ruby-changes:58735
From: Jeremy <ko1@a...>
Date: Tue, 12 Nov 2019 11:17:00 +0900 (JST)
Subject: [ruby-changes:58735] b38b26c62d (master): [ruby/bigdecimal] Remove taint checking
https://git.ruby-lang.org/ruby.git/commit/?id=b38b26c62d From b38b26c62dc12da1d4fcee39de0c0cad598f5995 Mon Sep 17 00:00:00 2001 From: Jeremy Evans <code@j...> Date: Fri, 18 Oct 2019 11:44:47 -0700 Subject: [ruby/bigdecimal] Remove taint checking This removes the taint checking. Taint support is deprecated in Ruby 2.7 and has no effect. I don't think removing the taint checks in earlier ruby versions will cause any problems. https://github.com/ruby/bigdecimal/commit/1918d466f3 diff --git a/ext/bigdecimal/bigdecimal.c b/ext/bigdecimal/bigdecimal.c index b235403..7ac8837 100644 --- a/ext/bigdecimal/bigdecimal.c +++ b/ext/bigdecimal/bigdecimal.c @@ -276,7 +276,6 @@ again: https://github.com/ruby/ruby/blob/trunk/ext/bigdecimal/bigdecimal.c#L276 #ifdef ENABLE_NUMERIC_STRING case T_STRING: StringValueCStr(v); - rb_check_safe_obj(v); return VpCreateRbObject(RSTRING_LEN(v) + VpBaseFig() + 1, RSTRING_PTR(v)); #endif /* ENABLE_NUMERIC_STRING */ @@ -418,7 +417,6 @@ BigDecimal_load(VALUE self, VALUE str) https://github.com/ruby/ruby/blob/trunk/ext/bigdecimal/bigdecimal.c#L417 unsigned long m=0; pch = (unsigned char *)StringValueCStr(str); - rb_check_safe_obj(str); /* First get max prec */ while((*pch) != (unsigned char)'\0' && (ch = *pch++) != (unsigned char)':') { if(!ISDIGIT(ch)) { @@ -2030,7 +2028,6 @@ BigDecimal_to_s(int argc, VALUE *argv, VALUE self) https://github.com/ruby/ruby/blob/trunk/ext/bigdecimal/bigdecimal.c#L2028 if (rb_scan_args(argc, argv, "01", &f) == 1) { if (RB_TYPE_P(f, T_STRING)) { psz = StringValueCStr(f); - rb_check_safe_obj(f); if (*psz == ' ') { fPlus = 1; psz++; diff --git a/test/bigdecimal/test_bigdecimal.rb b/test/bigdecimal/test_bigdecimal.rb index f6ef88e..dff390b 100644 --- a/test/bigdecimal/test_bigdecimal.rb +++ b/test/bigdecimal/test_bigdecimal.rb @@ -155,15 +155,6 @@ class TestBigDecimal < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/bigdecimal/test_bigdecimal.rb#L155 end end - def test_BigDecimal_with_tainted_string - Thread.new { - $SAFE = 1 - BigDecimal('1'.taint) - }.join - ensure - $SAFE = 0 - end - def test_BigDecimal_with_exception_keyword assert_raise(ArgumentError) { BigDecimal('.', exception: true) -- cgit v0.10.2 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/