* marshal.c (r_entry0): don't taint classes and modules because

Marshal.load just return the dumped classes and modules.
  [Bug #7325] [ruby-core:49198]

* test/ruby/test_marshal.rb: related test.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@38357 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
shugo 2012-12-13 05:12:55 +00:00
Родитель bfb08c1ece
Коммит 0ac361f540
3 изменённых файлов: 28 добавлений и 1 удалений

Просмотреть файл

@ -1,3 +1,11 @@
Thu Dec 13 14:10:00 2012 Shugo Maeda <shugo@ruby-lang.org>
* marshal.c (r_entry0): don't taint classes and modules because
Marshal.load just return the dumped classes and modules.
[Bug #7325] [ruby-core:49198]
* test/ruby/test_marshal.rb: related test.
Thu Dec 13 14:10:13 2012 NAKAMURA Usaku <usa@ruby-lang.org>
* test/ruby/test_require.rb (TestRequire#test_loaded_features_encoding):

Просмотреть файл

@ -1323,7 +1323,8 @@ r_entry0(VALUE v, st_index_t num, struct load_arg *arg)
else {
st_insert(arg->data, num, (st_data_t)v);
}
if (arg->infection) {
if (arg->infection &&
TYPE(v) != T_CLASS && TYPE(v) != T_MODULE) {
FL_SET(v, arg->infection);
if ((VALUE)real_obj != Qundef)
FL_SET((VALUE)real_obj, arg->infection);

Просмотреть файл

@ -499,4 +499,22 @@ class TestMarshal < Test::Unit::TestCase
ary = [ [2.0, e], [e] ]
assert_equal(ary, Marshal.load(Marshal.dump(ary)), bug7348)
end
class TestClass
end
module TestModule
end
def test_marshal_load_should_not_taint_classes
bug7325 = '[ruby-core:49198]'
for c in [TestClass, TestModule]
assert(!c.tainted?)
assert(!c.untrusted?)
c2 = Marshal.load(Marshal.dump(c).taint.untrust)
assert_same(c, c2)
assert(!c.tainted?, bug7325)
assert(!c.untrusted?, bug7325)
end
end
end