diff options
| author | shugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2008-08-13 07:25:05 +0000 |
|---|---|---|
| committer | shugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2008-08-13 07:25:05 +0000 |
| commit | bd380f25fd23a0e7b31f72a7cc1e32fc9f522992 (patch) | |
| tree | 5d6a14de43873b9ddaec533051b942cf89c201ce /string.c | |
| parent | a8821182f6f47f451afc330c9d48c4d85825c0b3 (diff) | |
| download | ruby-bd380f25fd23a0e7b31f72a7cc1e32fc9f522992.tar.gz ruby-bd380f25fd23a0e7b31f72a7cc1e32fc9f522992.tar.xz ruby-bd380f25fd23a0e7b31f72a7cc1e32fc9f522992.zip | |
* object.c (rb_obj_untrusted): new method Object#untrusted?.
(rb_obj_untrust): new method Object#untrust.
(rb_obj_trust): new method Object#trust.
* array.c, debug.c, time.c, include/ruby/ruby.h, re.c, variable.c,
string.c, io.c, dir.c, vm_method.c, struct.c, class.c, hash.c,
ruby.c, marshal.c: fixes for Object#untrusted?.
* test/ruby/test_module.rb, test/ruby/test_array.rb,
test/ruby/test_object.rb, test/ruby/test_string.rb,
test/ruby/test_marshal.rb, test/ruby/test_hash.rb: added tests for
Object#untrusted?.
git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@18568 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'string.c')
| -rw-r--r-- | string.c | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -1027,7 +1027,7 @@ str_modifiable(VALUE str) rb_raise(rb_eRuntimeError, "can't modify string; temporarily locked"); } if (OBJ_FROZEN(str)) rb_error_frozen("string"); - if (!OBJ_TAINTED(str) && rb_safe_level() >= 4) + if (!OBJ_UNTRUSTED(str) && rb_safe_level() >= 4) rb_raise(rb_eSecurityError, "Insecure: can't modify string"); } @@ -3170,6 +3170,7 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str) VALUE pat, repl, hash = Qnil; int iter = 0; int tainted = 0; + int untrusted = 0; long plen; if (argc == 1 && rb_block_given_p()) { @@ -3182,6 +3183,7 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str) StringValue(repl); } if (OBJ_TAINTED(repl)) tainted = 1; + if (OBJ_UNTRUSTED(repl)) untrusted = 1; } else { rb_raise(rb_eArgError, "wrong number of arguments (%d for 2)", argc); @@ -3227,6 +3229,7 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str) rb_str_modify(str); rb_enc_associate(str, enc); if (OBJ_TAINTED(repl)) tainted = 1; + if (OBJ_UNTRUSTED(repl)) untrusted = 1; if (ENC_CODERANGE_UNKNOWN < cr && cr < ENC_CODERANGE_BROKEN) { int cr2 = ENC_CODERANGE(repl); if (cr2 == ENC_CODERANGE_UNKNOWN || cr2 > cr) cr = cr2; @@ -3246,6 +3249,7 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str) RSTRING_PTR(str)[RSTRING_LEN(str)] = '\0'; ENC_CODERANGE_SET(str, cr); if (tainted) OBJ_TAINT(str); + if (untrusted) OBJ_UNTRUST(str); return str; } |