escape.c: Preserve original state

* ext/cgi/escape/escape.c (preserve_original_state): Preserve original state for tainted and frozen. [Fix GH-1166] [ruby-dev:49451] [Bug #11855] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53233 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2015-12-21 20:40:02 +0000
committer: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2015-12-21 20:40:02 +0000
commit: b32afa58b45d3a2c1535f32033bb404cd7aa9090 (patch)
tree: 8d4e572e45bdb120ed8580f232e794d3cc65d28b /ext/cgi
parent: b64d0d05f6114b5d7e08905ea79167f4ba4d361c (diff)
download: ruby-b32afa58b45d3a2c1535f32033bb404cd7aa9090.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/ext/cgi/escape/escape.c b/ext/cgi/escape/escape.c
index 6fec95af04..939b054ad2 100644
--- a/ext/cgi/escape/escape.c
+++ b/ext/cgi/escape/escape.c
@@ -25,6 +25,14 @@ html_escaped_cat(VALUE str, char c)
     }
 }
 
+static inline void
+preserve_original_state(VALUE orig, VALUE dest)
+{
+    rb_enc_associate(dest, rb_enc_get(orig));
+
+    FL_SET_RAW(dest, FL_TEST_RAW(orig, FL_FREEZE|FL_TAINT));
+}
+
 static VALUE
 optimized_escape_html(VALUE str)
 {
@@ -57,7 +65,7 @@ optimized_escape_html(VALUE str)
 
     if (modified) {
 	rb_str_cat(dest, cstr + beg, len - beg);
-	rb_enc_associate(dest, rb_enc_get(str));
+	preserve_original_state(str, dest);
 	return dest;
     }
     else {
author	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2015-12-21 20:40:02 +0000
committer	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2015-12-21 20:40:02 +0000
commit	b32afa58b45d3a2c1535f32033bb404cd7aa9090 (patch)
tree	8d4e572e45bdb120ed8580f232e794d3cc65d28b /ext/cgi
parent	b64d0d05f6114b5d7e08905ea79167f4ba4d361c (diff)
download	ruby-b32afa58b45d3a2c1535f32033bb404cd7aa9090.tar.gz