* eval.c (rb_load, search_required, rb_require_safe, rb_require): use

frozen shared string to avoid outside modification. [ruby-dev:24580] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@7106 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2004-10-23 15:41:17 +00:00 · 2004-10-23 15:41:17 +00:00 · 3b6dac4e1d
commit 3b6dac4e1d
parent 359ba4eb05
3 changed files with 21 additions and 4 deletions
--- a/7
+++ b/7
@ -1,3 +1,8 @@
 Sun Oct 24 00:41:09 2004  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 	* eval.c (rb_load, search_required, rb_require_safe, rb_require): use
 	  frozen shared string to avoid outside modification.  [ruby-dev:24580]
 Sat Oct 23 00:20:55 2004  Yukihiro Matsumoto  <matz@ruby-lang.org>
 	* ext/zlib/zlib.c (zstream_run): always use zstream_append_input()
@ -10,7 +15,7 @@ Fri Oct 22 12:02:28 2004  Yukihiro Matsumoto  <matz@ruby-lang.org>
 Fri Oct 22 10:36:37 2004  GOTOU Yuuzou  <gotoyuzo@notwork.org>
-	* lib/webrick/httprequest.rb (WEBrick::HTTPRequest#meta_vars): 
+	* lib/webrick/httprequest.rb (WEBrick::HTTPRequest#meta_vars):
 	  should check if path_info is not nil.
 Fri Oct 22 00:22:31 2004  Yukihiro Matsumoto  <matz@ruby-lang.org>
--- a/eval.c
+++ b/eval.c
@ -6444,6 +6444,7 @@ rb_load(fname, wrap)
    else {
 	SafeStringValue(fname);
    }
    fname = rb_str_new4(fname);
    tmp = rb_find_file(fname);
    if (!tmp) {
 	load_failed(fname);
@ -6696,7 +6697,7 @@ search_required(fname, featurep, path)
    char *ext, *ftptr;
    int type;
-    *featurep = fname = rb_str_new4(fname);
+    *featurep = fname;
    *path = 0;
    ext = strrchr(ftptr = RSTRING(fname)->ptr, '.');
    if (ext && !strchr(ext, '/')) {
@ -6710,6 +6711,7 @@ search_required(fname, featurep, path)
 	    tmp = rb_str_new(RSTRING(fname)->ptr, ext-RSTRING(fname)->ptr);
 	    *featurep = tmp;
 #ifdef DLEXT2
 	    OBJ_FREEZE(tmp);
 	    if (rb_find_file_ext(&tmp, loadable_ext+1)) {
 		*featurep = tmp;
 		*path = rb_find_file(tmp);
@ -6717,6 +6719,7 @@ search_required(fname, featurep, path)
 	    }
 #else
 	    rb_str_cat2(tmp, DLEXT);
 	    OBJ_FREEZE(tmp);
 	    if (*path = rb_find_file(tmp)) {
 		return 's';
 	    }
@ -6771,6 +6774,7 @@ rb_require_safe(fname, safe)
 	rb_check_safe_obj(fname);
    }
    StringValue(fname);
    fname = rb_str_new4(fname);
    saved.vmode = scope_vmode;
    saved.node = ruby_current_node;
    saved.func = ruby_frame->last_func;
@ -6841,7 +6845,9 @@ VALUE
 rb_require(fname)
    const char *fname;
 {
-    return rb_require_safe(rb_str_new2(fname), ruby_safe_level);
+    VALUE fn = rb_str_new2(fname);
    OBJ_FREEZE(fn);
    return rb_require_safe(fn, ruby_safe_level);
 }
 static void
--- a/file.c
+++ b/file.c
@ -3936,6 +3936,7 @@ rb_find_file_ext(filep, ext)
 	if (rb_safe_level() >= 2 && OBJ_TAINTED(fname)) {
 	    rb_raise(rb_eSecurityError, "loading from unsafe file %s", f);
 	}
 	OBJ_FREEZE(fname);
 	f = StringValueCStr(fname);
 	*filep = fname;
    }
@ -3944,6 +3945,7 @@ rb_find_file_ext(filep, ext)
 	for (i=0; ext[i]; i++) {
 	    fname = rb_str_dup(*filep);
 	    rb_str_cat2(fname, ext[i]);
 	    OBJ_FREEZE(fname);
 	    if (file_load_ok(StringValueCStr(fname))) {
 		*filep = fname;
 		return i+1;
@ -3964,6 +3966,7 @@ rb_find_file_ext(filep, ext)
 	for (j=0; ext[j]; j++) {
 	    fname = rb_str_dup(*filep);
 	    rb_str_cat2(fname, ext[j]);
 	    OBJ_FREEZE(fname);
 	    found = dln_find_file(StringValueCStr(fname), path);
 	    if (found && file_load_ok(found)) {
 		*filep = fname;
@ -3987,6 +3990,7 @@ rb_find_file(path)
 	if (rb_safe_level() >= 1 && OBJ_TAINTED(path)) {
 	    rb_raise(rb_eSecurityError, "loading from unsafe path %s", f);
 	}
 	OBJ_FREEZE(path);
 	f = StringValueCStr(path);
    }
@ -4045,7 +4049,9 @@ rb_find_file(path)
 	rb_raise(rb_eSecurityError, "loading from unsafe file %s", f);
    }
    if (file_load_ok(f)) {
-	return rb_str_new2(f);
+	tmp = rb_str_new2(f);
 	OBJ_FREEZE(tmp);
 	return tmp;
    }
    return 0;
 }