diff options
| author | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-03-28 05:59:44 +0000 |
|---|---|---|
| committer | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-03-28 05:59:44 +0000 |
| commit | b63b168ce99dc0763860bcf7d8e27b57b2582e4d (patch) | |
| tree | b3295f09cadb5dcd1763e685b94676f0131824ce | |
| parent | 58cfb0653e8f05760a419feb4291d0e2d6847f8e (diff) | |
merge revision(s) 60162: [Backport #13994]
socket.c: null byte at Socket.getnameinfo
* ext/socket/socket.c (sock_s_getnameinfo): check null byte.
patched by tommy (Masahiro Tomita) in [ruby-dev:50286].
[Bug #13994]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@62948 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
| -rw-r--r-- | ChangeLog | 7 | ||||
| -rw-r--r-- | ext/socket/socket.c | 4 | ||||
| -rw-r--r-- | test/socket/test_socket.rb | 2 | ||||
| -rw-r--r-- | version.h | 2 |
4 files changed, 12 insertions, 3 deletions
@@ -1,3 +1,10 @@ +Thu Mar 28 14:59:27 2018 Nobuyoshi Nakada <nobu@ruby-lang.org> + + socket.c: null byte at Socket.getnameinfo + + * ext/socket/socket.c (sock_s_getnameinfo): check null byte. patched by + tommy (Masahiro Tomita) in . [Bug #13994] + Thu Mar 28 14:53:57 2018 Nobuyoshi Nakada <nobu@ruby-lang.org> date_core.c: defensive code diff --git a/ext/socket/socket.c b/ext/socket/socket.c index 542cd02ed6..9c46932752 100644 --- a/ext/socket/socket.c +++ b/ext/socket/socket.c @@ -1287,7 +1287,7 @@ sock_s_getnameinfo(int argc, VALUE *argv) hptr = NULL; } else { - strncpy(hbuf, StringValuePtr(host), sizeof(hbuf)); + strncpy(hbuf, StringValueCStr(host), sizeof(hbuf)); hbuf[sizeof(hbuf) - 1] = '\0'; hptr = hbuf; } @@ -1301,7 +1301,7 @@ sock_s_getnameinfo(int argc, VALUE *argv) pptr = pbuf; } else { - strncpy(pbuf, StringValuePtr(port), sizeof(pbuf)); + strncpy(pbuf, StringValueCStr(port), sizeof(pbuf)); pbuf[sizeof(pbuf) - 1] = '\0'; pptr = pbuf; } diff --git a/test/socket/test_socket.rb b/test/socket/test_socket.rb index 7e75837e8f..5ee09f8e9d 100644 --- a/test/socket/test_socket.rb +++ b/test/socket/test_socket.rb @@ -105,6 +105,8 @@ class TestSocket < Test::Unit::TestCase def test_getnameinfo assert_raise(SocketError) { Socket.getnameinfo(["AF_UNIX", 80, "0.0.0.0"]) } + assert_raise(ArgumentError) {Socket.getnameinfo(["AF_INET", "http\0", "example.net"])} + assert_raise(ArgumentError) {Socket.getnameinfo(["AF_INET", "http", "example.net\0"])} end def test_ip_address_list @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.3.7" #define RUBY_RELEASE_DATE "2018-03-28" -#define RUBY_PATCHLEVEL 444 +#define RUBY_PATCHLEVEL 445 #define RUBY_RELEASE_YEAR 2018 #define RUBY_RELEASE_MONTH 3 |