From 1b107d48ef2f67a48cb974890c2944381fd4ee4a Mon Sep 17 00:00:00 2001 From: nobu Date: Mon, 21 Dec 2015 20:40:02 +0000 Subject: escape.c: Preserve original state * ext/cgi/escape/escape.c (preserve_original_state): Preserve original state for tainted and frozen. [Fix GH-1166] [ruby-dev:49451] [Bug #11855] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53233 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ext/cgi/escape/escape.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) (limited to 'ext/cgi') diff --git a/ext/cgi/escape/escape.c b/ext/cgi/escape/escape.c index 6fec95af04..939b054ad2 100644 --- a/ext/cgi/escape/escape.c +++ b/ext/cgi/escape/escape.c @@ -25,6 +25,14 @@ html_escaped_cat(VALUE str, char c) } } +static inline void +preserve_original_state(VALUE orig, VALUE dest) +{ + rb_enc_associate(dest, rb_enc_get(orig)); + + FL_SET_RAW(dest, FL_TEST_RAW(orig, FL_FREEZE|FL_TAINT)); +} + static VALUE optimized_escape_html(VALUE str) { @@ -57,7 +65,7 @@ optimized_escape_html(VALUE str) if (modified) { rb_str_cat(dest, cstr + beg, len - beg); - rb_enc_associate(dest, rb_enc_get(str)); + preserve_original_state(str, dest); return dest; } else { -- cgit v1.2.3