diff options
author | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2010-05-20 06:57:38 +0000 |
---|---|---|
committer | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2010-05-20 06:57:38 +0000 |
commit | a6d4e18284842ec93e91aed228392d51dd1ac966 (patch) | |
tree | d4ed3323b1b090d6e1c62b4a30ab496cec09f553 | |
parent | 5988c787496e104d3552be02841c416f6006f4b6 (diff) |
merge revision(s) 26277:
* eval.c (recursive_push): Taint internal hash to prevent
unexpected SecurityError; fixes #1864.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@27914 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | eval.c | 2 | ||||
-rw-r--r-- | version.h | 2 |
3 files changed, 8 insertions, 1 deletions
@@ -1,3 +1,8 @@ +Thu May 20 15:54:08 2010 Akinori MUSHA <knu@iDaemons.org> + + * eval.c (recursive_push): Taint internal hash to prevent + unexpected SecurityError; fixes #1864. + Thu May 20 15:39:26 2010 Nobuyoshi Nakada <nobu@ruby-lang.org> * io.c (io_fwrite): preserve errno. [ruby-core:27425] @@ -13566,6 +13566,7 @@ recursive_push(hash, obj) sym = ID2SYM(rb_frame_last_func()); if (NIL_P(hash) || TYPE(hash) != T_HASH) { hash = rb_hash_new(); + OBJ_TAINT(hash); rb_thread_local_aset(rb_thread_current(), recursive_key, hash); list = Qnil; } @@ -13574,6 +13575,7 @@ recursive_push(hash, obj) } if (NIL_P(list) || TYPE(list) != T_HASH) { list = rb_hash_new(); + OBJ_TAINT(list); rb_hash_aset(hash, sym, list); } rb_hash_aset(list, obj, Qtrue); @@ -2,7 +2,7 @@ #define RUBY_RELEASE_DATE "2010-05-20" #define RUBY_VERSION_CODE 187 #define RUBY_RELEASE_CODE 20100520 -#define RUBY_PATCHLEVEL 255 +#define RUBY_PATCHLEVEL 256 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 8 |