diff options
Diffstat (limited to 'ext/syck/rubyext.c')
| -rw-r--r-- | ext/syck/rubyext.c | 44 |
1 files changed, 14 insertions, 30 deletions
diff --git a/ext/syck/rubyext.c b/ext/syck/rubyext.c index 1e6030b4b..ec54ef831 100644 --- a/ext/syck/rubyext.c +++ b/ext/syck/rubyext.c @@ -68,6 +68,7 @@ void rb_syck_output_handler _((SyckEmitter *, char *, long)); struct parser_xtra { VALUE data; /* Borrowed this idea from marshal.c to fix [ruby-core:8067] problem */ VALUE proc; + int taint; }; /* @@ -103,31 +104,29 @@ rb_syck_io_str_read( char *buf, SyckIoStr *str, long max_size, long skip ) /* * determine: are we reading from a string or io? + * (returns tainted? boolean) */ -void +int syck_parser_assign_io(parser, port) SyckParser *parser; VALUE port; { + int taint = Qtrue; if (rb_respond_to(port, rb_intern("to_str"))) { -#if 0 - arg.taint = OBJ_TAINTED(port); /* original taintedness */ + taint = OBJ_TAINTED(port); /* original taintedness */ StringValue(port); /* possible conversion */ -#endif syck_parser_str( parser, RSTRING(port)->ptr, RSTRING(port)->len, NULL ); } else if (rb_respond_to(port, s_read)) { if (rb_respond_to(port, s_binmode)) { rb_funcall2(port, s_binmode, 0, 0); } -#if 0 - arg.taint = Qfalse; -#endif syck_parser_str( parser, (char *)port, 0, rb_syck_io_str_read ); } else { rb_raise(rb_eTypeError, "instance of IO needed"); } + return taint; } /* @@ -283,10 +282,8 @@ rb_syck_parse_handler(p, n) } bonus = (struct parser_xtra *)p->bonus; - if ( bonus->proc != 0 ) - { - rb_funcall(bonus->proc, s_call, 1, v); - } + if ( bonus->taint) OBJ_TAINT( obj ); + if ( bonus->proc != 0 ) rb_funcall(bonus->proc, s_call, 1, v); rb_iv_set(obj, "@value", v); rb_hash_aset(bonus->data, INT2FIX(RHASH(bonus->data)->tbl->num_entries), obj); @@ -481,10 +478,8 @@ rb_syck_load_handler(p, n) } bonus = (struct parser_xtra *)p->bonus; - if ( bonus->proc != 0 ) - { - rb_funcall(bonus->proc, s_call, 1, obj); - } + if ( bonus->taint) OBJ_TAINT( obj ); + if ( bonus->proc != 0 ) rb_funcall(bonus->proc, s_call, 1, obj); if ( check_transfers == 1 && n->type_id != NULL ) { @@ -617,11 +612,11 @@ syck_parser_load(argc, argv, self) rb_scan_args(argc, argv, "11", &port, &proc); Data_Get_Struct(self, SyckParser, parser); - syck_parser_assign_io(parser, port); model = rb_hash_aref( rb_iv_get( self, "@options" ), sym_model ); syck_set_model( parser, model ); + bonus.taint = syck_parser_assign_io(parser, port); bonus.data = hash = rb_hash_new(); if ( NIL_P( proc ) ) bonus.proc = 0; else bonus.proc = proc; @@ -647,11 +642,11 @@ syck_parser_load_documents(argc, argv, self) rb_scan_args(argc, argv, "1&", &port, &proc); Data_Get_Struct(self, SyckParser, parser); - syck_parser_assign_io(parser, port); model = rb_hash_aref( rb_iv_get( self, "@options" ), sym_model ); syck_set_model( parser, model ); + bonus.taint = syck_parser_assign_io(parser, port); while ( 1 ) { /* Reset hash for tracking nodes */ @@ -822,10 +817,6 @@ syck_loader_transfer( self, type, val ) { char *taguri = NULL; -#if 0 - rb_p(rb_str_new2( "-- TYPE --" )); - rb_p(type); -#endif if (NIL_P(type) || !RSTRING(type)->ptr || RSTRING(type)->len == 0) { /* @@ -849,9 +840,6 @@ syck_loader_transfer( self, type, val ) VALUE str_taguri = rb_str_new2("taguri"); VALUE str_xprivate = rb_str_new2("x-private"); VALUE parts = rb_str_split( type_uri, ":" ); -#if 0 - rb_p(parts); -#endif scheme = rb_ary_shift( parts ); @@ -884,10 +872,6 @@ syck_loader_transfer( self, type, val ) name = rb_ary_shift( col ); type_proc = rb_ary_shift( col ); } -#if 0 - rb_p(name); - rb_p(type_proc); -#endif } if ( rb_respond_to( type_proc, s_call ) ) @@ -1108,7 +1092,7 @@ syck_emitter_write_m( self, str ) { SyckEmitter *emitter; - Data_Get_Struct(self, SyckEmitter, emitter); + Data_Get_Struct(self, SyckEmitter, emitter); syck_emitter_write( emitter, RSTRING(str)->ptr, RSTRING(str)->len ); return self; } @@ -1122,7 +1106,7 @@ syck_emitter_simple_write( self, str ) { SyckEmitter *emitter; - Data_Get_Struct(self, SyckEmitter, emitter); + Data_Get_Struct(self, SyckEmitter, emitter); syck_emitter_simple( emitter, RSTRING(str)->ptr, RSTRING(str)->len ); return self; } |