ruby-changes:22416
From: naruse <ko1@a...>
Date: Wed, 8 Feb 2012 09:40:56 +0900 (JST)
Subject: [ruby-changes:22416] naruse:r34465 (ruby_1_9_3): merge revision(s) 33201,33249,33328: [Backport #5564]
naruse 2012-02-08 09:40:44 +0900 (Wed, 08 Feb 2012) New Revision: 34465 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=34465 Log: merge revision(s) 33201,33249,33328: [Backport #5564] * encoding.c (load_encoding): predefined encoding names are safe. [ruby-dev:44469] [Bug #5279] * transcode.c (load_transcoder_entry): ditto. * encoding.c (require_enc): reject only loading from untrusted load paths. [ruby-dev:44541] [Bug #5279] * transcode.c (load_transcoder_entry): ditto. Modified files: branches/ruby_1_9_3/ChangeLog branches/ruby_1_9_3/encoding.c branches/ruby_1_9_3/test/ruby/test_encoding.rb branches/ruby_1_9_3/transcode.c branches/ruby_1_9_3/version.h Index: ruby_1_9_3/encoding.c =================================================================== --- ruby_1_9_3/encoding.c (revision 34464) +++ ruby_1_9_3/encoding.c (revision 34465) @@ -536,7 +536,8 @@ static VALUE require_enc(VALUE enclib) { - return rb_require_safe(enclib, rb_safe_level()); + int safe = rb_safe_level(); + return rb_require_safe(enclib, safe > 3 ? 3 : safe); } static int Index: ruby_1_9_3/ChangeLog =================================================================== --- ruby_1_9_3/ChangeLog (revision 34464) +++ ruby_1_9_3/ChangeLog (revision 34465) @@ -1,3 +1,17 @@ +Wed Feb 8 09:36:42 2012 Nobuyoshi Nakada <nobu@r...> + + * encoding.c (require_enc): reject only loading from untrusted + load paths. [ruby-dev:44541] [Bug #5279] + + * transcode.c (load_transcoder_entry): ditto. + +Wed Feb 8 09:36:42 2012 Nobuyoshi Nakada <nobu@r...> + + * encoding.c (load_encoding): predefined encoding names are safe. + [ruby-dev:44469] [Bug #5279] + + * transcode.c (load_transcoder_entry): ditto. + Tue Feb 7 14:29:16 2012 Nobuyoshi Nakada <nobu@r...> * st.c (st_foreach): should not yield same pair when checking Index: ruby_1_9_3/version.h =================================================================== --- ruby_1_9_3/version.h (revision 34464) +++ ruby_1_9_3/version.h (revision 34465) @@ -1,10 +1,10 @@ #define RUBY_VERSION "1.9.3" -#define RUBY_PATCHLEVEL 50 +#define RUBY_PATCHLEVEL 51 -#define RUBY_RELEASE_DATE "2012-02-07" +#define RUBY_RELEASE_DATE "2012-02-08" #define RUBY_RELEASE_YEAR 2012 #define RUBY_RELEASE_MONTH 2 -#define RUBY_RELEASE_DAY 7 +#define RUBY_RELEASE_DAY 8 #include "ruby/version.h" Index: ruby_1_9_3/test/ruby/test_encoding.rb =================================================================== --- ruby_1_9_3/test/ruby/test_encoding.rb (revision 34464) +++ ruby_1_9_3/test/ruby/test_encoding.rb (revision 34465) @@ -50,6 +50,9 @@ exit Encoding.find("filesystem") == Encoding::EUC_JP EOS end + + bug5150 = '[ruby-dev:44327]' + assert_raise(TypeError, bug5150) {Encoding.find(1)} end def test_replicate @@ -96,15 +99,4 @@ str2 = Marshal.load(Marshal.dump(str2)) assert_equal(str, str2, '[ruby-dev:38596]') end - - def test_unsafe - bug5279 = '[ruby-dev:44469]' - assert_ruby_status([], '$SAFE=3; "a".encode("utf-16be")', bug5279) - end - - def test_compatible_p - ua = "abc".force_encoding(Encoding::UTF_8) - assert_equal(Encoding::UTF_8, Encoding.compatible?(ua, :abc)) - assert_equal(nil, Encoding.compatible?(ua, 1)) - end end Index: ruby_1_9_3/transcode.c =================================================================== --- ruby_1_9_3/transcode.c (revision 34464) +++ ruby_1_9_3/transcode.c (revision 34465) @@ -369,6 +369,7 @@ size_t len = strlen(lib); char path[sizeof(transcoder_lib_prefix) + MAX_TRANSCODER_LIBNAME_LEN]; VALUE fn; + const int safe = rb_safe_level(); entry->lib = NULL; @@ -379,7 +380,7 @@ fn = rb_str_new2(path); FL_UNSET(fn, FL_TAINT|FL_UNTRUSTED); OBJ_FREEZE(fn); - if (!rb_require_safe(fn, rb_safe_level())) + if (!rb_require_safe(fn, safe > 3 ? 3 : safe)) return NULL; } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/