Deprecate taint/trust and related methods, and make the methods no-ops

This removes the related tests, and puts the related specs behind version guards. This affects all code in lib, including some libraries that may want to support older versions of Ruby.
author: Jeremy Evans <code@jeremyevans.net> 2019-09-24 20:59:12 -0700
committer: Jeremy Evans <code@jeremyevans.net> 2019-11-18 01:00:25 +0200
commit: ffd0820ab317542f8780aac475da590a4bdbc7a8 (patch)
tree: 6a5d774933c15fd2b9ea948bd3ae2fa587faaf82 /ext
parent: c5c05460ac20abcbc0ed686eb4acf06da7a39a79 (diff)
11 files changed, 24 insertions, 35 deletions
diff --git a/ext/cgi/escape/escape.c b/ext/cgi/escape/escape.c
index 76d8f0d067..47188819cd 100644
--- a/ext/cgi/escape/escape.c
+++ b/ext/cgi/escape/escape.c
@@ -30,8 +30,6 @@ static inline void
 preserve_original_state(VALUE orig, VALUE dest)
 {
     rb_enc_associate(dest, rb_enc_get(orig));
-
-    RB_OBJ_INFECT_RAW(dest, orig);
 }
 
 static VALUE
diff --git a/ext/etc/etc.c b/ext/etc/etc.c
index 1bb10e0b38..28761df8c1 100644
--- a/ext/etc/etc.c
+++ b/ext/etc/etc.c
@@ -219,6 +219,7 @@ etc_getpwnam(VALUE obj, VALUE nam)
     struct passwd *pwd;
     const char *p = StringValueCStr(nam);
 
+    rb_check_safe_obj(nam);
     pwd = getpwnam(p);
     if (pwd == 0) rb_raise(rb_eArgError, "can't find user for %"PRIsVALUE, nam);
     return setup_passwd(pwd);
@@ -462,6 +463,7 @@ etc_getgrnam(VALUE obj, VALUE nam)
     struct group *grp;
     const char *p = StringValueCStr(nam);
 
+    rb_check_safe_obj(nam);
     grp = getgrnam(p);
     if (grp == 0) rb_raise(rb_eArgError, "can't find group for %"PRIsVALUE, nam);
     return setup_group(grp);
diff --git a/ext/io/console/console.c b/ext/io/console/console.c
index 42b000fc30..4f0470940a 100644
--- a/ext/io/console/console.c
+++ b/ext/io/console/console.c
@@ -1483,6 +1483,7 @@ prompt(int argc, VALUE *argv, VALUE io)
     if (argc > 0 && !NIL_P(argv[0])) {
 	VALUE str = argv[0];
 	StringValueCStr(str);
+	rb_check_safe_obj(str);
 	rb_io_write(io, str);
     }
 }
diff --git a/ext/nkf/nkf.c b/ext/nkf/nkf.c
index c958c91753..37717e4799 100644
--- a/ext/nkf/nkf.c
+++ b/ext/nkf/nkf.c
@@ -168,7 +168,6 @@ rb_nkf_convert(VALUE obj, VALUE opt, VALUE src)
     /* use _result_ end */
 
     rb_str_set_len(tmp, output_ctr);
-    OBJ_INFECT(tmp, src);
 
     if (mimeout_f)
 	rb_enc_associate(tmp, rb_usascii_encoding());
diff --git a/ext/openssl/ossl_rand.c b/ext/openssl/ossl_rand.c
index 4a4f9dd5bf..c95857060a 100644
--- a/ext/openssl/ossl_rand.c
+++ b/ext/openssl/ossl_rand.c
@@ -67,6 +67,8 @@ ossl_rand_add(VALUE self, VALUE str, VALUE entropy)
 static VALUE
 ossl_rand_load_file(VALUE self, VALUE filename)
 {
+    rb_check_safe_obj(filename);
+
     if(!RAND_load_file(StringValueCStr(filename), -1)) {
 	ossl_raise(eRandomError, NULL);
     }
@@ -84,6 +86,8 @@ ossl_rand_load_file(VALUE self, VALUE filename)
 static VALUE
 ossl_rand_write_file(VALUE self, VALUE filename)
 {
+    rb_check_safe_obj(filename);
+
     if (RAND_write_file(StringValueCStr(filename)) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
@@ -160,6 +164,8 @@ ossl_rand_pseudo_bytes(VALUE self, VALUE len)
 static VALUE
 ossl_rand_egd(VALUE self, VALUE filename)
 {
+    rb_check_safe_obj(filename);
+
     if (RAND_egd(StringValueCStr(filename)) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
@@ -180,6 +186,8 @@ ossl_rand_egd_bytes(VALUE self, VALUE filename, VALUE len)
 {
     int n = NUM2INT(len);
 
+    rb_check_safe_obj(filename);
+
     if (RAND_egd_bytes(StringValueCStr(filename), n) == -1) {
 	ossl_raise(eRandomError, NULL);
     }
diff --git a/ext/openssl/ossl_x509store.c b/ext/openssl/ossl_x509store.c
index 61543d44f6..2909eeda17 100644
--- a/ext/openssl/ossl_x509store.c
+++ b/ext/openssl/ossl_x509store.c
@@ -304,6 +304,7 @@ ossl_x509store_add_file(VALUE self, VALUE file)
     char *path = NULL;
 
     if(file != Qnil){
+	rb_check_safe_obj(file);
 	path = StringValueCStr(file);
     }
     GetX509Store(self, store);
@@ -339,6 +340,7 @@ ossl_x509store_add_path(VALUE self, VALUE dir)
     char *path = NULL;
 
     if(dir != Qnil){
+	rb_check_safe_obj(dir);
 	path = StringValueCStr(dir);
     }
     GetX509Store(self, store);
diff --git a/ext/pathname/pathname.c b/ext/pathname/pathname.c
index 75d04d0aee..15f80d487e 100644
--- a/ext/pathname/pathname.c
+++ b/ext/pathname/pathname.c
@@ -110,7 +110,6 @@ path_initialize(VALUE self, VALUE arg)
     str = rb_obj_dup(str);
 
     set_strpath(self, str);
-    OBJ_INFECT(self, str);
     return self;
 }
 
@@ -134,15 +133,12 @@ path_freeze(VALUE self)
  * call-seq:
  *   pathname.taint -> obj
  *
- * Taints this Pathname.
- *
- * See Object.taint.
+ * Returns pathname.  This method is deprecated and will be removed in Ruby 3.2.
  */
 static VALUE
 path_taint(VALUE self)
 {
-    rb_call_super(0, 0);
-    rb_obj_taint(get_strpath(self));
+    rb_warning("Pathname#taint is deprecated and will be removed in Ruby 3.2.");
     return self;
 }
 
@@ -150,15 +146,12 @@ path_taint(VALUE self)
  * call-seq:
  *   pathname.untaint -> obj
  *
- * Untaints this Pathname.
- *
- * See Object.untaint.
+ * Returns pathname.  This method is deprecated and will be removed in Ruby 3.2.
  */
 static VALUE
 path_untaint(VALUE self)
 {
-    rb_call_super(0, 0);
-    rb_obj_untaint(get_strpath(self));
+    rb_warning("Pathname#untaint is deprecated and will be removed in Ruby 3.2.");
     return self;
 }
 
@@ -308,7 +301,6 @@ path_sub_ext(VALUE self, VALUE repl)
     }
     str2 = rb_str_subseq(str, 0, ext-p);
     rb_str_append(str2, repl);
-    OBJ_INFECT(str2, str);
     return rb_class_new_instance(1, &str2, rb_obj_class(self));
 }
 
diff --git a/ext/socket/ancdata.c b/ext/socket/ancdata.c
index 69c766e6fd..84463af061 100644
--- a/ext/socket/ancdata.c
+++ b/ext/socket/ancdata.c
@@ -1631,10 +1631,9 @@ bsock_recvmsg_internal(VALUE sock,
     }
 
     if (NIL_P(dat_str))
-        dat_str = rb_tainted_str_new(datbuf, ss);
+        dat_str = rb_str_new(datbuf, ss);
     else {
         rb_str_resize(dat_str, ss);
-        OBJ_TAINT(dat_str);
 	rb_obj_reveal(dat_str, rb_cString);
     }
 
@@ -1660,7 +1659,7 @@ bsock_recvmsg_internal(VALUE sock,
             }
             ctl_end = (char*)cmh + cmh->cmsg_len;
 	    clen = (ctl_end <= msg_end ? ctl_end : msg_end) - (char*)CMSG_DATA(cmh);
-            ctl = ancdata_new(family, cmh->cmsg_level, cmh->cmsg_type, rb_tainted_str_new((char*)CMSG_DATA(cmh), clen));
+            ctl = ancdata_new(family, cmh->cmsg_level, cmh->cmsg_type, rb_str_new((char*)CMSG_DATA(cmh), clen));
             if (request_scm_rights)
                 make_io_for_unix_rights(ctl, cmh, msg_end);
             else
diff --git a/ext/socket/init.c b/ext/socket/init.c
index 44d1506973..0675194d74 100644
--- a/ext/socket/init.c
+++ b/ext/socket/init.c
@@ -143,7 +143,7 @@ rsock_strbuf(VALUE str, long buflen)
 {
     long len;
 
-    if (NIL_P(str)) return rb_tainted_str_new(0, buflen);
+    if (NIL_P(str)) return rb_str_new(0, buflen);
 
     StringValue(str);
     len = RSTRING_LEN(str);
@@ -201,7 +201,6 @@ rsock_s_recvfrom(VALUE sock, int argc, VALUE *argv, enum sock_recv_type from)
     if (slen != RSTRING_LEN(str)) {
 	rb_str_set_len(str, slen);
     }
-    rb_obj_taint(str);
     switch (from) {
       case RECV_RECV:
 	return str;
@@ -282,7 +281,6 @@ rsock_s_recvfrom_nonblock(VALUE sock, VALUE len, VALUE flg, VALUE str,
     if (slen != RSTRING_LEN(str)) {
 	rb_str_set_len(str, slen);
     }
-    rb_obj_taint(str);
     switch (from) {
       case RECV_RECV:
         return str;
@@ -329,7 +327,6 @@ rsock_read_nonblock(VALUE sock, VALUE length, VALUE buf, VALUE ex)
     VALUE str = rsock_strbuf(buf, len);
     char *ptr;
 
-    OBJ_TAINT(str);
     GetOpenFile(sock, fptr);
 
     if (len == 0) {
diff --git a/ext/socket/raddrinfo.c b/ext/socket/raddrinfo.c
index cc296749b0..9ec2fdc329 100644
--- a/ext/socket/raddrinfo.c
+++ b/ext/socket/raddrinfo.c
@@ -969,7 +969,7 @@ init_addrinfo_getaddrinfo(rb_addrinfo_t *rai, VALUE node, VALUE service,
 
     canonname = Qnil;
     if (res->ai->ai_canonname) {
-        canonname = rb_tainted_str_new_cstr(res->ai->ai_canonname);
+        canonname = rb_str_new_cstr(res->ai->ai_canonname);
         OBJ_FREEZE(canonname);
     }
 
@@ -1019,8 +1019,6 @@ make_inspectname(VALUE node, VALUE service, struct addrinfo *res)
             rb_str_catf(inspectname, ":%d", FIX2INT(service));
     }
     if (!NIL_P(inspectname)) {
-        OBJ_INFECT(inspectname, node);
-        OBJ_INFECT(inspectname, service);
         OBJ_FREEZE(inspectname);
     }
     return inspectname;
@@ -1039,7 +1037,7 @@ addrinfo_firstonly_new(VALUE node, VALUE service, VALUE family, VALUE socktype,
 
     canonname = Qnil;
     if (res->ai->ai_canonname) {
-        canonname = rb_tainted_str_new_cstr(res->ai->ai_canonname);
+        canonname = rb_str_new_cstr(res->ai->ai_canonname);
         OBJ_FREEZE(canonname);
     }
 
@@ -1069,7 +1067,7 @@ addrinfo_list_new(VALUE node, VALUE service, VALUE family, VALUE socktype, VALUE
         VALUE canonname = Qnil;
 
         if (r->ai_canonname) {
-            canonname = rb_tainted_str_new_cstr(r->ai_canonname);
+            canonname = rb_str_new_cstr(r->ai_canonname);
             OBJ_FREEZE(canonname);
         }
 
@@ -1908,7 +1906,6 @@ addrinfo_to_sockaddr(VALUE self)
     rb_addrinfo_t *rai = get_addrinfo(self);
     VALUE ret;
     ret = rb_str_new((char*)&rai->addr, rai->sockaddr_len);
-    OBJ_INFECT(ret, self);
     return ret;
 }
 
@@ -2591,7 +2588,6 @@ addrinfo_s_unix(int argc, VALUE *argv, VALUE self)
     addr = addrinfo_s_allocate(rb_cAddrinfo);
     DATA_PTR(addr) = rai = alloc_addrinfo();
     init_unix_addrinfo(rai, path, socktype);
-    OBJ_INFECT(addr, path);
     return addr;
 }
 
diff --git a/ext/socket/socket.c b/ext/socket/socket.c
index f1017910ce..bfeb30340c 100644
--- a/ext/socket/socket.c
+++ b/ext/socket/socket.c
@@ -1164,7 +1164,7 @@ sock_s_getservbyport(int argc, VALUE *argv, VALUE _)
     if (!sp) {
 	rb_raise(rb_eSocket, "no such service for port %d/%s", (int)portnum, protoname);
     }
-    return rb_tainted_str_new2(sp->s_name);
+    return rb_str_new2(sp->s_name);
 }
 
 /*
@@ -1414,8 +1414,6 @@ sock_s_pack_sockaddr_in(VALUE self, VALUE port, VALUE host)
     VALUE addr = rb_str_new((char*)res->ai->ai_addr, res->ai->ai_addrlen);
 
     rb_freeaddrinfo(res);
-    OBJ_INFECT(addr, port);
-    OBJ_INFECT(addr, host);
 
     return addr;
 }
@@ -1457,7 +1455,6 @@ sock_s_unpack_sockaddr_in(VALUE self, VALUE addr)
 #endif
     }
     host = rsock_make_ipaddr((struct sockaddr*)sockaddr, RSTRING_SOCKLEN(addr));
-    OBJ_INFECT(host, addr);
     return rb_assoc_new(INT2NUM(ntohs(sockaddr->sin_port)), host);
 }
 
@@ -1487,7 +1484,6 @@ sock_s_pack_sockaddr_un(VALUE self, VALUE path)
     }
     memcpy(sockaddr.sun_path, RSTRING_PTR(path), RSTRING_LEN(path));
     addr = rb_str_new((char*)&sockaddr, rsock_unix_sockaddr_len(path));
-    OBJ_INFECT(addr, path);
 
     return addr;
 }
@@ -1524,7 +1520,6 @@ sock_s_unpack_sockaddr_un(VALUE self, VALUE addr)
 		 RSTRING_LEN(addr), (int)sizeof(struct sockaddr_un));
     }
     path = rsock_unixpath_str(sockaddr, RSTRING_SOCKLEN(addr));
-    OBJ_INFECT(path, addr);
     return path;
 }
 #endif
author	Jeremy Evans <code@jeremyevans.net>	2019-09-24 20:59:12 -0700
committer	Jeremy Evans <code@jeremyevans.net>	2019-11-18 01:00:25 +0200
commit	ffd0820ab317542f8780aac475da590a4bdbc7a8 (patch)
tree	6a5d774933c15fd2b9ea948bd3ae2fa587faaf82 /ext
parent	c5c05460ac20abcbc0ed686eb4acf06da7a39a79 (diff)