kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

unixsocket.c: check NUL bytes

Browse source 
* ext/socket/unixsocket.c (rsock_init_unixsock): check NUL bytes.
  https://hackerone.com/reports/302997

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62991 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu 2018-03-28 10:08:57 +00:00
parent 10b96900b9
commit 8794dec6a5
2 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
ext/socket/unixsocket.c
View file

@ -33,7 +33,7 @@ rsock_init_unixsock(VALUE sock, VALUE path, int server)
int fd, status;
rb_io_t *fptr;
SafeStringValue(path);
FilePathValue(path);
INIT_SOCKADDR_UN(&sockaddr, sizeof(struct sockaddr_un));
if (sizeof(sockaddr.sun_path) < (size_t)RSTRING_LEN(path)) {

10
test/socket/test_unix.rb
View file

@ -284,6 +284,16 @@ class TestSocket_UNIXSocket < Test::Unit::TestCase
File.unlink path if path && File.socket?(path)
end
def test_open_nul_byte
tmpfile = Tempfile.new("s")
path = tmpfile.path
tmpfile.close(true)
assert_raise(ArgumentError) {UNIXServer.open(path+"\0")}
assert_raise(ArgumentError) {UNIXSocket.open(path+"\0")}
ensure
File.unlink path if path && File.socket?(path)
end
def test_addr
bound_unix_socket(UNIXServer) {|serv, path|
UNIXSocket.open(path) {|c|