diff options
author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-09-14 07:25:56 +0000 |
---|---|---|
committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2006-09-14 07:25:56 +0000 |
commit | b6f0af788882c25feacb68184ec0f7c04f52f2c5 (patch) | |
tree | ab726f463981a1effe9690b4b6236cb083b2791f | |
parent | 127ac9f03ed2f3780c78b980dbae621ec43eef44 (diff) |
* string.c (rb_str_intern): raise SecurityError only when $SAFE
level is greater than zero. [ruby-core:08862]
* parse.y (rb_interned_p): new function to check if a string is
already interned.
* object.c (str_to_id): use rb_str_intern().
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@10930 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 10 | ||||
-rw-r--r-- | intern.h | 1 | ||||
-rw-r--r-- | object.c | 10 | ||||
-rw-r--r-- | parse.y | 11 | ||||
-rw-r--r-- | string.c | 2 |
5 files changed, 26 insertions, 8 deletions
@@ -1,3 +1,13 @@ +Thu Sep 14 16:11:15 2006 Yukihiro Matsumoto <matz@ruby-lang.org> + + * string.c (rb_str_intern): raise SecurityError only when $SAFE + level is greater than zero. [ruby-core:08862] + + * parse.y (rb_interned_p): new function to check if a string is + already interned. + + * object.c (str_to_id): use rb_str_intern(). + Wed Sep 13 18:43:05 2006 Yukihiro Matsumoto <matz@ruby-lang.org> * README.EXT: English adjustment. [ruby-core:08851] and @@ -336,6 +336,7 @@ int rb_is_class_id _((ID)); int rb_is_local_id _((ID)); int rb_is_junk_id _((ID)); int rb_symname_p _((const char*)); +int rb_sym_interned_p _((VALUE)); VALUE rb_backref_get _((void)); void rb_backref_set _((VALUE)); VALUE rb_lastline_get _((void)); @@ -1606,13 +1606,9 @@ static ID str_to_id(str) VALUE str; { - if (!RSTRING(str)->ptr || RSTRING(str)->len == 0) { - rb_raise(rb_eArgError, "empty symbol string"); - } - if (RSTRING(str)->len != strlen(RSTRING(str)->ptr)) { - rb_warn("Symbols should not contain NUL (\\0)"); - } - return rb_intern(RSTRING(str)->ptr); + VALUE sym = rb_str_intern(str); + + return SYM2ID(sym); } ID @@ -5991,6 +5991,17 @@ rb_symname_p(name) return *m ? Qfalse : Qtrue; } +int +rb_sym_interned_p(str) + VALUE str; +{ + ID id; + + if (st_lookup(sym_tbl, (st_data_t)RSTRING(str)->ptr, (st_data_t *)&id)) + return Qtrue; + return Qfalse; +} + ID rb_intern(name) const char *name; @@ -4404,7 +4404,7 @@ rb_str_intern(s) } if (strlen(RSTRING(str)->ptr) != RSTRING(str)->len) rb_raise(rb_eArgError, "symbol string may not contain `\\0'"); - if (OBJ_TAINTED(str)) { + if (OBJ_TAINTED(str) && rb_safe_level() >= 1 && !rb_sym_interned_p(str)) { rb_raise(rb_eSecurityError, "Insecure: can't intern tainted string"); } id = rb_intern(RSTRING(str)->ptr); |