merge revision(s) 37594: [Backport #7046]

	* lib/erb.rb (ERB#run, ERB#result): eval under isolated bindings for
	  safe concurrent use.  [ruby-core:47638] [Bug #7046]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_3@38318 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

4 files changed, 25 insertions, 3 deletions

diff --git a/ChangeLog b/ChangeLog
index fd97290b2e..623b00c867 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Tue Dec 11 19:01:45 2012  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* lib/erb.rb (ERB#run, ERB#result): eval under isolated bindings for
+	  safe concurrent use.  [ruby-core:47638] [Bug #7046]
+
 Tue Dec 11 17:53:55 2012  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* compile.c (iseq_compile_each): count flip-flop state in local iseq
diff --git a/lib/erb.rb b/lib/erb.rb
index bb47943a86..8ff8e115ab 100644
--- a/lib/erb.rb
+++ b/lib/erb.rb
@@ -1,3 +1,4 @@
+# -*- coding: us-ascii -*-
 # = ERB -- Ruby Templating
 #
 # Author:: Masatoshi SEKI
@@ -816,7 +817,7 @@ class ERB
   end
 
   # Generate results and print them. (see ERB#result)
-  def run(b=TOPLEVEL_BINDING)
+  def run(b=new_toplevel)
     print self.result(b)
   end
 
@@ -828,7 +829,7 @@ class ERB
   # _b_ accepts a Binding or Proc object which is used to set the context of
   # code evaluation.
   #
-  def result(b=TOPLEVEL_BINDING)
+  def result(b=new_toplevel)
     if @safe_level
       proc {
         $SAFE = @safe_level
@@ -839,6 +840,12 @@ class ERB
     end
   end
 
+  def new_toplevel
+    # New binding each time *near* toplevel for unspecified runs
+    TOPLEVEL_BINDING.dup
+  end
+  private :new_toplevel
+
   # Define _methodname_ as instance method of _mod_ from compiled ruby source.
   #
   # example:
diff --git a/test/erb/test_erb.rb b/test/erb/test_erb.rb
index 05d255623a..6fe59a68b6 100644
--- a/test/erb/test_erb.rb
+++ b/test/erb/test_erb.rb
@@ -1,3 +1,4 @@
+# -*- coding: us-ascii -*-
 require 'test/unit'
 require 'erb'
 
@@ -37,6 +38,15 @@ class TestERB < Test::Unit::TestCase
     }
     assert_match(/\Atest filename:1\b/, e.backtrace[0])
   end
+
+  def test_concurrent_default_binding
+    template1 = 'one <%= ERB.new(template2).result %>'
+
+    eval 'template2 = "two"', TOPLEVEL_BINDING
+
+    bug7046 = '[ruby-core:47638]'
+    assert_equal("one two", ERB.new(template1).result, bug7046)
+  end
 end
 
 class TestERBCore < Test::Unit::TestCase
diff --git a/version.h b/version.h
index 177923131c..5049da8dcd 100644
--- a/version.h
+++ b/version.h
@@ -1,5 +1,5 @@
 #define RUBY_VERSION "1.9.3"
-#define RUBY_PATCHLEVEL 336
+#define RUBY_PATCHLEVEL 337
 
 #define RUBY_RELEASE_DATE "2012-12-11"
 #define RUBY_RELEASE_YEAR 2012