Skip to content

Commit d89d02b

Browse files
ebaneban
committed
eban
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_4@914 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
1 parent c0b8c22 commit d89d02b

File tree

2 files changed

+30
-4
lines changed

2 files changed

+30
-4
lines changed

ChangeLog

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,9 @@ Wed Aug 30 11:31:47 2000 Nobuyoshi Nakada <nobu.nakada@nifty.ne.jp>
1313
* ext/Win32API/Win32API.c (Win32API_initialize): add the
1414
arguments checking.
1515

16+
* ext/Win32API/Win32API.c (Win32API_initialize): add taint
17+
checking. allow String object in the third argument.
18+
1619
Tue Aug 29 15:18:20 2000 Yukihiro Matsumoto <matz@ruby-lang.org>
1720

1821
* ruby.c (proc_options): the value of -K may be empty.

ext/Win32API/Win32API.c

Lines changed: 27 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -48,10 +48,13 @@ Win32API_initialize(self, dllname, proc, import, export)
4848
VALUE str;
4949
VALUE a_import;
5050
VALUE *ptr;
51+
char *s;
5152
int i;
5253
int len;
5354
int ex;
5455

56+
Check_SafeStr(dllname);
57+
Check_SafeStr(proc);
5558
hdll = LoadLibrary(RSTRING(dllname)->ptr);
5659
if (!hdll)
5760
rb_raise(rb_eRuntimeError, "LoadLibrary: %s\n", RSTRING(dllname)->ptr);
@@ -70,11 +73,13 @@ Win32API_initialize(self, dllname, proc, import, export)
7073
rb_iv_set(self, "__proc__", UINT2NUM((unsigned long)hproc));
7174

7275
a_import = rb_ary_new();
73-
if (!NIL_P(import)) {
74-
Check_Type(import, T_ARRAY);
76+
switch (TYPE(import)) {
77+
case T_NIL:
78+
break;
79+
case T_ARRAY:
7580
ptr = RARRAY(import)->ptr;
7681
for (i = 0, len = RARRAY(import)->len; i < len; i++) {
77-
Check_Type(ptr[i], T_STRING);
82+
Check_SafeStr(ptr[i]);
7883
switch (*(char *)RSTRING(ptr[i])->ptr) {
7984
case 'N': case 'n': case 'L': case 'l':
8085
rb_ary_push(a_import, INT2FIX(_T_NUMBER));
@@ -87,13 +92,31 @@ Win32API_initialize(self, dllname, proc, import, export)
8792
break;
8893
}
8994
}
95+
break;
96+
default:
97+
Check_SafeStr(import);
98+
s = RSTRING(import)->ptr;
99+
for (i = 0, len = RSTRING(import)->len; i < len; i++) {
100+
switch (*s++) {
101+
case 'N': case 'n': case 'L': case 'l':
102+
rb_ary_push(a_import, INT2FIX(_T_NUMBER));
103+
break;
104+
case 'P': case 'p':
105+
rb_ary_push(a_import, INT2FIX(_T_POINTER));
106+
break;
107+
case 'I': case 'i':
108+
rb_ary_push(a_import, INT2FIX(_T_INTEGER));
109+
break;
110+
}
111+
}
112+
break;
90113
}
91114
rb_iv_set(self, "__import__", a_import);
92115

93116
if (NIL_P(export)) {
94117
ex = _T_VOID;
95118
} else {
96-
Check_Type(export, T_STRING);
119+
Check_SafeStr(export);
97120
switch (*RSTRING(export)->ptr) {
98121
case 'V': case 'v':
99122
ex = _T_VOID;

0 commit comments

Comments
 (0)