Project

General

Profile

Bug #11858

CGI.escapeHTML should NOT return frozen string

Added by Tietew (Toru Iwase) almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
-
ruby -v:
ruby 2.3.0dev (2015-12-22 trunk 53233) [x86_64-linux]
[ruby-core:72426]

Description

After r53220, following snippet fails.

$ ./ruby -rcgi -ve 'p CGI.escapeHTML("Hello, ".freeze) << "world."'
ruby 2.3.0dev (2015-12-22 trunk 53233) [x86_64-linux]
-e:1:in `<main>': can't modify frozen String (RuntimeError)

In preview2, works.

$ RBENV_VERSION=2.3.0-preview2 ruby -rcgi -ve 'p CGI.escapeHTML("Hello, ".freeze) << "world."'
ruby 2.3.0preview2 (2015-12-11 trunk 53028) [x86_64-linux]
"Hello, world."

I think this is backward incompatibility.
CGI.escapeHTML should return different and unfreezed string from passed string as String#gsub.

$ ./irb
ruby 2.3.0dev (2015-12-22 trunk 53233) [x86_64-linux]
irb(main):001:0> str = "Ruby".freeze
=> "Ruby"
irb(main):002:0> str.object_id
=> 70236871355920
irb(main):003:0> str.gsub(/\d/, '').frozen?
=> false
irb(main):004:0> str.gsub(/\d/, '').object_id
=> 70236871220100  # different object
irb(main):006:0> require 'cgi'
=> true
irb(main):007:0> CGI.escapeHTML(str).frozen?
=> true
irb(main):008:0> CGI.escapeHTML(str).object_id
=> 70236871355920  # same object

Files

escapehtml_dup_str.patch (2.06 KB) escapehtml_dup_str.patch Tietew (Toru Iwase), 12/22/2015 03:08 AM

Associated revisions

Revision 10a129ce
Added by nobu (Nobuyoshi Nakada) almost 4 years ago

escape.c: should not freeze

  • ext/cgi/escape/escape.c (optimized_escape_html): CGI.escapeHTML should return unfrozen new string. [ruby-core:72426] [Bug #11858]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@53234 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

Revision 53234
Added by nobu (Nobuyoshi Nakada) almost 4 years ago

escape.c: should not freeze

  • ext/cgi/escape/escape.c (optimized_escape_html): CGI.escapeHTML should return unfrozen new string. [ruby-core:72426] [Bug #11858]

Revision 53234
Added by nobu (Nobuyoshi Nakada) almost 4 years ago

escape.c: should not freeze

  • ext/cgi/escape/escape.c (optimized_escape_html): CGI.escapeHTML should return unfrozen new string. [ruby-core:72426] [Bug #11858]

Revision 53234
Added by nobu (Nobuyoshi Nakada) almost 4 years ago

escape.c: should not freeze

  • ext/cgi/escape/escape.c (optimized_escape_html): CGI.escapeHTML should return unfrozen new string. [ruby-core:72426] [Bug #11858]

Revision 53234
Added by nobu (Nobuyoshi Nakada) almost 4 years ago

escape.c: should not freeze

  • ext/cgi/escape/escape.c (optimized_escape_html): CGI.escapeHTML should return unfrozen new string. [ruby-core:72426] [Bug #11858]

Revision 53234
Added by nobu (Nobuyoshi Nakada) almost 4 years ago

escape.c: should not freeze

  • ext/cgi/escape/escape.c (optimized_escape_html): CGI.escapeHTML should return unfrozen new string. [ruby-core:72426] [Bug #11858]

History

Updated by Tietew (Toru Iwase) almost 4 years ago

Attached a suggested patch.
This patch also adds some tests for not-modified patterns.

#2

Updated by nobu (Nobuyoshi Nakada) almost 4 years ago

  • Status changed from Open to Closed

Applied in changeset r53234.


escape.c: should not freeze

  • ext/cgi/escape/escape.c (optimized_escape_html): CGI.escapeHTML should return unfrozen new string. [ruby-core:72426] [Bug #11858]

Updated by usa (Usaku NAKAMURA) almost 4 years ago

  • Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN to 2.0.0: DONTNEED, 2.1: DONTNEED, 2.2: DONTNEED

Also available in: Atom PDF