summaryrefslogtreecommitdiff
path: root/load.c
diff options
context:
space:
mode:
Diffstat (limited to 'load.c')
-rw-r--r--load.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/load.c b/load.c
index 8e66a75718..8e533771f1 100644
--- a/load.c
+++ b/load.c
@@ -554,13 +554,17 @@ rb_require_safe(VALUE fname, int safe)
rb_set_safe_level_force(safe);
FilePathValue(fname);
RB_GC_GUARD(fname) = rb_str_new4(fname);
+ rb_set_safe_level_force(0);
found = search_required(fname, &path);
if (found) {
if (!path || !(ftptr = load_lock(RSTRING_PTR(path)))) {
result = Qfalse;
}
else {
- rb_set_safe_level_force(0);
+ if (safe > 0 && OBJ_TAINTED(path)) {
+ rb_raise(rb_eSecurityError, "cannot load from insecure path - %s",
+ RSTRING_PTR(path));
+ }
switch (found) {
case 'r':
rb_load(path, 0);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-25 04:07:34 +0000