diff options
author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-12-03 07:02:19 +0000 |
---|---|---|
committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2015-12-03 07:02:19 +0000 |
commit | b887c7c20ab81b50ed7cb8c7db3218c443985d6b (patch) | |
tree | 031095aca3d134a7739d0aee6638990570687884 | |
parent | e2977fc8f36cc25008011698b03fe7b012077101 (diff) | |
download | ruby-b887c7c20ab81b50ed7cb8c7db3218c443985d6b.tar.gz |
string.c: should not taint fstring
* string.c (rb_obj_as_string): fstring should not be infected.
TODO: other frozen strings also may not be.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@52872 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | string.c | 4 | ||||
-rw-r--r-- | test/ruby/test_object.rb | 9 |
3 files changed, 17 insertions, 1 deletions
@@ -1,3 +1,8 @@ +Thu Dec 3 16:02:17 2015 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * string.c (rb_obj_as_string): fstring should not be infected. + TODO: other frozen strings also may not be. + Thu Dec 3 15:39:21 2015 SHIBATA Hiroshi <hsbt@ruby-lang.org> * lib/scanf.rb: fixed double words typo. @@ -1247,7 +1247,9 @@ rb_obj_as_string(VALUE obj) str = rb_funcall(obj, idTo_s, 0); if (!RB_TYPE_P(str, T_STRING)) return rb_any_to_s(obj); - OBJ_INFECT(str, obj); + if (!FL_SET(str, RSTRING_FSTR) && FL_ABLE(obj)) + /* fstring must not be tainted, at least */ + OBJ_INFECT_RAW(str, obj); return str; } diff --git a/test/ruby/test_object.rb b/test/ruby/test_object.rb index a3c71d605c..27f3bd18ce 100644 --- a/test/ruby/test_object.rb +++ b/test/ruby/test_object.rb @@ -755,6 +755,15 @@ class TestObject < Test::Unit::TestCase end EOS assert_match(/\bToS\u{3042}:/, x) + + name = "X".freeze + x = Object.new.taint + class<<x;self;end.class_eval {define_method(:to_s) {name}} + assert_same(name, x.to_s) + assert_not_predicate(name, :tainted?) + assert_raise(RuntimeError) {name.taint} + assert_equal("X", [x].join("")) + assert_not_predicate(name, :tainted?) end def test_inspect |