kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

* encoding.c (load_encoding): predefined encoding names are safe.

Browse source 
[ruby-dev:44469] [Bug #5279]
* transcode.c (load_transcoder_entry): ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33201 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu 2011-09-06 04:15:49 +00:00
parent a1c5ebe787
commit 3a6c3a672f
4 changed files with 18 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
ChangeLog
View file

@ -1,3 +1,10 @@
Tue Sep 6 13:15:44 2011 Nobuyoshi Nakada <nobu@ruby-lang.org>
* encoding.c (load_encoding): predefined encoding names are safe.
[ruby-dev:44469] [Bug #5279]
* transcode.c (load_transcoder_entry): ditto.
Tue Sep 6 12:07:10 2011 Nobuyoshi Nakada <nobu@ruby-lang.org>
* transcode.c: enabled econv newline option.

1
encoding.c
View file

@ -561,6 +561,7 @@ load_encoding(const char *name)
else if (ISUPPER(*s)) *s = TOLOWER(*s);
++s;
}
FL_UNSET(enclib, FL_TAINT|FL_UNTRUSTED);
OBJ_FREEZE(enclib);
ruby_verbose = Qfalse;
ruby_debug = Qfalse;

5
test/ruby/test_encoding.rb
View file

@ -99,4 +99,9 @@ class TestEncoding < Test::Unit::TestCase
str2 = Marshal.load(Marshal.dump(str2))
assert_equal(str, str2, '[ruby-dev:38596]')
end
def test_unsafe
bug5279 = '[ruby-dev:44469]'
assert_ruby_status([], '$SAFE=3; "a".encode("utf-16be")', bug5279)
end
end

6
transcode.c
View file

@ -370,6 +370,7 @@ load_transcoder_entry(transcoder_entry_t *entry)
const char *lib = entry->lib;
size_t len = strlen(lib);
char path[sizeof(transcoder_lib_prefix) + MAX_TRANSCODER_LIBNAME_LEN];
VALUE fn;
entry->lib = NULL;
@ -377,7 +378,10 @@ load_transcoder_entry(transcoder_entry_t *entry)
return NULL;
memcpy(path, transcoder_lib_prefix, sizeof(transcoder_lib_prefix) - 1);
memcpy(path + sizeof(transcoder_lib_prefix) - 1, lib, len + 1);
if (!rb_require(path))
fn = rb_str_new2(path);
FL_UNSET(fn, FL_TAINT|FL_UNTRUSTED);
OBJ_FREEZE(fn);
if (!rb_require_safe(fn, rb_safe_level()))
return NULL;
}