* ext/bigdecimal/bigdecimal.c (BigDecimal_new): stop checking string

taintness. [Bug #5508] [ruby-core:40510] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38147 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: mrkn <mrkn@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2012-12-02 15:09:49 +0000
committer: mrkn <mrkn@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2012-12-02 15:09:49 +0000
commit: 1fec21fe601c60c347d03dbd8f9ad83b0db677a4 (patch)
tree: 810c516b5d1875764b68c3fd07f559efb0a23c2f
parent: c1e6052bfec1e621c3d2eda598b7f69270e176b8 (diff)
3 files changed, 20 insertions, 2 deletions
diff --git a/ChangeLog b/ChangeLog
index 2529ad0afd..d803c65ef5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,11 @@
+Sun Dec  3 00:06:00 2012  Kenta Murata  <mrkn@mrkn.jp>
+
+	* ext/bigdecimal/bigdecimal.c (BigDecimal_new): stop checking string
+	  taintness.  [Bug #5508] [ruby-core:40510]
+
 Sun Dec  2 19:26:47 2012  Masaya Tarui  <tarui@ruby-lang.org>
 
-        * thread.c (RB_GC_SAVE_MACHINE_CONTEXT, rb_gc_save_machine_context): 
+	* thread.c (RB_GC_SAVE_MACHINE_CONTEXT, rb_gc_save_machine_context): 
 	  extract rb_gc_save_machine_context to RB_GC_SAVE_MACHINE_CONTEXT.
 	  NOTE: machine_regs and machine_stack_end must be set in current scope.
 
diff --git a/ext/bigdecimal/bigdecimal.c b/ext/bigdecimal/bigdecimal.c
index fa32c99282..1435c03eb0 100644
--- a/ext/bigdecimal/bigdecimal.c
+++ b/ext/bigdecimal/bigdecimal.c
@@ -2403,7 +2403,6 @@ BigDecimal_new(int argc, VALUE *argv)
 	break;
     }
     StringValueCStr(iniValue);
-    rb_check_safe_obj(iniValue);
     return VpAlloc(mf, RSTRING_PTR(iniValue));
 }
 
diff --git a/test/bigdecimal/test_bigdecimal.rb b/test/bigdecimal/test_bigdecimal.rb
index ed4a1d40ab..a06adb1356 100644
--- a/test/bigdecimal/test_bigdecimal.rb
+++ b/test/bigdecimal/test_bigdecimal.rb
@@ -100,6 +100,13 @@ class TestBigDecimal < Test::Unit::TestCase
     end
   end
 
+  def test_global_new_with_tainted_string
+    Thread.new {
+      $SAFE = 1
+      BigDecimal('1'.taint)
+    }.join
+  end
+
   def test_new
     assert_equal(1, BigDecimal.new("1"))
     assert_equal(1, BigDecimal.new("1", 1))
@@ -150,6 +157,13 @@ class TestBigDecimal < Test::Unit::TestCase
     end
   end
 
+  def test_new_with_tainted_string
+    Thread.new {
+      $SAFE = 1
+      BigDecimal.new('1'.taint)
+    }.join
+  end
+
   def _test_mode(type)
     BigDecimal.mode(type, true)
     assert_raise(FloatDomainError) { yield }
author	mrkn <mrkn@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2012-12-02 15:09:49 +0000
committer	mrkn <mrkn@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2012-12-02 15:09:49 +0000
commit	1fec21fe601c60c347d03dbd8f9ad83b0db677a4 (patch)
tree	810c516b5d1875764b68c3fd07f559efb0a23c2f
parent	c1e6052bfec1e621c3d2eda598b7f69270e176b8 (diff)