diff options
| author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2003-07-29 07:52:55 +0000 |
|---|---|---|
| committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2003-07-29 07:52:55 +0000 |
| commit | 8719f269f064d9134d193eb7688f510ebadd6ae7 (patch) | |
| tree | 35cc22bf84d65b4ec02bf15cb22df6fab7e1b813 /lib/net | |
| parent | 52012e4d7c7bbe7b8eb9d4e7263930bf6234f6c1 (diff) | |
| download | ruby-8719f269f064d9134d193eb7688f510ebadd6ae7.tar.gz ruby-8719f269f064d9134d193eb7688f510ebadd6ae7.tar.xz ruby-8719f269f064d9134d193eb7688f510ebadd6ae7.zip | |
* lib/net/smtp.rb (Net::SMTP::send0): add taint check.
* ruby.h (LLONG_MIN): wrong value.
* io.c (rb_f_getc): $stdin may not be IO. [ruby-dev:20973]
git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@4206 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/net')
| -rw-r--r-- | lib/net/smtp.rb | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/lib/net/smtp.rb b/lib/net/smtp.rb index 240b41d6c..3991eb18b 100644 --- a/lib/net/smtp.rb +++ b/lib/net/smtp.rb @@ -490,6 +490,10 @@ module Net def send0( from_addr, to_addrs ) raise IOError, "closed session" unless @socket raise ArgumentError, 'mail destination does not given' if to_addrs.empty? + raise SecurityError, 'tainted from_addr' if from_addr.tainted? + to_addrs.each{|to| + raise SecurityError, 'tainted to_addr' if to.tainted? + } mailfrom from_addr to_addrs.each do |to| |