Projects
openEuler:24.03:SP1:Everything
rubygem-ffi
_service:tar_scm:Remove-taint-support.patch
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:Remove-taint-support.patch of Package rubygem-ffi
diff -Nur a/ext/ffi_c/AbstractMemory.c b/ext/ffi_c/AbstractMemory.c --- a/ext/ffi_c/AbstractMemory.c 2022-01-26 16:51:07.093052671 +0800 +++ b/ext/ffi_c/AbstractMemory.c 2022-01-26 16:50:35.108522777 +0800 @@ -417,7 +417,7 @@ checkBounds(ptr, off, len); end = memchr(ptr->address + off, 0, len); - return rb_tainted_str_new((char *) ptr->address + off, + return rb_str_new((char *) ptr->address + off, (end != NULL ? end - ptr->address - off : len)); } @@ -453,7 +453,7 @@ for (i = 0; i < count; ++i) { const char* strptr = *((const char**) (ptr->address + off) + i); - rb_ary_push(retVal, (strptr == NULL ? Qnil : rb_tainted_str_new2(strptr))); + rb_ary_push(retVal, (strptr == NULL ? Qnil : rb_str_new2(strptr))); } } else { @@ -463,7 +463,7 @@ if (strptr == NULL) { break; } - rb_ary_push(retVal, rb_tainted_str_new2(strptr)); + rb_ary_push(retVal, rb_str_new2(strptr)); } } @@ -542,7 +542,7 @@ checkRead(ptr); checkBounds(ptr, off, len); - return rb_tainted_str_new((char *) ptr->address + off, len); + return rb_str_new((char *) ptr->address + off, len); } /* @@ -583,10 +583,6 @@ checkWrite(ptr); checkBounds(ptr, off, len); - if (rb_safe_level() >= 1 && OBJ_TAINTED(str)) { - rb_raise(rb_eSecurityError, "Writing unsafe string to memory"); - return Qnil; - } memcpy(ptr->address + off, RSTRING_PTR(str) + idx, len); return self; @@ -718,7 +714,7 @@ memcpy(&tmp, ptr->address + offset, sizeof(tmp)); } - return tmp != NULL ? rb_tainted_str_new2(tmp) : Qnil; + return tmp != NULL ? rb_str_new2(tmp) : Qnil; } static void diff -Nur a/ext/ffi_c/Call.c b/ext/ffi_c/Call.c --- a/ext/ffi_c/Call.c 2022-01-26 16:51:07.093052671 +0800 +++ b/ext/ffi_c/Call.c 2022-01-26 16:50:38.876585203 +0800 @@ -300,10 +300,6 @@ param->ptr = NULL; } else { - if (rb_safe_level() >= 1 && OBJ_TAINTED(argv[argidx])) { - rb_raise(rb_eSecurityError, "Unsafe string parameter"); - } - param->ptr = StringValueCStr(argv[argidx]); } diff -Nur a/ext/ffi_c/DynamicLibrary.c b/ext/ffi_c/DynamicLibrary.c --- a/ext/ffi_c/DynamicLibrary.c 2022-01-26 16:51:07.097052737 +0800 +++ b/ext/ffi_c/DynamicLibrary.c 2022-01-26 16:50:35.108522777 +0800 @@ -164,7 +164,7 @@ { char errmsg[1024]; dl_error(errmsg, sizeof(errmsg)); - return rb_tainted_str_new2(errmsg); + return rb_str_new2(errmsg); } static void diff -Nur a/ext/ffi_c/Function.c b/ext/ffi_c/Function.c --- a/ext/ffi_c/Function.c 2022-01-26 16:51:07.097052737 +0800 +++ b/ext/ffi_c/Function.c 2022-01-26 16:50:42.484644979 +0800 @@ -808,7 +808,7 @@ param = rbffi_longdouble_new(*(long double *) parameters[i]); break; case NATIVE_STRING: - param = (*(void **) parameters[i] != NULL) ? rb_tainted_str_new2(*(char **) parameters[i]) : Qnil; + param = (*(void **) parameters[i] != NULL) ? rb_str_new2(*(char **) parameters[i]) : Qnil; break; case NATIVE_POINTER: param = rbffi_Pointer_NewInstance(*(void **) parameters[i]); diff -Nur a/ext/ffi_c/Types.c b/ext/ffi_c/Types.c --- a/ext/ffi_c/Types.c 2022-01-26 16:51:07.105052870 +0800 +++ b/ext/ffi_c/Types.c 2022-01-26 16:50:35.108522777 +0800 @@ -80,7 +80,7 @@ return rbffi_longdouble_new(*(long double *) ptr); case NATIVE_STRING: - return (*(void **) ptr != NULL) ? rb_tainted_str_new2(*(char **) ptr) : Qnil; + return (*(void **) ptr != NULL) ? rb_str_new2(*(char **) ptr) : Qnil; case NATIVE_POINTER: return rbffi_Pointer_NewInstance(*(void **) ptr); case NATIVE_BOOL: diff -Nur a/spec/ffi/string_spec.rb b/spec/ffi/string_spec.rb --- a/spec/ffi/string_spec.rb 2019-01-06 22:25:53.000000000 +0800 +++ b/spec/ffi/string_spec.rb 2022-01-26 15:22:39.289071937 +0800 @@ -15,37 +15,11 @@ attach_function :string_null, [ ], :string end - it "MemoryPointer#get_string returns a tainted string" do - mp = FFI::MemoryPointer.new 1024 - mp.put_string(0, "test\0") - str = mp.get_string(0) - expect(str.tainted?).to be true - end - - it "String returned by a method is tainted" do - mp = FFI::MemoryPointer.new :pointer - sp = FFI::MemoryPointer.new 1024 - sp.put_string(0, "test") - mp.put_pointer(0, sp) - str = StrLibTest.ptr_ret_pointer(mp, 0) - expect(str).to eq("test") - expect(str).to be_tainted - end - it "Poison null byte raises error" do s = "123\0abc" expect { StrLibTest.string_equals(s, s) }.to raise_error(ArgumentError) end - it "Tainted String parameter should throw a SecurityError" do - $SAFE = 1 - str = "test" - str.taint - begin - expect(LibTest.string_equals(str, str)).to be false - rescue SecurityError - end - end if false it "casts nil as NULL pointer" do expect(StrLibTest.string_dummy(nil)).to be_nil end
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2