ruby-changes:40803
From: nobu <ko1@a...>
Date: Fri, 4 Dec 2015 16:48:30 +0900 (JST)
Subject: [ruby-changes:40803] nobu:r52882 (trunk): string.c: should not taint fstring
nobu 2015-12-04 16:48:22 +0900 (Fri, 04 Dec 2015) New Revision: 52882 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=52882 Log: string.c: should not taint fstring * string.c (rb_obj_as_string): fstring should not be infected. re-apply r52872 and fix a typo. TODO: other frozen strings also may not be. Modified files: trunk/ChangeLog trunk/KNOWNBUGS.rb trunk/string.c trunk/test/ruby/test_object.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 52881) +++ ChangeLog (revision 52882) @@ -1,3 +1,9 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Fri Dec 4 16:48:19 2015 Nobuyoshi Nakada <nobu@r...> + + * string.c (rb_obj_as_string): fstring should not be infected. + re-apply r52872 and fix a typo. + TODO: other frozen strings also may not be. + Fri Dec 4 15:21:45 2015 SHIBATA Hiroshi <hsbt@r...> * lib/rubygems: Update to RubyGems 2.5.0+ HEAD(fdab4c4). Index: string.c =================================================================== --- string.c (revision 52881) +++ string.c (revision 52882) @@ -1247,7 +1247,9 @@ rb_obj_as_string(VALUE obj) https://github.com/ruby/ruby/blob/trunk/string.c#L1247 str = rb_funcall(obj, idTo_s, 0); if (!RB_TYPE_P(str, T_STRING)) return rb_any_to_s(obj); - OBJ_INFECT(str, obj); + if (!FL_TEST_RAW(str, RSTRING_FSTR) && FL_ABLE(obj)) + /* fstring must not be tainted, at least */ + OBJ_INFECT_RAW(str, obj); return str; } Index: KNOWNBUGS.rb =================================================================== --- KNOWNBUGS.rb (revision 52881) +++ KNOWNBUGS.rb (revision 52882) @@ -3,12 +3,3 @@ https://github.com/ruby/ruby/blob/trunk/KNOWNBUGS.rb#L3 # So all tests will cause failure. # -assert_equal 'false', %q{ - x = Object.new.taint - class << x - def to_s; "foo".freeze; end - end - x.taint - [x].join("") - eval '"foo".freeze.tainted?' -} Index: test/ruby/test_object.rb =================================================================== --- test/ruby/test_object.rb (revision 52881) +++ test/ruby/test_object.rb (revision 52882) @@ -755,6 +755,16 @@ class TestObject < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_object.rb#L755 end EOS assert_match(/\bToS\u{3042}:/, x) + + name = "X".freeze + x = Object.new.taint + class<<x;self;end.class_eval {define_method(:to_s) {name}} + assert_same(name, x.to_s) + assert_not_predicate(name, :tainted?) + assert_raise(RuntimeError) {name.taint} + assert_equal("X", [x].join("")) + assert_not_predicate(name, :tainted?) + assert_not_predicate(eval('"X".freeze'), :tainted?) end def test_inspect -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/