* string.c (rb_str_intern): raise SecurityError only when $SAFE

level is greater than zero. [ruby-core:08862] * parse.y (rb_interned_p): new function to check if a string is already interned. * object.c (str_to_id): use rb_str_intern(). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@10930 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2006-09-14 07:25:56 +0000
committer: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2006-09-14 07:25:56 +0000
commit: b6f0af788882c25feacb68184ec0f7c04f52f2c5 (patch)
tree: ab726f463981a1effe9690b4b6236cb083b2791f
parent: 127ac9f03ed2f3780c78b980dbae621ec43eef44 (diff)
5 files changed, 26 insertions, 8 deletions
diff --git a/ChangeLog b/ChangeLog
index 54e077b1d7..e73f0b32af 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+Thu Sep 14 16:11:15 2006  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* string.c (rb_str_intern): raise SecurityError only when $SAFE
+	  level is greater than zero.  [ruby-core:08862]
+
+	* parse.y (rb_interned_p): new function to check if a string is
+	  already interned.
+
+	* object.c (str_to_id): use rb_str_intern().
+
 Wed Sep 13 18:43:05 2006  Yukihiro Matsumoto  <matz@ruby-lang.org>
 
 	* README.EXT: English adjustment.  [ruby-core:08851] and
diff --git a/intern.h b/intern.h
index cc39169073..33a81ebe6e 100644
--- a/intern.h
+++ b/intern.h
@@ -336,6 +336,7 @@ int rb_is_class_id _((ID));
 int rb_is_local_id _((ID));
 int rb_is_junk_id _((ID));
 int rb_symname_p _((const char*));
+int rb_sym_interned_p _((VALUE));
 VALUE rb_backref_get _((void));
 void rb_backref_set _((VALUE));
 VALUE rb_lastline_get _((void));
diff --git a/object.c b/object.c
index 1c0a03b19a..d66e24e6de 100644
--- a/object.c
+++ b/object.c
@@ -1606,13 +1606,9 @@ static ID
 str_to_id(str)
     VALUE str;
 {
-    if (!RSTRING(str)->ptr || RSTRING(str)->len == 0) {
-	rb_raise(rb_eArgError, "empty symbol string");
-    }
-    if (RSTRING(str)->len != strlen(RSTRING(str)->ptr)) {
-	rb_warn("Symbols should not contain NUL (\\0)");
-    }
-    return rb_intern(RSTRING(str)->ptr);
+    VALUE sym = rb_str_intern(str);
+
+    return SYM2ID(sym);
 }
 
 ID
diff --git a/parse.y b/parse.y
index e2982f2c80..4359705dcb 100644
--- a/parse.y
+++ b/parse.y
@@ -5991,6 +5991,17 @@ rb_symname_p(name)
     return *m ? Qfalse : Qtrue;
 }
 
+int
+rb_sym_interned_p(str)
+    VALUE str;
+{
+    ID id;
+
+    if (st_lookup(sym_tbl, (st_data_t)RSTRING(str)->ptr, (st_data_t *)&id))
+	return Qtrue;
+    return Qfalse;
+}
+
 ID
 rb_intern(name)
     const char *name;
diff --git a/string.c b/string.c
index 681614b133..19c1a65922 100644
--- a/string.c
+++ b/string.c
@@ -4404,7 +4404,7 @@ rb_str_intern(s)
     }
     if (strlen(RSTRING(str)->ptr) != RSTRING(str)->len)
 	rb_raise(rb_eArgError, "symbol string may not contain `\\0'");
-    if (OBJ_TAINTED(str)) {
+    if (OBJ_TAINTED(str) && rb_safe_level() >= 1 && !rb_sym_interned_p(str)) {
 	rb_raise(rb_eSecurityError, "Insecure: can't intern tainted string");
     }
     id = rb_intern(RSTRING(str)->ptr);
author	matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2006-09-14 07:25:56 +0000
committer	matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2006-09-14 07:25:56 +0000
commit	b6f0af788882c25feacb68184ec0f7c04f52f2c5 (patch)
tree	ab726f463981a1effe9690b4b6236cb083b2791f
parent	127ac9f03ed2f3780c78b980dbae621ec43eef44 (diff)