This commit is contained in:
Burdette Lamar 2022-04-08 14:25:38 -05:00 коммит произвёл GitHub
Родитель c77a31df5e
Коммит 70415071e8
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: 4AEE18F83AFDEB23
3 изменённых файлов: 22 добавлений и 21 удалений

19
io.c
Просмотреть файл

@ -7423,7 +7423,7 @@ static VALUE popen_finish(VALUE port, VALUE klass);
* whose $stdin and $stdout are connected to a new stream +io+.
*
* This method has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[command_injection.rdoc].
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
* If no block is given, returns the new stream,
* which depending on given +mode+ may be open for reading, writing, or both.
@ -9901,7 +9901,7 @@ argf_readlines(int argc, VALUE *argv, VALUE argf)
* sets global variable <tt>$?</tt> to the process status.
*
* This method has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[command_injection.rdoc].
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
* Examples:
*
@ -11292,7 +11292,7 @@ io_s_foreach(VALUE v)
*
* When called from class \IO (but not subclasses of \IO),
* this method has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[command_injection.rdoc].
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
* The first argument must be a string that is one of the following:
*
@ -11302,7 +11302,8 @@ io_s_foreach(VALUE v)
* - Command: if +self+ is the class \IO,
* and if the string starts with the pipe character,
* the rest of the string is a command to be executed as a subprocess.
* See the {Note on Security}[@Note+on+Security].
* This usage has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
* With only argument +path+ given, parses lines from the file at the given +path+,
* as determined by the default line separator,
@ -11407,7 +11408,7 @@ io_s_readlines(VALUE v)
*
* When called from class \IO (but not subclasses of \IO),
* this method has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[command_injection.rdoc].
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
* The first argument must be a string;
* its meaning depends on whether it starts with the pipe character (<tt>'|'</tt>):
@ -11512,7 +11513,7 @@ seek_before_access(VALUE argp)
*
* When called from class \IO (but not subclasses of \IO),
* this method has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[command_injection.rdoc].
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
* The first argument must be a string;
* its meaning depends on whether it starts with the pipe character (<tt>'|'</tt>):
@ -11589,7 +11590,7 @@ rb_io_s_read(int argc, VALUE *argv, VALUE io)
*
* When called from class \IO (but not subclasses of \IO),
* this method has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[command_injection.rdoc].
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
*/
@ -11694,7 +11695,7 @@ io_s_write(int argc, VALUE *argv, VALUE klass, int binary)
*
* When called from class \IO (but not subclasses of \IO),
* this method has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[command_injection.rdoc].
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
* The first argument must be a string;
* its meaning depends on whether it starts with the pipe character (<tt>'|'</tt>):
@ -11761,7 +11762,7 @@ rb_io_s_write(int argc, VALUE *argv, VALUE io)
*
* When called from class \IO (but not subclasses of \IO),
* this method has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[command_injection.rdoc].
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
*/

Просмотреть файл

@ -4773,7 +4773,7 @@ rb_spawn(int argc, const VALUE *argv)
* _command..._ is one of following forms.
*
* This method has potential security vulnerabilities if called with untrusted input;
* see {Command Injection}[command_injection.rdoc].
* see {Command Injection}[rdoc-ref:command_injection.rdoc].
*
* [<code>commandline</code>]
* command line string which is passed to the standard shell

Просмотреть файл

@ -3660,7 +3660,7 @@ static VALUE str_casecmp_p(VALUE str1, VALUE str2);
* 'foo'.casecmp('FOO') # => 0
* 'foo'.casecmp(1) # => nil
*
* See {Case Mapping}[case_mapping.rdoc].
* See {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#casecmp?.
*
@ -3750,7 +3750,7 @@ str_casecmp(VALUE str1, VALUE str2)
*
* 'foo'.casecmp?(1) # => nil
*
* See {Case Mapping}[case_mapping.rdoc].
* See {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#casecmp.
*
@ -7330,7 +7330,7 @@ upcase_single(VALUE str)
* s.upcase! # => nil
*
* The casing may be affected by the given +options+;
* see {Case Mapping}[case_mapping.rdoc].
* see {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#upcase, String#downcase, String#downcase!.
*
@ -7369,7 +7369,7 @@ rb_str_upcase_bang(int argc, VALUE *argv, VALUE str)
* s.upcase # => "HELLO WORLD!"
*
* The casing may be affected by the given +options+;
* see {Case Mapping}[case_mapping.rdoc].
* see {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#upcase!, String#downcase, String#downcase!.
*
@ -7432,7 +7432,7 @@ downcase_single(VALUE str)
* s.downcase! # => nil
*
* The casing may be affected by the given +options+;
* see {Case Mapping}[case_mapping.rdoc].
* see {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#downcase, String#upcase, String#upcase!.
*
@ -7471,7 +7471,7 @@ rb_str_downcase_bang(int argc, VALUE *argv, VALUE str)
* s.downcase # => "hello world!"
*
* The casing may be affected by the given +options+;
* see {Case Mapping}[case_mapping.rdoc].
* see {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#downcase!, String#upcase, String#upcase!.
*
@ -7517,7 +7517,7 @@ rb_str_downcase(int argc, VALUE *argv, VALUE str)
* s.capitalize! # => nil
*
* The casing may be affected by the given +options+;
* see {Case Mapping}[case_mapping.rdoc].
* see {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#capitalize.
*
@ -7555,7 +7555,7 @@ rb_str_capitalize_bang(int argc, VALUE *argv, VALUE str)
* s.capitalize # => "Hello world!"
*
* The casing may be affected by the given +options+;
* see {Case Mapping}[case_mapping.rdoc].
* see {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#capitalize!.
*
@ -7596,7 +7596,7 @@ rb_str_capitalize(int argc, VALUE *argv, VALUE str)
* ''.swapcase! # => nil
*
* The casing may be affected by the given +options+;
* see {Case Mapping}[case_mapping.rdoc].
* see {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#swapcase.
*
@ -7633,7 +7633,7 @@ rb_str_swapcase_bang(int argc, VALUE *argv, VALUE str)
* s.swapcase # => "hELLO wORLD!"
*
* The casing may be affected by the given +options+;
* see {Case Mapping}[case_mapping.rdoc].
* see {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: String#swapcase!.
*
@ -11582,7 +11582,7 @@ sym_casecmp(VALUE sym, VALUE other)
* sym.casecmp?(other_sym) # => nil
* :foo.casecmp?(2) # => nil
*
* See {Case Mapping}[case_mapping.rdoc].
* See {Case Mapping}[rdoc-ref:case_mapping.rdoc].
*
* Related: Symbol#casecmp.
*