diff options
| -rw-r--r-- | lib/cgi/core.rb | 4 | ||||
| -rw-r--r-- | lib/cgi/session/pstore.rb | 1 | ||||
| -rw-r--r-- | lib/delegate.rb | 29 | ||||
| -rw-r--r-- | lib/drb/drb.rb | 14 | ||||
| -rw-r--r-- | lib/drb/ssl.rb | 2 | ||||
| -rw-r--r-- | lib/drb/unix.rb | 1 | ||||
| -rw-r--r-- | lib/find.rb | 4 | ||||
| -rw-r--r-- | lib/net/imap.rb | 2 | ||||
| -rw-r--r-- | lib/pp.rb | 6 | ||||
| -rw-r--r-- | lib/resolv.rb | 4 | ||||
| -rw-r--r-- | lib/set.rb | 10 | ||||
| -rw-r--r-- | lib/singleton.rb | 8 |
12 files changed, 15 insertions, 70 deletions
@@ -544,11 +544,11 @@ class CGI /Content-Disposition:.* filename=(?:"(.*?)"|([^;\r\n]*))/i.match(head) filename = $1 || $2 || ''.dup filename = CGI.unescape(filename) if unescape_filename?() - body.instance_variable_set(:@original_filename, filename.taint) ## content type /Content-Type: (.*)/i.match(head) (content_type = $1 || ''.dup).chomp! - body.instance_variable_set(:@content_type, content_type.taint) ## query parameter name /Content-Disposition:.* name=(?:"(.*?)"|([^;\r\n]*))/i.match(head) name = $1 || $2 || '' @@ -50,7 +50,6 @@ class CGI require 'digest/md5' md5 = Digest::MD5.hexdigest(id)[0,16] path = dir+"/"+prefix+md5 - path.untaint if File::exist?(path) @hash = nil else @@ -220,35 +220,12 @@ class Delegator < BasicObject private :initialize_clone, :initialize_dup ## - # :method: trust - # Trust both the object returned by \_\_getobj\_\_ and self. - # - - ## - # :method: untrust - # Untrust both the object returned by \_\_getobj\_\_ and self. - # - - ## - # :method: taint - # Taint both the object returned by \_\_getobj\_\_ and self. - # - - ## - # :method: untaint - # Untaint both the object returned by \_\_getobj\_\_ and self. - # - - ## # :method: freeze # Freeze both the object returned by \_\_getobj\_\_ and self. # - - [:trust, :untrust, :taint, :untaint, :freeze].each do |method| - define_method method do - __getobj__.send(method) - super() - end end @delegator_api = self.public_instance_methods @@ -233,7 +233,7 @@ require_relative 'eq' # def get_logger(name) # if [email protected]_key? name # # make the filename safe, then declare it to be so -# fname = name.gsub(/[.\/\\\:]/, "_").untaint # @loggers[name] = Logger.new(name, @basedir + "/" + fname) # end # return @loggers[name] @@ -594,16 +594,9 @@ module DRb raise(DRbConnError, 'premature marshal format(can\'t read)') if str.size < sz DRb.mutex.synchronize do begin - save = Thread.current[:drb_untaint] - Thread.current[:drb_untaint] = [] Marshal::load(str) rescue NameError, ArgumentError DRbUnknown.new($!, str) - ensure - Thread.current[:drb_untaint].each do |x| - x.untaint - end - Thread.current[:drb_untaint] = save end end end @@ -843,8 +836,6 @@ module DRb # URI protocols. def self.open(uri, config) host, port, = parse_uri(uri) - host.untaint - port.untaint soc = TCPSocket.open(host, port) self.new(uri, soc, config) end @@ -1061,9 +1052,6 @@ module DRb if DRb.here?(uri) obj = DRb.to_obj(ref) - if ((! obj.tainted?) && Thread.current[:drb_untaint]) - Thread.current[:drb_untaint].push(obj) - end return obj end @@ -248,8 +248,6 @@ module DRb # configuration. Either a Hash or DRb::DRbSSLSocket::SSLConfig def self.open(uri, config) host, port, = parse_uri(uri) - host.untaint - port.untaint soc = TCPSocket.open(host, port) ssl_conf = SSLConfig::new(config) ssl_conf.setup_ssl_context @@ -27,7 +27,6 @@ module DRb def self.open(uri, config) filename, = parse_uri(uri) - filename.untaint soc = UNIXSocket.open(filename) self.new(uri, soc, config) end @@ -46,7 +46,7 @@ module Find ps = [path] while file = ps.shift catch(:prune) do - yield file.dup.taint begin s = File.lstat(file) rescue Errno::ENOENT, Errno::EACCES, Errno::ENOTDIR, Errno::ELOOP, Errno::ENAMETOOLONG @@ -63,7 +63,7 @@ module Find fs.sort! fs.reverse_each {|f| f = File.join(file, f) - ps.unshift f.untaint } end end @@ -3238,7 +3238,7 @@ module Net if atom atom else - symbol = flag.capitalize.untaint.intern @flag_symbols[symbol] = true if @flag_symbols.length > IMAP.max_flag_count raise FlagCountError, "number of flag symbols exceeded" @@ -106,17 +106,17 @@ class PP < PrettyPrint # and preserves the previous set of objects being printed. def guard_inspect_key if Thread.current[:__recursive_key__] == nil - Thread.current[:__recursive_key__] = {}.compare_by_identity.taint end if Thread.current[:__recursive_key__][:inspect] == nil - Thread.current[:__recursive_key__][:inspect] = {}.compare_by_identity.taint end save = Thread.current[:__recursive_key__][:inspect] begin - Thread.current[:__recursive_key__][:inspect] = {}.compare_by_identity.taint yield ensure Thread.current[:__recursive_key__][:inspect] = save @@ -194,15 +194,12 @@ class Resolv line.sub!(/#.*/, '') addr, hostname, *aliases = line.split(/\s+/) next unless addr - addr.untaint - hostname.untaint @addr2name[addr] = [] unless @addr2name.include? addr @addr2name[addr] << hostname @addr2name[addr] += aliases @name2addr[hostname] = [] unless @name2addr.include? hostname @name2addr[hostname] << addr aliases.each {|n| - n.untaint @name2addr[n] = [] unless @name2addr.include? n @name2addr[n] << addr } @@ -964,7 +961,6 @@ class Resolv f.each {|line| line.sub!(/[#;].*/, '') keyword, *args = line.split(/\s+/) - args.each(&:untaint) next unless keyword case keyword when 'nameserver' @@ -147,16 +147,6 @@ class Set super end - def taint # :nodoc: - @hash.taint - super - end - - def untaint # :nodoc: - @hash.untaint - super - end - # Returns the number of elements. def size @hash.size @@ -58,10 +58,9 @@ # == Singleton and Marshal # # By default Singleton's #_dump(depth) returns the empty string. Marshalling by -# default will strip state information, e.g. instance variables and taint -# state, from the instance. Classes using Singleton can provide custom -# _load(str) and _dump(depth) methods to retain some of the previous state of -# the instance. # # require 'singleton' # @@ -82,7 +81,6 @@ # a = Example.instance # a.keep = "keep this" # a.strip = "get rid of this" -# a.taint # # stored_state = Marshal.dump(a) # |