Fix a use-after-free bug by avoiding rb_str_new_frozen

`str2 = rb_str_new_frozen(str1)` seems to make str1 a shared string that
refers to str2, but str2 is not marked as STR_IS_SHARED_M nor
STR_NOFREE.
`rb_fstring(str2)` frees str2's ptr because it is not marked, and the
free'ed pointer is the same as str1's ptr.
After that, accessing str1 may cause use-after-free memory corruption.

I guess this is a bug of rb_str_new_frozen, but I'm completely unsure
what it should be; the string states and flags are not documented.
So, this is a workaround for [Bug #16136].  I confirmed that rspec of
activeadmin runs gracefully.

0 files changed, 0 insertions, 0 deletions