From cbead61ab6ff9094aed0b5ee2a1628b8e9af09d8 Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Fri, 3 Jun 2011 17:50:33 +0000 Subject: use StringValueCStr for string conversions Ruby strings may contain embedded null bytes that could create false positives. Also, in Ruby 1.9, Ruby strings may not be null-terminated internally, StringValueCStr ensures null-termination upon export. --- ext/rpatricia/rpatricia.c | 2 +- test/test_invalid_inputs.rb | 4 ++++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/ext/rpatricia/rpatricia.c b/ext/rpatricia/rpatricia.c index 066f82e..81e0990 100644 --- a/ext/rpatricia/rpatricia.c +++ b/ext/rpatricia/rpatricia.c @@ -46,7 +46,7 @@ wrap_node(patricia_node_t *orig) static void my_ascii2prefix(patricia_tree_t *tree, VALUE str, prefix_t *prefix) { - char *cstr = StringValuePtr(str); + char *cstr = StringValueCStr(str); prefix_t *ok = ascii2prefix(cstr, prefix); if (!ok) diff --git a/test/test_invalid_inputs.rb b/test/test_invalid_inputs.rb index 93e7a96..32b7003 100644 --- a/test/test_invalid_inputs.rb +++ b/test/test_invalid_inputs.rb @@ -7,6 +7,10 @@ class TestInvalidInput < Test::Unit::TestCase @t = Patricia.new end + def test_embedded_null + assert_raises(ArgumentError) { @t.add("100.0.0.0/8\0") } + end + def test_invalid_add assert_raises(ArgumentError) { @t.add('1000.0.0.0/8') } assert_raises(ArgumentError) { @t.add("\0") } -- cgit v1.2.3-24-ge0c7