From 3a6c3a672feeafb46f682b68295dd9a13f5b4725 Mon Sep 17 00:00:00 2001
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 6 Sep 2011 04:15:49 +0000
Subject: * encoding.c (load_encoding): predefined encoding names are safe.  
 [ruby-dev:44469] [Bug #5279] * transcode.c (load_transcoder_entry): ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33201 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 transcode.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'transcode.c')

diff --git a/transcode.c b/transcode.c
index 68ac71755c..482fb6bf17 100644
--- a/transcode.c
+++ b/transcode.c
@@ -370,6 +370,7 @@ load_transcoder_entry(transcoder_entry_t *entry)
         const char *lib = entry->lib;
         size_t len = strlen(lib);
         char path[sizeof(transcoder_lib_prefix) + MAX_TRANSCODER_LIBNAME_LEN];
+        VALUE fn;
 
         entry->lib = NULL;
 
@@ -377,7 +378,10 @@ load_transcoder_entry(transcoder_entry_t *entry)
             return NULL;
         memcpy(path, transcoder_lib_prefix, sizeof(transcoder_lib_prefix) - 1);
         memcpy(path + sizeof(transcoder_lib_prefix) - 1, lib, len + 1);
-        if (!rb_require(path))
+        fn = rb_str_new2(path);
+        FL_UNSET(fn, FL_TAINT|FL_UNTRUSTED);
+        OBJ_FREEZE(fn);
+        if (!rb_require_safe(fn, rb_safe_level()))
             return NULL;
     }
 
-- 
cgit v1.2.3