ruby-changes:55149
From: nobu <ko1@a...>
Date: Thu, 28 Mar 2019 12:46:55 +0900 (JST)
Subject: [ruby-changes:55149] nobu:r67356 (trunk): erb.rb: prohibit marshaling [EXPERIMENTAL]
nobu 2019-03-28 12:46:48 +0900 (Thu, 28 Mar 2019) New Revision: 67356 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=67356 Log: erb.rb: prohibit marshaling [EXPERIMENTAL] Modified files: trunk/lib/erb.rb trunk/test/erb/test_erb.rb Index: test/erb/test_erb.rb =================================================================== --- test/erb/test_erb.rb (revision 67355) +++ test/erb/test_erb.rb (revision 67356) @@ -687,6 +687,19 @@ EOS https://github.com/ruby/ruby/blob/trunk/test/erb/test_erb.rb#L687 end end end + + def test_prohibited_marshal_dump + erb = ERB.new("") + assert_raise(TypeError) {Marshal.dump(erb)} + end + + def test_prohibited_marshal_load + erb = ERB.allocate + erb.instance_variable_set(:@src, "") + erb.instance_variable_set(:@lineno, 1) + erb = Marshal.load(Marshal.dump(erb)) + assert_raise(ArgumentError) {erb.result} + end end class TestERBCoreWOStrScan < TestERBCore Index: lib/erb.rb =================================================================== --- lib/erb.rb (revision 67355) +++ lib/erb.rb (revision 67356) @@ -833,6 +833,7 @@ class ERB https://github.com/ruby/ruby/blob/trunk/lib/erb.rb#L833 @src, @encoding, @frozen_string = *compiler.compile(str) @filename = nil @lineno = 0 + @_init = self.class.singleton_class end NOT_GIVEN = Object.new private_constant :NOT_GIVEN @@ -891,6 +892,9 @@ class ERB https://github.com/ruby/ruby/blob/trunk/lib/erb.rb#L892 # code evaluation. # def result(b=new_toplevel) + unless @_init.equal?(self.class.singleton_class) + raise ArgumentError, "not initialized" + end if @safe_level proc do prev_safe_level = $SAFE -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/