merge revision(s) r46547: [Backport #9976]

	* hash.c (env_aset, env_has_key, env_assoc, env_has_value),
	  (env_rassoc, env_key): prohibit tainted strings if $SAFE is
	  non-zero.  [Bug #9976]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@47346 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

1 files changed, 81 insertions, 0 deletions

diff --git a/test/ruby/test_env.rb b/test/ruby/test_env.rb
index 0ada9606ae..ddbdcf24bc 100644
--- a/test/ruby/test_env.rb
+++ b/test/ruby/test_env.rb
@@ -451,4 +451,85 @@ class TestEnv < Test::Unit::TestCase
       end;
     end
   end
+
+  def test_taint_aref
+    assert_raise(SecurityError) do
+      proc do
+        $SAFE = 2
+        ENV["FOO".taint]
+      end.call
+    end
+  end
+
+  def test_taint_fetch
+    assert_raise(SecurityError) do
+      proc do
+        $SAFE = 2
+        ENV.fetch("FOO".taint)
+      end.call
+    end
+  end
+
+  def test_taint_assoc
+    assert_raise(SecurityError) do
+      proc do
+        $SAFE = 2
+        ENV.assoc("FOO".taint)
+      end.call
+    end
+  end
+
+  def test_taint_rassoc
+    assert_raise(SecurityError) do
+      proc do
+        $SAFE = 2
+        ENV.rassoc("FOO".taint)
+      end.call
+    end
+  end
+
+  def test_taint_key
+    assert_raise(SecurityError) do
+      proc do
+        $SAFE = 2
+        ENV.key("FOO".taint)
+      end.call
+    end
+  end
+
+  def test_taint_key_p
+    assert_raise(SecurityError) do
+      proc do
+        $SAFE = 2
+        ENV.key?("FOO".taint)
+      end.call
+    end
+  end
+
+  def test_taint_value_p
+    assert_raise(SecurityError) do
+      proc do
+        $SAFE = 2
+        ENV.value?("FOO".taint)
+      end.call
+    end
+  end
+
+  def test_taint_aset_value
+    assert_raise(SecurityError) do
+      proc do
+        $SAFE = 2
+        ENV["FOO"] = "BAR".taint
+      end.call
+    end
+  end
+
+  def test_taint_aset_key
+    assert_raise(SecurityError) do
+      proc do
+        $SAFE = 2
+        ENV["FOO".taint] = "BAR"
+      end.call
+    end
+  end
 end