nobu	2014-11-26 03:43:47 +0900 (Wed, 26 Nov 2014)

  New Revision: 48570

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=48570

  Log:
    safe.c: preserve encoding
    
    * safe.c (rb_insecure_operation): preserve encoding of the called
      method name in error messages.

  Modified files:
    trunk/safe.c
    trunk/test/ruby/test_file.rb
Index: safe.c
===================================================================
--- safe.c	(revision 48569)
+++ safe.c	(revision 48570)
@@ -110,8 +110,8 @@ rb_insecure_operation(void) https://github.com/ruby/ruby/blob/trunk/safe.c#L110
 {
     ID caller_name = rb_frame_callee();
     if (caller_name) {
-	rb_raise(rb_eSecurityError, "Insecure operation - %s",
-		 rb_id2name(caller_name));
+	rb_raise(rb_eSecurityError, "Insecure operation - %"PRIsVALUE,
+		 rb_id2str(caller_name));
     }
     else {
 	rb_raise(rb_eSecurityError, "Insecure operation: -r");
Index: test/ruby/test_file.rb
===================================================================
--- test/ruby/test_file.rb	(revision 48569)
+++ test/ruby/test_file.rb	(revision 48570)
@@ -390,6 +390,12 @@ class TestFile < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_file.rb#L390
     (0..1).each do |level|
       assert_nothing_raised(SecurityError, bug5374) {in_safe[level]}
     end
+    def (s = Object.new).to_path; "".taint; end
+    m = "\u{691c 67fb}"
+    (c = Class.new(File)).singleton_class.class_eval {alias_method m, :stat}
+    assert_raise_with_message(SecurityError, /#{m}/) {
+      proc {$SAFE = 3; c.__send__(m, s)}.call
+    }
   end
 
   if /(bcc|ms|cyg)win|mingw|emx/ =~ RUBY_PLATFORM

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/