[前][次][番号順一覧][スレッド一覧]

ruby-changes:40803

From: nobu <ko1@a...>
Date: Fri, 4 Dec 2015 16:48:30 +0900 (JST)
Subject: [ruby-changes:40803] nobu:r52882 (trunk): string.c: should not taint fstring

nobu	2015-12-04 16:48:22 +0900 (Fri, 04 Dec 2015)

  New Revision: 52882

  http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=52882

  Log:
    string.c: should not taint fstring
    
    * string.c (rb_obj_as_string): fstring should not be infected.
      re-apply r52872 and fix a typo.
      TODO: other frozen strings also may not be.

  Modified files:
    trunk/ChangeLog
    trunk/KNOWNBUGS.rb
    trunk/string.c
    trunk/test/ruby/test_object.rb
Index: ChangeLog
===================================================================
--- ChangeLog	(revision 52881)
+++ ChangeLog	(revision 52882)
@@ -1,3 +1,9 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1
+Fri Dec  4 16:48:19 2015  Nobuyoshi Nakada  <nobu@r...>
+
+	* string.c (rb_obj_as_string): fstring should not be infected.
+	  re-apply r52872 and fix a typo.
+	  TODO: other frozen strings also may not be.
+
 Fri Dec  4 15:21:45 2015  SHIBATA Hiroshi  <hsbt@r...>
 
 	* lib/rubygems: Update to RubyGems 2.5.0+ HEAD(fdab4c4).
Index: string.c
===================================================================
--- string.c	(revision 52881)
+++ string.c	(revision 52882)
@@ -1247,7 +1247,9 @@ rb_obj_as_string(VALUE obj) https://github.com/ruby/ruby/blob/trunk/string.c#L1247
     str = rb_funcall(obj, idTo_s, 0);
     if (!RB_TYPE_P(str, T_STRING))
 	return rb_any_to_s(obj);
-    OBJ_INFECT(str, obj);
+    if (!FL_TEST_RAW(str, RSTRING_FSTR) && FL_ABLE(obj))
+	/* fstring must not be tainted, at least */
+	OBJ_INFECT_RAW(str, obj);
     return str;
 }
 
Index: KNOWNBUGS.rb
===================================================================
--- KNOWNBUGS.rb	(revision 52881)
+++ KNOWNBUGS.rb	(revision 52882)
@@ -3,12 +3,3 @@ https://github.com/ruby/ruby/blob/trunk/KNOWNBUGS.rb#L3
 # So all tests will cause failure.
 #
 
-assert_equal 'false', %q{
-  x = Object.new.taint
-  class << x
-    def to_s; "foo".freeze; end
-  end
-  x.taint
-  [x].join("")
-  eval '"foo".freeze.tainted?'
-}
Index: test/ruby/test_object.rb
===================================================================
--- test/ruby/test_object.rb	(revision 52881)
+++ test/ruby/test_object.rb	(revision 52882)
@@ -755,6 +755,16 @@ class TestObject < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_object.rb#L755
       end
     EOS
     assert_match(/\bToS\u{3042}:/, x)
+
+    name = "X".freeze
+    x = Object.new.taint
+    class<<x;self;end.class_eval {define_method(:to_s) {name}}
+    assert_same(name, x.to_s)
+    assert_not_predicate(name, :tainted?)
+    assert_raise(RuntimeError) {name.taint}
+    assert_equal("X", [x].join(""))
+    assert_not_predicate(name, :tainted?)
+    assert_not_predicate(eval('"X".freeze'), :tainted?)
   end
 
   def test_inspect

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]