nobu	2009-10-19 10:59:38 +0900 (Mon, 19 Oct 2009)

  New Revision: 25398

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=25398

  Log:
    * iseq.c (prepare_iseq_build, rb_iseq_build_for_ruby2cext):
      untrust mark array.  [ruby-core:26137]

  Modified files:
    trunk/ChangeLog
    trunk/iseq.c
    trunk/test/ruby/test_regexp.rb

Index: ChangeLog
===================================================================
--- ChangeLog	(revision 25397)
+++ ChangeLog	(revision 25398)
@@ -1,3 +1,8 @@
+Mon Oct 19 10:59:36 2009  Nobuyoshi Nakada  <nobu@r...>
+
+	* iseq.c (prepare_iseq_build, rb_iseq_build_for_ruby2cext):
+	  untrust mark array.  [ruby-core:26137]
+
 Mon Oct 19 05:49:53 2009  Marc-Andre Lafortune  <ruby-core@m...>
 
 	* lib/rexml/element.rb (text=): false should be converted to string.
Index: iseq.c
===================================================================
--- iseq.c	(revision 25397)
+++ iseq.c	(revision 25398)
@@ -220,7 +220,8 @@
     iseq->filename = filename;
     iseq->line_no = line_no;
     iseq->defined_method_id = 0;
-    iseq->mark_ary = rb_ary_new();
+    iseq->mark_ary = rb_ary_tmp_new(3);
+    OBJ_UNTRUST(iseq->mark_ary);
     RBASIC(iseq->mark_ary)->klass = 0;
 
     iseq->type = type;
@@ -1439,6 +1440,7 @@
     iseq->filename = rb_str_new2(filename);
     iseq->line_no = line_no;
     iseq->mark_ary = rb_ary_tmp_new(3);
+    OBJ_UNTRUST(iseq->mark_ary);
     iseq->self = iseqval;
 
     iseq->iseq = ALLOC_N(VALUE, iseq->iseq_size);
Index: test/ruby/test_regexp.rb
===================================================================
--- test/ruby/test_regexp.rb	(revision 25397)
+++ test/ruby/test_regexp.rb	(revision 25398)
@@ -472,6 +472,10 @@
       /foo/.match("foo")
     end.value
     assert(m.tainted?)
+    assert_nothing_raised('[ruby-core:26137]') {
+      m = proc {$SAFE = 4; /#{}/o}.call
+    }
+    assert(m.tainted?)
   end
 
   def check(re, ss, fs = [])

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/