summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authormrkn <mrkn@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2012-12-02 15:09:49 +0000
committermrkn <mrkn@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2012-12-02 15:09:49 +0000
commit1fec21fe601c60c347d03dbd8f9ad83b0db677a4 (patch)
tree810c516b5d1875764b68c3fd07f559efb0a23c2f
parentc1e6052bfec1e621c3d2eda598b7f69270e176b8 (diff)
* ext/bigdecimal/bigdecimal.c (BigDecimal_new): stop checking string
taintness. [Bug #5508] [ruby-core:40510] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38147 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r--ChangeLog7
-rw-r--r--ext/bigdecimal/bigdecimal.c1
-rw-r--r--test/bigdecimal/test_bigdecimal.rb14
3 files changed, 20 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 2529ad0afd6..d803c65ef5d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,11 @@
+Sun Dec 3 00:06:00 2012 Kenta Murata <mrkn@mrkn.jp>
+
+ * ext/bigdecimal/bigdecimal.c (BigDecimal_new): stop checking string
+ taintness. [Bug #5508] [ruby-core:40510]
+
Sun Dec 2 19:26:47 2012 Masaya Tarui <tarui@ruby-lang.org>
- * thread.c (RB_GC_SAVE_MACHINE_CONTEXT, rb_gc_save_machine_context):
+ * thread.c (RB_GC_SAVE_MACHINE_CONTEXT, rb_gc_save_machine_context):
extract rb_gc_save_machine_context to RB_GC_SAVE_MACHINE_CONTEXT.
NOTE: machine_regs and machine_stack_end must be set in current scope.
diff --git a/ext/bigdecimal/bigdecimal.c b/ext/bigdecimal/bigdecimal.c
index fa32c99282f..1435c03eb08 100644
--- a/ext/bigdecimal/bigdecimal.c
+++ b/ext/bigdecimal/bigdecimal.c
@@ -2403,7 +2403,6 @@ BigDecimal_new(int argc, VALUE *argv)
break;
}
StringValueCStr(iniValue);
- rb_check_safe_obj(iniValue);
return VpAlloc(mf, RSTRING_PTR(iniValue));
}
diff --git a/test/bigdecimal/test_bigdecimal.rb b/test/bigdecimal/test_bigdecimal.rb
index ed4a1d40abf..a06adb13566 100644
--- a/test/bigdecimal/test_bigdecimal.rb
+++ b/test/bigdecimal/test_bigdecimal.rb
@@ -100,6 +100,13 @@ class TestBigDecimal < Test::Unit::TestCase
end
end
+ def test_global_new_with_tainted_string
+ Thread.new {
+ $SAFE = 1
+ BigDecimal('1'.taint)
+ }.join
+ end
+
def test_new
assert_equal(1, BigDecimal.new("1"))
assert_equal(1, BigDecimal.new("1", 1))
@@ -150,6 +157,13 @@ class TestBigDecimal < Test::Unit::TestCase
end
end
+ def test_new_with_tainted_string
+ Thread.new {
+ $SAFE = 1
+ BigDecimal.new('1'.taint)
+ }.join
+ end
+
def _test_mode(type)
BigDecimal.mode(type, true)
assert_raise(FloatDomainError) { yield }