archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-09-16 17:14:01 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 10

* io.c (argf_inplace_mode_set): prohibits an assignment

Browse source 
of a tainted value. Patch by unak.

* util.c, file.c: prevents a buffer over-run on windows.
Patch by unak.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_2@28522 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
yugui 2010-07-02 10:14:05 +00:00
parent 318deef393
commit ec4ca0fcbb
5 changed files with 166 additions and 97 deletions
Download patch file Download diff file Expand all files Collapse all files

3
io.c
View file

@ -9548,6 +9548,9 @@ opt_i_get(ID id, VALUE *var)
static VALUE
argf_inplace_mode_set(VALUE argf, VALUE val)
{
if (rb_safe_level() >= 1 && OBJ_TAINTED(val))
rb_insecure_operation();
if (!RTEST(val)) {
if (ARGF.inplace) free(ARGF.inplace);
ARGF.inplace = 0;