diff options
author | normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-07-18 02:29:59 +0000 |
---|---|---|
committer | normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-07-18 02:29:59 +0000 |
commit | 5ec93b19bbbadfaffdd47f24d9540c78510abcd9 (patch) | |
tree | 187b42aea525bc09a90e51111c161aee5cc0043f /vm.c | |
parent | 593ea147056ba709ca5ea168d375dffc5695895a (diff) | |
download | ruby-5ec93b19bbbadfaffdd47f24d9540c78510abcd9.tar.gz |
hash: keep fstrings of tainted strings for string keys
The same hash keys may be loaded from tainted data sources
frequently (e.g. parsing headers from socket or loading
YAML data from a file). If a non-tainted fstring already
exists (because the application expects the hash key),
cache and deduplicate the tainted version in the new
tainted_frozen_strings table.
For non-embedded strings, this also allows sharing with the
underlying malloc-ed data.
* vm_core.h (rb_vm_struct): add tainted_frozen_strings
* vm.c (ruby_vm_destruct): free tainted_frozen_strings
(Init_vm_objects): initialize tainted_frozen_strings
(rb_vm_tfstring_table): accessor for tainted_frozen_strings
* internal.h: declare rb_fstring_existing, rb_vm_tfstring_table
* hash.c (fstring_existing_str): remove (moved to string.c)
(hash_aset_str): use rb_fstring_existing
* string.c (rb_fstring_existing): new, based on fstring_existing_str
(tainted_fstr_update): new
(rb_fstring_existing0): new, based on fstring_existing_str
(rb_tainted_fstring_existing): new, special case for tainted strings
(rb_str_free): delete from tainted_frozen_strings table
* test/ruby/test_optimization.rb (test_hash_reuse_fstring): new test
[ruby-core:82012] [Bug #13737]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@59354 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'vm.c')
-rw-r--r-- | vm.c | 12 |
1 files changed, 12 insertions, 0 deletions
@@ -2206,6 +2206,10 @@ ruby_vm_destruct(rb_vm_t *vm) st_free_table(vm->frozen_strings); vm->frozen_strings = 0; } + if (vm->tainted_frozen_strings) { + st_free_table(vm->tainted_frozen_strings); + vm->tainted_frozen_strings = 0; + } rb_vm_gvl_destroy(vm); if (objspace) { rb_objspace_free(objspace); @@ -3142,6 +3146,8 @@ Init_vm_objects(void) vm->mark_object_ary = rb_ary_tmp_new(128); vm->loading_table = st_init_strtable(); vm->frozen_strings = st_init_table_with_size(&rb_fstring_hash_type, 1000); + vm->tainted_frozen_strings = + st_init_table_with_size(&rb_fstring_hash_type, 1000); } /* top self */ @@ -3203,6 +3209,12 @@ rb_vm_fstring_table(void) return GET_VM()->frozen_strings; } +st_table * +rb_vm_tfstring_table(void) +{ + return GET_VM()->tainted_frozen_strings; +} + #if VM_COLLECT_USAGE_DETAILS #define HASH_ASET(h, k, v) rb_hash_aset((h), (st_data_t)(k), (st_data_t)(v)) |