Commit 3b8e2f23b4ce58d899a4fd628ba6837054d85614
Fix for segfaults on the various ways Ruby has empty strings.
Thanks to Mike Pomraning for the patch.Coda Hale committed on 3/10/2009, 3:36:19 AM
Parent: 95d6f418506621edfc65822a03209384c4e03b2b
Files changed
| ext/bcrypt_ext.c | changed |
| spec/bcrypt/password_spec.rb | changed |
| ext/bcrypt_ext.c | ||
|---|---|---|
| @@ -15,9 +15,10 @@ | ||
| 15 | 15 | |
| 16 | 16 | /* Given a secret and a salt, generates a salted hash (which you can then store safely). |
| 17 | 17 | */ |
| 18 | 18 | static VALUE bc_crypt(VALUE self, VALUE key, VALUE salt) { |
| 19 | - return rb_str_new2((char *)bcrypt(RSTRING_PTR(key), (char *)RSTRING_PTR(salt))); | |
| 19 | + const char * safeguarded = RSTRING_PTR(key) ? RSTRING_PTR(key) : ""; | |
| 20 | + return rb_str_new2((char *)bcrypt(safeguarded, (char *)RSTRING_PTR(salt))); | |
| 20 | 21 | } |
| 21 | 22 | |
| 22 | 23 | /* Create the BCrypt and BCrypt::Internals modules, and populate them with methods. */ |
| 23 | 24 | void Init_bcrypt_ext(){ |
| spec/bcrypt/password_spec.rb | ||
|---|---|---|
| @@ -19,8 +19,14 @@ | ||
| 19 | 19 | lambda { BCrypt::Password.create(nil) }.should_not raise_error(BCrypt::Errors::InvalidSecret) |
| 20 | 20 | lambda { BCrypt::Password.create({:woo => "yeah"}) }.should_not raise_error(BCrypt::Errors::InvalidSecret) |
| 21 | 21 | lambda { BCrypt::Password.create(false) }.should_not raise_error(BCrypt::Errors::InvalidSecret) |
| 22 | 22 | end |
| 23 | + | |
| 24 | + specify "should tolerate empty string secrets" do | |
| 25 | + lambda { BCrypt::Password.create( "\n".chop ) }.should_not raise_error | |
| 26 | + lambda { BCrypt::Password.create( "" ) }.should_not raise_error | |
| 27 | + lambda { BCrypt::Password.create( String.new ) }.should_not raise_error | |
| 28 | + end | |
| 23 | 29 | end |
| 24 | 30 | |
| 25 | 31 | context "Reading a hashed password" do |
| 26 | 32 | setup do |
Built with git-ssb-web