diff options
| author |  murgatroid99 <mlumish@google.com> | 2016-01-06 14:40:38 -0800 |
|---|---|---|
| committer | murgatroid99 <mlumish@google.com> | 2016-01-06 14:40:38 -0800 |
| commit | 56fada5dfede3a7b1bc63a0da36dc7e509fd36dd (patch) | |
| tree | a7ba1b975fb0424a58785a7171c4ffac000c27bf /src | |
| parent | c9d3084b10acf93528725ff44dfab3a3ff76f00c (diff) | |
Make the Ruby extension throw an error when passed invalid metadata
Diffstat (limited to 'src')
| -rw-r--r-- | src/ruby/ext/grpc/rb_call.c | 40 |
1 files changed, 31 insertions, 9 deletions
diff --git a/src/ruby/ext/grpc/rb_call.c b/src/ruby/ext/grpc/rb_call.c index cbea76c3bf..43adafb73f 100644 --- a/src/ruby/ext/grpc/rb_call.c +++ b/src/ruby/ext/grpc/rb_call.c @@ -1,6 +1,6 @@ /* * - * Copyright 2015, Google Inc. + * Copyright 2015-2016, Google Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -310,15 +310,20 @@ static int grpc_rb_md_ary_fill_hash_cb(VALUE key, VALUE val, VALUE md_ary_obj) { grpc_metadata_array *md_ary = NULL; long array_length; long i; - char *key_str; + size_t key_len; + char *value_str; + size_t value_len; + if (TYPE(key) == T_SYMBOL) { key_str = (char *)rb_id2name(SYM2ID(key)); + key_len = strlen(key_str); } else { /* StringValueCStr does all other type exclusions for us */ key_str = StringValueCStr(key); + key_len = RSTRING_LEN(key); } - if (!grpc_header_key_is_legal(key_str)) { + if (!grpc_header_key_is_legal(key_str, key_len)) { rb_raise(rb_eArgError, "'%s' is an invalid header key, must match [a-z0-9-_.]+", key_str); @@ -330,19 +335,36 @@ static int grpc_rb_md_ary_fill_hash_cb(VALUE key, VALUE val, VALUE md_ary_obj) { &grpc_rb_md_ary_data_type, md_ary); if (TYPE(val) == T_ARRAY) { - /* If the value is an array, add capacity for each value in the array */ array_length = RARRAY_LEN(val); + /* If the value is an array, add capacity for each value in the array */ for (i = 0; i < array_length; i++) { + value_str = RSTRING_PTR(rb_ary_entry(val, i)); + value_len = RSTRING_LEN(rb_ary_entry(val, i)); + if (!grpc_is_binary_header(key_str, key_len) && + !grpc_header_nonbin_value_is_legal(value_str, value_len)) { + // The value has invalid characters + rb_raise(rb_eArgError, + "Header value '%s' has invalid characters", value_str); + return ST_STOP; + } md_ary->metadata[md_ary->count].key = key_str; - md_ary->metadata[md_ary->count].value = RSTRING_PTR(rb_ary_entry(val, i)); - md_ary->metadata[md_ary->count].value_length = - RSTRING_LEN(rb_ary_entry(val, i)); + md_ary->metadata[md_ary->count].value = value_str; + md_ary->metadata[md_ary->count].value_length = value_len; md_ary->count += 1; } } else { + value_str = RSTRING_PTR(val); + value_len = RSTRING_LEN(val); + if (!grpc_is_binary_header(key_str, key_len) && + !grpc_header_nonbin_value_is_legal(value_str, value_len)) { + // The value has invalid characters + rb_raise(rb_eArgError, + "Header value '%s' has invalid characters", value_str); + return ST_STOP; + } md_ary->metadata[md_ary->count].key = key_str; - md_ary->metadata[md_ary->count].value = RSTRING_PTR(val); - md_ary->metadata[md_ary->count].value_length = RSTRING_LEN(val); + md_ary->metadata[md_ary->count].value = value_str; + md_ary->metadata[md_ary->count].value_length = value_len; md_ary->count += 1; } |