Bug #11855 ยป 0001-Preserve-original-state-for-tainted-and-frozen.patch
| ext/cgi/escape/escape.c | ||
|---|---|---|
|
}
|
||
|
}
|
||
|
static void
|
||
|
preserve_original_state(VALUE orig, VALUE dest)
|
||
|
{
|
||
|
rb_enc_associate(dest, rb_enc_get(orig));
|
||
|
if (rb_obj_frozen_p(orig)) {
|
||
|
rb_str_freeze(dest);
|
||
|
}
|
||
|
if (OBJ_TAINTED(orig)) {
|
||
|
rb_obj_taint(dest);
|
||
|
}
|
||
|
}
|
||
|
static VALUE
|
||
|
optimized_escape_html(VALUE str)
|
||
|
{
|
||
| ... | ... | |
|
if (modified) {
|
||
|
rb_str_cat(dest, cstr + beg, len - beg);
|
||
|
rb_enc_associate(dest, rb_enc_get(str));
|
||
|
preserve_original_state(str, dest);
|
||
|
return dest;
|
||
|
}
|
||
|
else {
|
||
| test/cgi/test_cgi_util.rb | ||
|---|---|---|
|
assert_equal(Encoding::UTF_8, CGI::escapeHTML("'&\"><".force_encoding("UTF-8")).encoding)
|
||
|
end
|
||
|
def test_cgi_escape_html_preserve_tainted
|
||
|
assert_equal(false, CGI::escapeHTML("'&\"><").tainted?)
|
||
|
assert_equal(true, CGI::escapeHTML("'&\"><".taint).tainted?)
|
||
|
end
|
||
|
def test_cgi_escape_html_preserve_frozen
|
||
|
assert_equal(false, CGI::escapeHTML("'&\"><".dup).frozen?)
|
||
|
assert_equal(true, CGI::escapeHTML("'&\"><".freeze).frozen?)
|
||
|
end
|
||
|
def test_cgi_unescapeHTML
|
||
|
assert_equal("'&\"><", CGI::unescapeHTML("'&"><"))
|
||
|
end
|
||