rb_str_new_frozen: new object if tainted/untrusted unmatch

* string.c (rb_str_new_frozen): since the result object should have same tainted/untrusted bits with the original object, return new object if the shared object unmatch. [ruby-core:39745][Bug #5374] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@36373 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2012-07-12 02:44:27 +0000
committer: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2012-07-12 02:44:27 +0000
commit: d7444332257a6fb255300ee938a20dfa64cccf32 (patch)
tree: 1e5d3ffdfdf32714f1fd21085eda79c0a2aa5799 /test/ruby/test_file.rb
parent: 8cc3fef898e7e2edf2554c153318f6cc483a01f2 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/test/ruby/test_file.rb b/test/ruby/test_file.rb
index b0a6971e69..45c6efbd74 100644
--- a/test/ruby/test_file.rb
+++ b/test/ruby/test_file.rb
@@ -316,6 +316,16 @@ class TestFile < Test::Unit::TestCase
     end
   end
 
+  def test_untainted_path
+    bug5374 = '[ruby-core:39745]'
+    cwd = ("./"*40+".".taint).dup.untaint
+    in_safe = proc {|safe| $SAFE = safe; File.stat(cwd)}
+    assert_not_send([cwd, :tainted?])
+    (0..1).each do |level|
+      assert_nothing_raised(SecurityError, bug5374) {in_safe[level]}
+    end
+  end
+
   if /(bcc|ms|cyg)win|mingw|emx/ =~ RUBY_PLATFORM
     def test_long_unc
       feature3399 = '[ruby-core:30623]'
author	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2012-07-12 02:44:27 +0000
committer	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2012-07-12 02:44:27 +0000
commit	d7444332257a6fb255300ee938a20dfa64cccf32 (patch)
tree	1e5d3ffdfdf32714f1fd21085eda79c0a2aa5799 /test/ruby/test_file.rb
parent	8cc3fef898e7e2edf2554c153318f6cc483a01f2 (diff)