diff options
| author | shugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2008-08-13 07:25:05 +0000 |
|---|---|---|
| committer | shugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2008-08-13 07:25:05 +0000 |
| commit | bd380f25fd23a0e7b31f72a7cc1e32fc9f522992 (patch) | |
| tree | 5d6a14de43873b9ddaec533051b942cf89c201ce /marshal.c | |
| parent | a8821182f6f47f451afc330c9d48c4d85825c0b3 (diff) | |
| download | ruby-bd380f25fd23a0e7b31f72a7cc1e32fc9f522992.tar.gz ruby-bd380f25fd23a0e7b31f72a7cc1e32fc9f522992.tar.xz ruby-bd380f25fd23a0e7b31f72a7cc1e32fc9f522992.zip | |
* object.c (rb_obj_untrusted): new method Object#untrusted?.
(rb_obj_untrust): new method Object#untrust.
(rb_obj_trust): new method Object#trust.
* array.c, debug.c, time.c, include/ruby/ruby.h, re.c, variable.c,
string.c, io.c, dir.c, vm_method.c, struct.c, class.c, hash.c,
ruby.c, marshal.c: fixes for Object#untrusted?.
* test/ruby/test_module.rb, test/ruby/test_array.rb,
test/ruby/test_object.rb, test/ruby/test_string.rb,
test/ruby/test_marshal.rb, test/ruby/test_hash.rb: added tests for
Object#untrusted?.
git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@18568 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'marshal.c')
| -rw-r--r-- | marshal.c | 14 |
1 files changed, 14 insertions, 0 deletions
@@ -137,6 +137,7 @@ struct dump_arg { st_table *symbols; st_table *data; int taint; + int untrust; st_table *compat_tbl; VALUE wrapper; st_table *encodings; @@ -192,6 +193,7 @@ w_nbyte(const char *s, int n, struct dump_arg *arg) rb_str_buf_cat(buf, s, n); if (arg->dest && RSTRING_LEN(buf) >= BUFSIZ) { if (arg->taint) OBJ_TAINT(buf); + if (arg->untrust) OBJ_UNTRUST(buf); rb_io_write(arg->dest, buf); rb_str_resize(buf, 0); } @@ -581,6 +583,7 @@ w_object(VALUE obj, struct dump_arg *arg, int limit) } else { if (OBJ_TAINTED(obj)) arg->taint = Qtrue; + if (OBJ_UNTRUSTED(obj)) arg->untrust = Qtrue; if (rb_respond_to(obj, s_mdump)) { volatile VALUE v; @@ -809,6 +812,9 @@ dump_ensure(struct dump_arg *arg) if (arg->taint) { OBJ_TAINT(arg->str); } + if (arg->untrust) { + OBJ_UNTRUST(arg->str); + } return 0; } @@ -878,6 +884,7 @@ marshal_dump(int argc, VALUE *argv) arg.symbols = st_init_numtable(); arg.data = st_init_numtable(); arg.taint = Qfalse; + arg.untrust = Qfalse; arg.compat_tbl = st_init_numtable(); arg.wrapper = Data_Wrap_Struct(rb_cData, mark_dump_arg, 0, &arg); arg.encodings = 0; @@ -900,6 +907,7 @@ struct load_arg { VALUE data; VALUE proc; int taint; + int untrust; st_table *compat_tbl; VALUE compat_tbl_wrapper; }; @@ -1014,6 +1022,7 @@ r_bytes0(long len, struct load_arg *arg) StringValue(str); if (RSTRING_LEN(str) != len) goto too_short; if (OBJ_TAINTED(str)) arg->taint = Qtrue; + if (OBJ_UNTRUSTED(str)) arg->untrust = Qtrue; } return str; } @@ -1084,6 +1093,11 @@ r_entry(VALUE v, struct load_arg *arg) if ((VALUE)real_obj != Qundef) OBJ_TAINT((VALUE)real_obj); } + if (arg->untrust) { + OBJ_UNTRUST(v); + if ((VALUE)real_obj != Qundef) + OBJ_UNTRUST((VALUE)real_obj); + } return v; } |