From 2737b90e36f43865be74ebf6b71ea3ab42309720 Mon Sep 17 00:00:00 2001
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Sun, 19 Jul 2009 08:32:44 +0000
Subject: * io.c (io_read): should taint the result.   [ruby-dev:38826]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@24203 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog            | 4 ++++
 io.c                 | 1 +
 test/ruby/test_io.rb | 6 ++++++
 3 files changed, 11 insertions(+)

diff --git a/ChangeLog b/ChangeLog
index dd6db14858..dffca496cb 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,7 @@
+Sun Jul 19 17:32:37 2009  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* io.c (io_read): should taint the result.   [ruby-dev:38826]
+
 Sun Jul 19 11:00:14 2009  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* vm_method.c (me_opts): fixed optimized method aliasing.
diff --git a/io.c b/io.c
index e2de4a69b1..44f79a735f 100644
--- a/io.c
+++ b/io.c
@@ -2114,6 +2114,7 @@ io_read(int argc, VALUE *argv, VALUE io)
         return Qnil;
     }
     rb_str_resize(str, n);
+    OBJ_TAINT(str);
 
     return str;
 }
diff --git a/test/ruby/test_io.rb b/test/ruby/test_io.rb
index 42614e00cb..ab893dbfd8 100644
--- a/test/ruby/test_io.rb
+++ b/test/ruby/test_io.rb
@@ -1457,4 +1457,10 @@ class TestIO < Test::Unit::TestCase
       }
     }
   end
+
+  def test_tainted
+    t = make_tempfile
+    assert(File.read(t.path, 4).tainted?, '[ruby-dev:38826]')
+    assert(File.open(t.path) {|f| f.read(4)}.tainted?, '[ruby-dev:38826]')
+  end
 end
-- 
cgit v1.2.3