From e20d3698d766a4af5483d6f719db988ae2ba8e74 Mon Sep 17 00:00:00 2001 From: nagachika Date: Sun, 2 Sep 2018 11:20:33 +0000 Subject: merge revision(s) 64071: [Backport #14941] ruby.c: taint ARGV on Windows * ruby.c (external_str_new_cstr): strings come from the external should be tainted. [ruby-dev:50596] [Bug #14941] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@64616 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ruby.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'ruby.c') diff --git a/ruby.c b/ruby.c index 452d0a0e3c..e3271f99c2 100644 --- a/ruby.c +++ b/ruby.c @@ -2112,7 +2112,9 @@ external_str_new_cstr(const char *p) { #if UTF8_PATH VALUE str = rb_utf8_str_new_cstr(p); - return str_conv_enc(str, NULL, rb_default_external_encoding()); + str = str_conv_enc(str, NULL, rb_default_external_encoding()); + OBJ_TAINT_RAW(str); + return str; #else return rb_external_str_new_cstr(p); #endif -- cgit v1.2.3