* encoding.c (require_enc): reject only loading from untrusted

load paths. [ruby-dev:44541] [Bug #5279] * transcode.c (load_transcoder_entry): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@33328 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2011-09-25 07:54:35 +0000
committer: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2011-09-25 07:54:35 +0000
commit: fecda0d9f72f52f9777fb32f63eb2471353221ec (patch)
tree: 9476be67ef8664fb55f7d5b232992b2ff537a661
parent: 256f355af5cc3efb543608193da615d5a9fcd340 (diff)
4 files changed, 12 insertions, 3 deletions
diff --git a/ChangeLog b/ChangeLog
index 3c6b364019..aeabc95b76 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+Sun Sep 25 16:54:33 2011  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* encoding.c (require_enc): reject only loading from untrusted
+	  load paths.  [ruby-dev:44541] [Bug #5279]
+
+	* transcode.c (load_transcoder_entry): ditto.
+
 Sun Sep 25 16:45:05 2011  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* configure.in: ignore all warnings from an arbitrary
diff --git a/encoding.c b/encoding.c
index 57af9762e9..3e4892b2e2 100644
--- a/encoding.c
+++ b/encoding.c
@@ -543,7 +543,8 @@ rb_enc_registered(const char *name)
 static VALUE
 require_enc(VALUE enclib)
 {
-    return rb_require_safe(enclib, rb_safe_level());
+    int safe = rb_safe_level();
+    return rb_require_safe(enclib, safe > 3 ? 3 : safe);
 }
 
 static int
diff --git a/test/ruby/test_encoding.rb b/test/ruby/test_encoding.rb
index 3e2ad5d0d2..6cb13fda9c 100644
--- a/test/ruby/test_encoding.rb
+++ b/test/ruby/test_encoding.rb
@@ -102,6 +102,6 @@ class TestEncoding < Test::Unit::TestCase
 
   def test_unsafe
     bug5279 = '[ruby-dev:44469]'
-    assert_ruby_status([], '$SAFE=3; "a".encode("utf-16be")', bug5279)
+    assert_ruby_status([], '$SAFE=4; "a".encode("utf-16be")', bug5279)
   end
 end
diff --git a/transcode.c b/transcode.c
index 7caad0f87c..e813516563 100644
--- a/transcode.c
+++ b/transcode.c
@@ -370,6 +370,7 @@ load_transcoder_entry(transcoder_entry_t *entry)
         const size_t total_len = sizeof(transcoder_lib_prefix) - 1 + len;
         const VALUE fn = rb_str_new(0, total_len);
         char *const path = RSTRING_PTR(fn);
+	const int safe = rb_safe_level();
 
         entry->lib = NULL;
 
@@ -378,7 +379,7 @@ load_transcoder_entry(transcoder_entry_t *entry)
         rb_str_set_len(fn, total_len);
         FL_UNSET(fn, FL_TAINT|FL_UNTRUSTED);
         OBJ_FREEZE(fn);
-        if (!rb_require_safe(fn, rb_safe_level()))
+        if (!rb_require_safe(fn, safe > 3 ? 3 : safe))
             return NULL;
     }
author	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2011-09-25 07:54:35 +0000
committer	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2011-09-25 07:54:35 +0000
commit	fecda0d9f72f52f9777fb32f63eb2471353221ec (patch)
tree	9476be67ef8664fb55f7d5b232992b2ff537a661
parent	256f355af5cc3efb543608193da615d5a9fcd340 (diff)