diff options
author | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2023-05-10 15:02:29 +0900 |
---|---|---|
committer | Hiroshi SHIBATA <hsbt@ruby-lang.org> | 2023-05-10 15:02:29 +0900 |
commit | 0ef6e718d9774484cd66cad5447d61ee985d8680 (patch) | |
tree | 2d6045f5e387c75676e436dc206408c68ab68c61 /lib | |
parent | 9ed189e9aa4e1b1852b18ad01def9c738238299b (diff) | |
download | ruby-0ef6e718d9774484cd66cad5447d61ee985d8680.tar.gz |
Merge https://github.com/rubygems/rubygems/pull/6655 manually.
Diffstat (limited to 'lib')
-rw-r--r-- | lib/bundler.rb | 13 | ||||
-rw-r--r-- | lib/bundler/safe_marshal.rb | 31 |
2 files changed, 33 insertions, 11 deletions
diff --git a/lib/bundler.rb b/lib/bundler.rb index 9e6a91c188..69370e81a7 100644 --- a/lib/bundler.rb +++ b/lib/bundler.rb @@ -39,16 +39,6 @@ module Bundler environment_preserver.replace_with_backup SUDO_MUTEX = Thread::Mutex.new - SAFE_MARSHAL_CLASSES = [Symbol, TrueClass, String, Array, Hash, Gem::Version, Gem::Specification].freeze - SAFE_MARSHAL_ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed." - SAFE_MARSHAL_PROC = proc do |object| - object.tap do - unless SAFE_MARSHAL_CLASSES.include?(object.class) - raise TypeError, format(SAFE_MARSHAL_ERROR, object.class, SAFE_MARSHAL_CLASSES.join(", ")) - end - end - end - autoload :Definition, File.expand_path("bundler/definition", __dir__) autoload :Dependency, File.expand_path("bundler/dependency", __dir__) autoload :Deprecate, File.expand_path("bundler/deprecate", __dir__) @@ -86,6 +76,7 @@ module Bundler autoload :UI, File.expand_path("bundler/ui", __dir__) autoload :URICredentialsFilter, File.expand_path("bundler/uri_credentials_filter", __dir__) autoload :URINormalizer, File.expand_path("bundler/uri_normalizer", __dir__) + autoload :SafeMarshal, File.expand_path("bundler/safe_marshal", __dir__) class << self def configure @@ -523,7 +514,7 @@ EOF end def safe_load_marshal(data) - load_marshal(data, :marshal_proc => SAFE_MARSHAL_PROC) + load_marshal(data, :marshal_proc => SafeMarshal.proc) end def load_gemspec(file, validate = false) diff --git a/lib/bundler/safe_marshal.rb b/lib/bundler/safe_marshal.rb new file mode 100644 index 0000000000..50aa0f60a6 --- /dev/null +++ b/lib/bundler/safe_marshal.rb @@ -0,0 +1,31 @@ +# frozen_string_literal: true + +module Bundler + module SafeMarshal + ALLOWED_CLASSES = [ + Array, + FalseClass, + Gem::Specification, + Gem::Version, + Hash, + String, + Symbol, + Time, + TrueClass, + ].freeze + + ERROR = "Unexpected class %s present in marshaled data. Only %s are allowed." + + PROC = proc do |object| + object.tap do + unless ALLOWED_CLASSES.include?(object.class) + raise TypeError, format(ERROR, object.class, ALLOWED_CLASSES.join(", ")) + end + end + end + + def self.proc + PROC + end + end +end |