1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Don't allow mixed escape

Browse Source 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61381 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
naruse 2017-12-21 05:09:17 +00:00
parent 188d85934b
commit 05d1d29d1f
2 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
string.c
View File

@ -6107,7 +6107,7 @@ unescape_ascii(unsigned int c)
} }
static void static void
undump_after_backslash(VALUE undumped, const char **ss, const char *s_end, rb_encoding **penc, bool *utf8) undump_after_backslash(VALUE undumped, const char **ss, const char *s_end, rb_encoding **penc, bool *utf8, bool *binary)
{ {
const char *s = *ss; const char *s = *ss;
unsigned int c; unsigned int c;
@ -6136,6 +6136,9 @@ undump_after_backslash(VALUE undumped, const char **ss, const char *s_end, rb_en
s++; s++;
break; break;
case 'u': case 'u':
if (*binary) {
rb_raise(rb_eRuntimeError, "hex escape and Unicode escape are mixed");
}
*utf8 = true; *utf8 = true;
if (++s >= s_end) { if (++s >= s_end) {
rb_raise(rb_eRuntimeError, "invalid Unicode escape"); rb_raise(rb_eRuntimeError, "invalid Unicode escape");
@ -6188,6 +6191,10 @@ undump_after_backslash(VALUE undumped, const char **ss, const char *s_end, rb_en
} }
break; break;
case 'x': case 'x':
if (*utf8) {
rb_raise(rb_eRuntimeError, "hex escape and Unicode escape are mixed");
}
*binary = true;
if (++s >= s_end) { if (++s >= s_end) {
rb_raise(rb_eRuntimeError, "invalid hex escape"); rb_raise(rb_eRuntimeError, "invalid hex escape");
} }
@ -6226,6 +6233,7 @@ str_undump(VALUE str)
rb_encoding *enc = rb_enc_get(str); rb_encoding *enc = rb_enc_get(str);
VALUE undumped = rb_enc_str_new(s, 0L, enc); VALUE undumped = rb_enc_str_new(s, 0L, enc);
bool utf8 = false; bool utf8 = false;
bool binary = false;
int w; int w;
rb_must_asciicompat(str); rb_must_asciicompat(str);
@ -6296,7 +6304,7 @@ str_undump(VALUE str)
if (s >= s_end) { if (s >= s_end) {
rb_raise(rb_eRuntimeError, "invalid escape"); rb_raise(rb_eRuntimeError, "invalid escape");
} }
undump_after_backslash(undumped, &s, s_end, &enc, &utf8); undump_after_backslash(undumped, &s, s_end, &enc, &utf8, &binary);
} }
else { else {
rb_str_cat(undumped, s++, 1); rb_str_cat(undumped, s++, 1);

2
test/ruby/test_string.rb
View File

@ -784,6 +784,8 @@ CODE
assert_equal('\#{', '"\\\\\#{"'.undump) assert_equal('\#{', '"\\\\\#{"'.undump)
assert_raise(RuntimeError) { S('\u3042').undump } assert_raise(RuntimeError) { S('\u3042').undump }
assert_raise(RuntimeError) { S('"\x82\xA0\u3042"'.force_encoding("SJIS")).undump }
assert_raise(RuntimeError) { S('"\u3042\x82\xA0"'.force_encoding("SJIS")).undump }
assert_raise(RuntimeError) { S('"".force_encoding()').undump } assert_raise(RuntimeError) { S('"".force_encoding()').undump }
assert_raise(RuntimeError) { S('"".force_encoding("').undump } assert_raise(RuntimeError) { S('"".force_encoding("').undump }
assert_raise(RuntimeError) { S('"".force_encoding("UNKNOWN")').undump } assert_raise(RuntimeError) { S('"".force_encoding("UNKNOWN")').undump }