B38, 0x11d2, {0xB7, 0xEC, 0x00,
 
 #define WC2VSTR(x) ole_wc2vstr((x), TRUE)
 
-#define WIN32OLE_VERSION "1.3.8"
+#define WIN32OLE_VERSION "1.3.9"
 
 typedef HRESULT (STDAPICALLTYPE FNCOCREATEINSTANCEEX)
     (REFCLSID, IUnknown*, DWORD, COSERVERINFO*, DWORD, MULTI_QI*);
@@ -2733,6 +2733,7 @@ fole_s_connect(int argc, VALUE *argv, VALUE self)
     ole_initialize();
 
     rb_scan_args(argc, argv, "1*", &svr_name, &others);
+    Check_SafeStr(svr_name);
     if (rb_safe_level() > 0 && OBJ_TAINTED(svr_name)) {
         rb_raise(rb_eSecurityError, "Insecure Object Connection - %s",
                  StringValuePtr(svr_name));
@@ -3220,11 +3221,13 @@ fole_initialize(int argc, VALUE *argv, VALUE self)
     rb_call_super(0, 0);
     rb_scan_args(argc, argv, "11*", &svr_name, &host, &others);
 
+    Check_SafeStr(svr_name);
     if (rb_safe_level() > 0 && OBJ_TAINTED(svr_name)) {
         rb_raise(rb_eSecurityError, "Insecure Object Creation - %s",
                  StringValuePtr(svr_name));
     }
     if (!NIL_P(host)) {
+	Check_SafeStr(host);
         if (rb_safe_level() > 0 && OBJ_TAINTED(host)) {
             rb_raise(rb_eSecurityError, "Insecure Object Creation - %s",
                      StringValuePtr(svr_name));
@@ -8621,6 +8624,26 @@ folevariant_initialize(VALUE self, VALUE args)
     }
     VariantInit(&var);
     val = rb_ary_entry(args, 0);
+
+    if(!rb_obj_is_kind_of(val, cWIN32OLE) && 
+       !rb_obj_is_kind_of(val, cWIN32OLE_VARIANT) &&
+       !rb_obj_is_kind_of(val, rb_cTime)) {
+	switch (TYPE(val)) {
+	case T_ARRAY:
+	case T_STRING:
+	case T_FIXNUM:
+	case T_BIGNUM:
+	case T_FLOAT:
+	case T_TRUE:
+	case T_FALSE:
+	case T_NIL:
+	    break;
+	default:
+	    rb_raise(rb_eTypeError, "can not convert WIN32OLE_VARIANT from type %s",
+		     rb_obj_classname(val));
+	}
+    }
+
     Data_Get_Struct(self, struct olevariantdata, pvar);
     if (len == 1) {
         ole_val2variant(val, &(pvar->var));
-- 
cgit v1.2.3