Hi Matz,
On 2012/01/17 22:57, Yukihiro Matsumoto wrote:
Issue #5902 has been updated by Yukihiro Matsumoto.
In this case, tainted/untrusted string info is never used in the result. Why should it be tainted?
As far as I understand, the case of
s = [].join(",".taint.untrust)
s.tainted? #=> false
s.untrusted? #=> false
is fine, as you say. What's being called out as a bug is
s = [1].join(",".taint.untrust)
s.tainted? #=> true
s.untrusted? #=> true
In this case, as in the above case, the tainted/untrusted "," isn't used
at all, but still the resulting string is tainted and untrusted. That's
what's called out as a potential bug. What do you think?
I have had a quick look at the code and will add a potential patch to
the bug.
Regards, Martin.
Matz.¶
Bug #5902: Array#join with an unused, infected separator may or may not infect the result
https://bugs.ruby-lang.org/issues/5902
Author: John Firebaugh
Status: Assigned
Priority: Normal
Assignee: Yukihiro Matsumoto
Category: core
Target version:
ruby -v: ruby 1.9.3p0 (2011-10-30 revision 33570) [x86_64-darwin10.8.0]
=begin
It's infected if the separator is unused because there is only one element, but not if there are zero elements. Is this intended behavior?
s = [].join(",".taint.untrust)
s.tainted? #=> false
s.untrusted? #=> false
s = [1].join(",".taint.untrust)
s.tainted? #=> true
s.untrusted? #=> true
=end