* eval.c (rb_f_eval): can't modify untainted binding.

* regex.c (re_compile_pattern): should preverve p0 value. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_6@1802 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2001-10-30 08:42:21 +00:00 · 2001-10-30 08:42:21 +00:00 · 3ee749b173
commit 3ee749b173
parent 35b21a12c0
4 changed files with 22 additions and 7 deletions
--- a/8
+++ b/8
@ -1,3 +1,11 @@
+Tue Oct 30 14:04:04 2001  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* eval.c (rb_f_eval): can't modify untainted binding.
+
+Mon Oct 29 16:08:30 2001  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* regex.c (re_compile_pattern): should preverve p0 value.
+
 Mon Oct 29 07:57:31 2001  Yukihiro Matsumoto  <matz@ruby-lang.org>

 	* parse.y (str_extend): shuould allow interpolation of $-x.
--- a/eval.c
+++ b/eval.c
@ -4961,6 +4961,9 @@ rb_f_eval(argc, argv, self)

    if (ruby_safe_level >= 4) {
 	Check_Type(src, T_STRING);
+	if (!NIL_P(scope) && !OBJ_TAINTED(scope)) {
+	    rb_raise(rb_eSecurityError, "Insecure: can't modify trusted binding");
+	}
    }
    else {
 	Check_SafeStr(src);
--- a/regex.c
+++ b/regex.c
@ -1544,11 +1544,15 @@ re_compile_pattern(pattern, size, bufp)
 	  case 'M':
 	  case 'C':
 	  case 'c':
-	    p0 = --p;
-	    c = read_special(p, pend, &p0);
-	    if (c > 255) goto invalid_escape;
-	    p = p0;
-	    had_num_literal = 1;
+	    {
+	      char *pp;
+
+	      --p;
+	      c = read_special(p, pend, &pp);
+	      if (c > 255) goto invalid_escape;
+	      p = pp;
+	      had_num_literal = 1;
+	    }
 	    break;

 	  default:
--- a/version.h
+++ b/version.h
@ -1,4 +1,4 @@
 #define RUBY_VERSION "1.6.5"
-#define RUBY_RELEASE_DATE "2001-10-29"
+#define RUBY_RELEASE_DATE "2001-10-30"
 #define RUBY_VERSION_CODE 165
-#define RUBY_RELEASE_CODE 20011029
+#define RUBY_RELEASE_CODE 20011030