From 4524572f79fcb3167b347e4ab80373d78486b36b Mon Sep 17 00:00:00 2001
From: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Thu, 26 Jun 2008 08:44:59 +0000
Subject: [PATCH] * variable.c (rb_f_trace_var): should not be allowed at safe
 level 4.   a patch from Keita Yamaguchi <keita.yamaguchi@gmail.com>.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@17577 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog  | 5 +++++
 variable.c | 1 +
 2 files changed, 6 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index f677f8cc22..6017976d29 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Thu Jun 26 17:43:41 2008  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* variable.c (rb_f_trace_var): should not be allowed at safe level 4.  
+	  a patch from Keita Yamaguchi <keita.yamaguchi@gmail.com>.
+
 Thu Jun 26 11:04:30 2008  Eric Hodel  <drbrain@segment7.net>
 
 	* lib/rubygems: Update to RubyGems 1.2.0 r1824.  Incorporates patch by
diff --git a/variable.c b/variable.c
index 3185d8a3c6..b5049afae7 100644
--- a/variable.c
+++ b/variable.c
@@ -594,6 +594,7 @@ rb_f_untrace_var(int argc, VALUE *argv)
     struct trace_var *trace;
     st_data_t data;
 
+    rb_secure(4);
     rb_scan_args(argc, argv, "11", &var, &cmd);
     id = rb_to_id(var);
     if (!st_lookup(rb_global_tbl, id, &data)) {