diff options
author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-07-27 05:42:56 +0000 |
---|---|---|
committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-07-27 05:42:56 +0000 |
commit | 9fbb66610c357cf2396620620f2fa2253939827e (patch) | |
tree | 7d28cf87e8ba832e9431094cae9f76646c436032 | |
parent | c0e478ed75c646aad2b51e25bfc86c663d9cf3ca (diff) |
ruby.c: taint ARGV on Windows
* ruby.c (external_str_new_cstr): strings come from the external
should be tainted. [ruby-dev:50596] [Bug #14941]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@64071 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ruby.c | 4 | ||||
-rw-r--r-- | test/ruby/test_rubyoptions.rb | 7 |
2 files changed, 10 insertions, 1 deletions
@@ -2186,7 +2186,9 @@ external_str_new_cstr(const char *p) { #if UTF8_PATH VALUE str = rb_utf8_str_new_cstr(p); - return str_conv_enc(str, NULL, rb_default_external_encoding()); + str = str_conv_enc(str, NULL, rb_default_external_encoding()); + OBJ_TAINT_RAW(str); + return str; #else return rb_external_str_new_cstr(p); #endif diff --git a/test/ruby/test_rubyoptions.rb b/test/ruby/test_rubyoptions.rb index 2d50adc9aa..0e6a9b8fe3 100644 --- a/test/ruby/test_rubyoptions.rb +++ b/test/ruby/test_rubyoptions.rb @@ -1068,6 +1068,13 @@ class TestRubyOptions < Test::Unit::TestCase assert_in_out_err([IO::NULL], success: true) end + def test_argv_tainted + assert_separately(%w[- arg], "#{<<~"begin;"}\n#{<<~'end;'}") + begin; + assert_predicate(ARGV[0], :tainted?, '[ruby-dev:50596] [Bug #14941]') + end; + end + private def mjit_force_enabled? |