* string.c (rb_str_crypt): Raise ArgumentError when

string passed to String#crypt contains null. the patch is from jrusnack <jrusnack at redhat.com>. [Bug #10988] [fix GH-853] * test/ruby/test_string.rb: test for above. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50458 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2015-05-10 02:49:01 +00:00 · 2015-05-10 02:49:01 +00:00 · f64ac5d4cd
commit f64ac5d4cd
parent d908180164
3 changed files with 11 additions and 2 deletions
--- a/9
+++ b/9
@ -1,3 +1,12 @@
+Sun May 10 11:44:37 2015  Masaki Matsushita <glass.saga@gmail.com>
+
+	* string.c (rb_str_crypt): Raise ArgumentError when
+	  string passed to String#crypt contains null.
+	  the patch is from jrusnack <jrusnack at redhat.com>.
+	  [Bug #10988] [fix GH-853]
+
+	* test/ruby/test_string.rb: test for above.
+
 Sun May 10 11:23:03 2015  Masaki Matsushita <glass.saga@gmail.com>

 	* enum.c (enum_to_a): Use size to set array capa when possible.
--- a/string.c
+++ b/string.c
@ -7711,8 +7711,7 @@ rb_str_crypt(VALUE str, VALUE salt)
 	rb_raise(rb_eArgError, "salt too short (need >=2 bytes)");
    }

-    s = RSTRING_PTR(str);
-    if (!s) s = "";
+    s = StringValueCStr(str);
    saltp = RSTRING_PTR(salt);
    if (!saltp[0] || !saltp[1]) goto short_salt;
 #ifdef BROKEN_CRYPT
--- a/test/ruby/test_string.rb
+++ b/test/ruby/test_string.rb
@ -507,6 +507,7 @@ class TestString < Test::Unit::TestCase
    assert_raise(ArgumentError) {S("mypassword").crypt(S(""))}
    assert_raise(ArgumentError) {S("mypassword").crypt(S("\0a"))}
    assert_raise(ArgumentError) {S("mypassword").crypt(S("a\0"))}
+    assert_raise(ArgumentError) {S("poison\u0000null").crypt(S("aa"))}
    [Encoding::UTF_16BE, Encoding::UTF_16LE,
     Encoding::UTF_32BE, Encoding::UTF_32LE].each do |enc|
      assert_raise(ArgumentError) {S("mypassword").crypt(S("aa".encode(enc)))}