diff options
author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2001-10-30 08:42:21 +0000 |
---|---|---|
committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2001-10-30 08:42:21 +0000 |
commit | 3ee749b1736ca72ba20fc30f759fa119a750a4c6 (patch) | |
tree | d75571b4eae4fcfdca76de46afdc66dc8832cbf5 /eval.c | |
parent | 35b21a12c03765244d32b6400a100124f35df091 (diff) |
* eval.c (rb_f_eval): can't modify untainted binding.
* regex.c (re_compile_pattern): should preverve p0 value.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_6@1802 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'eval.c')
-rw-r--r-- | eval.c | 3 |
1 files changed, 3 insertions, 0 deletions
@@ -4961,6 +4961,9 @@ rb_f_eval(argc, argv, self) if (ruby_safe_level >= 4) { Check_Type(src, T_STRING); + if (!NIL_P(scope) && !OBJ_TAINTED(scope)) { + rb_raise(rb_eSecurityError, "Insecure: can't modify trusted binding"); + } } else { Check_SafeStr(src); |