Bug #5508

Is BigDecimal really not $SAFE?

Added by Dmitry Borodaenko over 3 years ago. Updated over 2 years ago.

[ruby-core:40510]
Status:Closed
Priority:Normal
Assignee:Kenta Murata
ruby -v:ruby 1.9.3dev (2011-09-23 revision 33323) [x86_64-linux] Backport:

Description

Why does BigDecimal call SafeStringValue?

irb(main):001:0> $SAFE = 1; BigDecimal.new('1'.taint)
SecurityError: Insecure operation - new
from (irb):1:in new'
from (irb):1
from /usr/bin/irb:12:in
'

Compare with:

irb(main):001:0> $SAFE = 1; i = '1'.taint.to_i
=> 1
irb(main):002:0> i.tainted?
=> false

I think it makes a lot more sense to validate the input within BigDecimal, rather than validate and untaint the string before passing it to BigDecimal.new().

Associated revisions

Revision 38147
Added by Kenta Murata over 2 years ago

  • ext/bigdecimal/bigdecimal.c (BigDecimal_new): stop checking string taintness. [Bug #5508]

Revision 38147
Added by Kenta Murata over 2 years ago

  • ext/bigdecimal/bigdecimal.c (BigDecimal_new): stop checking string taintness. [Bug #5508]

History

#1 Updated by Kenta Murata over 3 years ago

  • Assignee set to Kenta Murata
  • Target version set to 2.0.0

#2 Updated by Shyouhei Urabe about 3 years ago

  • Status changed from Open to Assigned

#3 Updated by Kenta Murata over 2 years ago

  • Status changed from Assigned to Closed
  • % Done changed from 0 to 100

This issue was solved with changeset r38147.
Dmitry, thank you for reporting this issue.
Your contribution to Ruby is greatly appreciated.
May Ruby be with you.


  • ext/bigdecimal/bigdecimal.c (BigDecimal_new): stop checking string taintness. [Bug #5508]

Also available in: Atom PDF