diff options
| author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2001-10-30 08:43:28 +0000 |
|---|---|---|
| committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2001-10-30 08:43:28 +0000 |
| commit | 20d323310053fd443ec3bac68515232d391b98a8 (patch) | |
| tree | 04fc0c8f6e436dbe5025298e3d61851252820e27 /eval.c | |
| parent | 9033177cf4b87e1f0d5a4faddfa116e05d818a7a (diff) | |
| download | ruby-20d323310053fd443ec3bac68515232d391b98a8.tar.gz ruby-20d323310053fd443ec3bac68515232d391b98a8.tar.xz ruby-20d323310053fd443ec3bac68515232d391b98a8.zip | |
* string.c (rb_str_chomp_bang): do smart chomp if $/ == '\n'.
* io.c (rb_io_puts): don't treat Array specially.
* bignum.c (rb_big_cmp): should convert bignum to float.
* eval.c (rb_f_eval): can't modify untainted binding.
* regex.c (re_compile_pattern): should preverve p0 value.
git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@1803 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'eval.c')
| -rw-r--r-- | eval.c | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -5052,6 +5052,9 @@ rb_f_eval(argc, argv, self) rb_scan_args(argc, argv, "13", &src, &scope, &vfile, &vline); if (ruby_safe_level >= 4) { StringValue(src); + if (!NIL_P(scope) && !OBJ_TAINTED(scope)) { + rb_raise(rb_eSecurityError, "Insecure: can't modify trusted binding"); + } } else { SafeStringValue(src); |