diff options
| -rw-r--r-- | safe.c | 4 | ||||
| -rw-r--r-- | test/ruby/test_file.rb | 6 |
2 files changed, 8 insertions, 2 deletions
@@ -110,8 +110,8 @@ rb_insecure_operation(void) { ID caller_name = rb_frame_callee(); if (caller_name) { - rb_raise(rb_eSecurityError, "Insecure operation - %s", - rb_id2name(caller_name)); + rb_raise(rb_eSecurityError, "Insecure operation - %"PRIsVALUE, + rb_id2str(caller_name)); } else { rb_raise(rb_eSecurityError, "Insecure operation: -r"); diff --git a/test/ruby/test_file.rb b/test/ruby/test_file.rb index 0825c5dd7b..16b76b71fe 100644 --- a/test/ruby/test_file.rb +++ b/test/ruby/test_file.rb @@ -390,6 +390,12 @@ class TestFile < Test::Unit::TestCase (0..1).each do |level| assert_nothing_raised(SecurityError, bug5374) {in_safe[level]} end + def (s = Object.new).to_path; "".taint; end + m = "\u{691c 67fb}" + (c = Class.new(File)).singleton_class.class_eval {alias_method m, :stat} + assert_raise_with_message(SecurityError, /#{m}/) { + proc {$SAFE = 3; c.__send__(m, s)}.call + } end if /(bcc|ms|cyg)win|mingw|emx/ =~ RUBY_PLATFORM |