From b38b26c62dc12da1d4fcee39de0c0cad598f5995 Mon Sep 17 00:00:00 2001 From: Jeremy Evans Date: Fri, 18 Oct 2019 11:44:47 -0700 Subject: [PATCH] [ruby/bigdecimal] Remove taint checking This removes the taint checking. Taint support is deprecated in Ruby 2.7 and has no effect. I don't think removing the taint checks in earlier ruby versions will cause any problems. https://github.com/ruby/bigdecimal/commit/1918d466f3 --- ext/bigdecimal/bigdecimal.c | 3 --- test/bigdecimal/test_bigdecimal.rb | 9 --------- 2 files changed, 12 deletions(-) diff --git a/ext/bigdecimal/bigdecimal.c b/ext/bigdecimal/bigdecimal.c index b2354038ac..7ac883730d 100644 --- a/ext/bigdecimal/bigdecimal.c +++ b/ext/bigdecimal/bigdecimal.c @@ -276,7 +276,6 @@ again: #ifdef ENABLE_NUMERIC_STRING case T_STRING: StringValueCStr(v); - rb_check_safe_obj(v); return VpCreateRbObject(RSTRING_LEN(v) + VpBaseFig() + 1, RSTRING_PTR(v)); #endif /* ENABLE_NUMERIC_STRING */ @@ -418,7 +417,6 @@ BigDecimal_load(VALUE self, VALUE str) unsigned long m=0; pch = (unsigned char *)StringValueCStr(str); - rb_check_safe_obj(str); /* First get max prec */ while((*pch) != (unsigned char)'\0' && (ch = *pch++) != (unsigned char)':') { if(!ISDIGIT(ch)) { @@ -2030,7 +2028,6 @@ BigDecimal_to_s(int argc, VALUE *argv, VALUE self) if (rb_scan_args(argc, argv, "01", &f) == 1) { if (RB_TYPE_P(f, T_STRING)) { psz = StringValueCStr(f); - rb_check_safe_obj(f); if (*psz == ' ') { fPlus = 1; psz++; diff --git a/test/bigdecimal/test_bigdecimal.rb b/test/bigdecimal/test_bigdecimal.rb index f6ef88e3f5..dff390b0cc 100644 --- a/test/bigdecimal/test_bigdecimal.rb +++ b/test/bigdecimal/test_bigdecimal.rb @@ -155,15 +155,6 @@ class TestBigDecimal < Test::Unit::TestCase end end - def test_BigDecimal_with_tainted_string - Thread.new { - $SAFE = 1 - BigDecimal('1'.taint) - }.join - ensure - $SAFE = 0 - end - def test_BigDecimal_with_exception_keyword assert_raise(ArgumentError) { BigDecimal('.', exception: true)