summaryrefslogtreecommitdiff
path: root/string.c
diff options
context:
space:
mode:
authormatz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2006-09-14 07:25:56 +0000
committermatz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2006-09-14 07:25:56 +0000
commitb6f0af788882c25feacb68184ec0f7c04f52f2c5 (patch)
treeab726f463981a1effe9690b4b6236cb083b2791f /string.c
parent127ac9f03ed2f3780c78b980dbae621ec43eef44 (diff)
* string.c (rb_str_intern): raise SecurityError only when $SAFE
level is greater than zero. [ruby-core:08862] * parse.y (rb_interned_p): new function to check if a string is already interned. * object.c (str_to_id): use rb_str_intern(). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@10930 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'string.c')
-rw-r--r--string.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/string.c b/string.c
index 681614b133..19c1a65922 100644
--- a/string.c
+++ b/string.c
@@ -4404,7 +4404,7 @@ rb_str_intern(s)
}
if (strlen(RSTRING(str)->ptr) != RSTRING(str)->len)
rb_raise(rb_eArgError, "symbol string may not contain `\\0'");
- if (OBJ_TAINTED(str)) {
+ if (OBJ_TAINTED(str) && rb_safe_level() >= 1 && !rb_sym_interned_p(str)) {
rb_raise(rb_eSecurityError, "Insecure: can't intern tainted string");
}
id = rb_intern(RSTRING(str)->ptr);