New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update stdlib to Ruby 2.5.3. #5505
Conversation
5b964e2
to
bd27274
Compare
@initialized = false | ||
end | ||
|
||
def lazy_initialize |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
just for confirmation, this was backported to ruby 2.3, 2.4 and 2.6?
isn't 2.5 also affected?
see https://bugs.ruby-lang.org/issues/14571 and #5074
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, this was originally filed against 2.5 it appears and backported as far as 2.3.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
yeah, but this change reverts the fix. Maybe MRI guys forgot to backport it?
- pass String instance (when possible) directly to unpack - or retrieved array elements should affect created string related to jrubyGH-5505
- pass String instance (when possible) directly to unpack - or retrieved array elements should affect created string related to jrubyGH-5505
@@ -857,4 +860,20 @@ def test_unpack1 | |||
assert_equal "hogefuga", "aG9nZWZ1Z2E=".unpack1("m") | |||
assert_equal "01000001", "A".unpack1("B*") | |||
end | |||
|
|||
def test_pack_infection |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
fix for pack/unpack tainting is already on master: 1d1bb5d
... but you will need to tag this one since JRuby does not do much with 'P' (or 'p')
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think @enebo was looking into this...maybe it doesn't need to be done.
This is a new test for ARGV tainting that we never would have passed, because we don't taint ARGV strings. Note that MRI always taints all strings that come from "external" bytes, which is similar to our "external" Java strings. We are opting to localize this fix to ARGV only due to the unknown impact of suddenly tainting all strings imported from Java via our version of the "external" string construction. https://bugs.ruby-lang.org/issues/14941
… super is actually invoked. Therefore we cannot assume any argument which we think we need to splat is actually in need of splatting. Simple instanceof checks solves it. MRI core tests caught this in stdlib update to 2.5.4.
IRWrappedLambdaReturnValue exception coming out because END blocks are internally modelled as closures. This change also changed this exception to know whether it had been initiated by break or return.
…ine. Addresses MRI test.
so that "\u{0D 0A}" ends up as a single point.
This also updates Ruby compat version to run post-2.5.1 specs for this behavior. https://bugs.ruby-lang.org/issues/14380
04c3b9b
to
abe5c19
Compare
… is way more important
…pagate potential taintedness.
These tests were imported with jruby#5505 and will be reenabled once
The final completed build failed because an earlier exclude was accidentally removed. I am merging after having restored that tag. |
No description provided.