ruby--ruby

Commit Graph

Author	SHA1	Message	Date
matz	9d51cf8a6a	* eval.c (rb_f_require): searches ".rb" and ".so" at the same time. previous behavior (search ".rb", then ".so") has a security risk (ruby-bugs#PR140). * array.c (rb_ary_to_ary): new function to replace internal rb_Array(), which never calls to_a, but to_ary (rb_Array() might call both). [new] * regex.c (PUSH_FAILURE_POINT): push option status again. * regex.c (re_compile_pattern): avoid pushing unnecessary option_set. * eval.c (rb_load): tainted string is OK if wrapped and $SAFE >= 4. * eval.c (rb_thread_start_0): should not nail down higher blocks before preserving original context (i.e. should not alter original context). * eval.c (proc_yield): new method equivalent to Proc#call but no check for number of arguments. [new] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1526 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2001-06-19 04:35:17 +00:00
matz	4cd1cd7201	* ruby.c (proc_options): unexpected SecurityError happens when -T4. * regex.c (re_compile_pattern): * \1 .. \9 should be backreferences always. * regex.c (re_match): backreferences corresponding to unclosed/unmatched parentheses should fail always. * string.c (rb_str_cat): use rb_str_buf_cat() if possible. [new] * string.c (rb_str_append): ditto. * string.c (rb_str_buf_cat): remove unnecessary check (type, taint, modify) to gain performance. * string.c (rb_str_buf_append): ditto. * string.c (rb_str_buf_finish): removed. * string.c (rb_str_buf_new): buffering string function. [new] * string.c (rb_str_buf_append): ditto. * string.c (rb_str_buf_cat): ditto. * string.c (rb_str_buf_finish): ditto. * time.c (make_time_t): local time adjustment revised. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1475 b2dd03c8-39d4-4d8f-98ff-823fe69b080e	2001-05-30 09:10:30 +00:00

Author

SHA1

Message

Date

matz

9d51cf8a6a

* eval.c (rb_f_require): searches ".rb" and ".so" at the same

time.  previous behavior (search ".rb", then ".so") has a
  security risk (ruby-bugs#PR140).

* array.c (rb_ary_to_ary): new function to replace internal
  rb_Array(), which never calls to_a, but to_ary (rb_Array() might
  call both). [new]

* regex.c (PUSH_FAILURE_POINT): push option status again.

* regex.c (re_compile_pattern): avoid pushing unnecessary
  option_set.

* eval.c (rb_load): tainted string is OK if wrapped *and*
  $SAFE >= 4.

* eval.c (rb_thread_start_0): should not nail down higher blocks
  before preserving original context (i.e. should not alter
  original context).

* eval.c (proc_yield): new method equivalent to Proc#call but no
  check for number of arguments. [new]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1526 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

2001-06-19 04:35:17 +00:00

matz

4cd1cd7201

* ruby.c (proc_options): unexpected SecurityError happens when -T4.

* regex.c (re_compile_pattern): * \1 .. \9 should be
  backreferences always.

* regex.c (re_match): backreferences corresponding to
  unclosed/unmatched parentheses should fail always.

* string.c (rb_str_cat): use rb_str_buf_cat() if possible. [new]

* string.c (rb_str_append): ditto.

* string.c (rb_str_buf_cat): remove unnecessary check (type,
  taint, modify) to gain performance.

* string.c (rb_str_buf_append): ditto.

* string.c (rb_str_buf_finish): removed.

* string.c (rb_str_buf_new): buffering string function. [new]

* string.c (rb_str_buf_append): ditto.

* string.c (rb_str_buf_cat): ditto.

* string.c (rb_str_buf_finish): ditto.

* time.c (make_time_t): local time adjustment revised.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1475 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

2001-05-30 09:10:30 +00:00

2 Commits