diff options
author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-09-14 07:27:14 +0000 |
---|---|---|
committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-09-14 07:27:14 +0000 |
commit | 23d2c8b62426853ad84d8889ae191347680b566e (patch) | |
tree | 3afca06c89da0c6e79da35210e7d623218de1f1a /string.c | |
parent | 803cabaceddb46579270e2470de6ed7bd157e8dc (diff) | |
download | ruby-23d2c8b62426853ad84d8889ae191347680b566e.tar.gz |
* string.c (rb_str_intern): raise SecurityError only when $SAFE
level is greater than zero. [ruby-core:08862]
* parse.y (rb_interned_p): new function to check if a string is
already interned.
* string.c (str_to_id): use rb_str_intern().
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@10932 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'string.c')
-rw-r--r-- | string.c | 8 |
1 files changed, 3 insertions, 5 deletions
@@ -4151,7 +4151,7 @@ rb_str_intern(VALUE s) if (!RSTRING_PTR(str) || RSTRING_LEN(str) == 0) { rb_raise(rb_eArgError, "interning empty string"); } - if (OBJ_TAINTED(str)) { + if (OBJ_TAINTED(str) && rb_safe_level() >= 1 && !rb_sym_interned_p(str)) { rb_raise(rb_eSecurityError, "Insecure: can't intern tainted string"); } id = rb_intern2(RSTRING_PTR(str), RSTRING_LEN(str)); @@ -4556,10 +4556,8 @@ sym_to_proc(VALUE sym) static ID str_to_id(VALUE str) { - if (!RSTRING_PTR(str) || RSTRING_LEN(str) == 0) { - rb_raise(rb_eArgError, "empty symbol string"); - } - return rb_intern2(RSTRING_PTR(str), RSTRING_LEN(str)); + VALUE sym = rb_str_intern(str); + return SYM2ID(sym); } ID |