ruby-changes:49264
From: naruse <ko1@a...>
Date: Thu, 21 Dec 2017 14:18:00 +0900 (JST)
Subject: [ruby-changes:49264] naruse:r61381 (trunk): Don't allow mixed escape
naruse 2017-12-21 14:09:17 +0900 (Thu, 21 Dec 2017) New Revision: 61381 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=61381 Log: Don't allow mixed escape Modified files: trunk/string.c trunk/test/ruby/test_string.rb Index: string.c =================================================================== --- string.c (revision 61380) +++ string.c (revision 61381) @@ -6107,7 +6107,7 @@ unescape_ascii(unsigned int c) https://github.com/ruby/ruby/blob/trunk/string.c#L6107 } static void -undump_after_backslash(VALUE undumped, const char **ss, const char *s_end, rb_encoding **penc, bool *utf8) +undump_after_backslash(VALUE undumped, const char **ss, const char *s_end, rb_encoding **penc, bool *utf8, bool *binary) { const char *s = *ss; unsigned int c; @@ -6136,6 +6136,9 @@ undump_after_backslash(VALUE undumped, c https://github.com/ruby/ruby/blob/trunk/string.c#L6136 s++; break; case 'u': + if (*binary) { + rb_raise(rb_eRuntimeError, "hex escape and Unicode escape are mixed"); + } *utf8 = true; if (++s >= s_end) { rb_raise(rb_eRuntimeError, "invalid Unicode escape"); @@ -6188,6 +6191,10 @@ undump_after_backslash(VALUE undumped, c https://github.com/ruby/ruby/blob/trunk/string.c#L6191 } break; case 'x': + if (*utf8) { + rb_raise(rb_eRuntimeError, "hex escape and Unicode escape are mixed"); + } + *binary = true; if (++s >= s_end) { rb_raise(rb_eRuntimeError, "invalid hex escape"); } @@ -6226,6 +6233,7 @@ str_undump(VALUE str) https://github.com/ruby/ruby/blob/trunk/string.c#L6233 rb_encoding *enc = rb_enc_get(str); VALUE undumped = rb_enc_str_new(s, 0L, enc); bool utf8 = false; + bool binary = false; int w; rb_must_asciicompat(str); @@ -6296,7 +6304,7 @@ str_undump(VALUE str) https://github.com/ruby/ruby/blob/trunk/string.c#L6304 if (s >= s_end) { rb_raise(rb_eRuntimeError, "invalid escape"); } - undump_after_backslash(undumped, &s, s_end, &enc, &utf8); + undump_after_backslash(undumped, &s, s_end, &enc, &utf8, &binary); } else { rb_str_cat(undumped, s++, 1); Index: test/ruby/test_string.rb =================================================================== --- test/ruby/test_string.rb (revision 61380) +++ test/ruby/test_string.rb (revision 61381) @@ -784,6 +784,8 @@ CODE https://github.com/ruby/ruby/blob/trunk/test/ruby/test_string.rb#L784 assert_equal('\#{', '"\\\\\#{"'.undump) assert_raise(RuntimeError) { S('\u3042').undump } + assert_raise(RuntimeError) { S('"\x82\xA0\u3042"'.force_encoding("SJIS")).undump } + assert_raise(RuntimeError) { S('"\u3042\x82\xA0"'.force_encoding("SJIS")).undump } assert_raise(RuntimeError) { S('"".force_encoding()').undump } assert_raise(RuntimeError) { S('"".force_encoding("').undump } assert_raise(RuntimeError) { S('"".force_encoding("UNKNOWN")').undump } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/