зеркало из https://github.com/github/ruby.git
* marshal.c (r_entry0): don't taint classes and modules because
Marshal.load just return the dumped classes and modules. [Bug #7325] [ruby-core:49198] * test/ruby/test_marshal.rb: related test. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38357 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
Родитель
bfb08c1ece
Коммит
0ac361f540
|
@ -1,3 +1,11 @@
|
|||
Thu Dec 13 14:10:00 2012 Shugo Maeda <shugo@ruby-lang.org>
|
||||
|
||||
* marshal.c (r_entry0): don't taint classes and modules because
|
||||
Marshal.load just return the dumped classes and modules.
|
||||
[Bug #7325] [ruby-core:49198]
|
||||
|
||||
* test/ruby/test_marshal.rb: related test.
|
||||
|
||||
Thu Dec 13 14:10:13 2012 NAKAMURA Usaku <usa@ruby-lang.org>
|
||||
|
||||
* test/ruby/test_require.rb (TestRequire#test_loaded_features_encoding):
|
||||
|
|
|
@ -1323,7 +1323,8 @@ r_entry0(VALUE v, st_index_t num, struct load_arg *arg)
|
|||
else {
|
||||
st_insert(arg->data, num, (st_data_t)v);
|
||||
}
|
||||
if (arg->infection) {
|
||||
if (arg->infection &&
|
||||
TYPE(v) != T_CLASS && TYPE(v) != T_MODULE) {
|
||||
FL_SET(v, arg->infection);
|
||||
if ((VALUE)real_obj != Qundef)
|
||||
FL_SET((VALUE)real_obj, arg->infection);
|
||||
|
|
|
@ -499,4 +499,22 @@ class TestMarshal < Test::Unit::TestCase
|
|||
ary = [ [2.0, e], [e] ]
|
||||
assert_equal(ary, Marshal.load(Marshal.dump(ary)), bug7348)
|
||||
end
|
||||
|
||||
class TestClass
|
||||
end
|
||||
|
||||
module TestModule
|
||||
end
|
||||
|
||||
def test_marshal_load_should_not_taint_classes
|
||||
bug7325 = '[ruby-core:49198]'
|
||||
for c in [TestClass, TestModule]
|
||||
assert(!c.tainted?)
|
||||
assert(!c.untrusted?)
|
||||
c2 = Marshal.load(Marshal.dump(c).taint.untrust)
|
||||
assert_same(c, c2)
|
||||
assert(!c.tainted?, bug7325)
|
||||
assert(!c.untrusted?, bug7325)
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
Загрузка…
Ссылка в новой задаче