Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Hash#delete and Hash#clear don't check whether hash is frozen #3370

Closed
clayton-shopify opened this issue Jan 4, 2017 · 2 comments
Closed

Hash#delete and Hash#clear don't check whether hash is frozen #3370

clayton-shopify opened this issue Jan 4, 2017 · 2 comments

Comments

@clayton-shopify
Copy link
Contributor

@clayton-shopify clayton-shopify commented Jan 4, 2017

> h = { 'a' => 1, 'b' => 2 }.freeze
 => {"a"=>1, "b"=>2}
> h.delete('a')
 => 1
> h
 => {"b"=>2}
> h.clear
 => {}

These operations should fail with can't modify frozen hash (RuntimeError).

This issue was reported by https://hackerone.com/an0n-j

@clayton-shopify
Copy link
Contributor Author

@clayton-shopify clayton-shopify commented Jan 4, 2017

The submitter suggested adding mrb_hash_modify calls to mrb_hash_delete and mrb_hash_clear.

matz added a commit that referenced this issue Jan 5, 2017
@matz matz closed this as completed Jan 5, 2017
@ksss
Copy link
Contributor

@ksss ksss commented Jan 5, 2017

I guess it need new method Kernel#frozen? to solve this issue.

E.g. Hash#delete_if

  def delete_if(&block)
    return to_enum :delete_if unless block_given?
+   raise RuntimeError, "can't modify frozen #{self.class}" if frozen?
    self.each do |k, v|
      self.delete(k) if block.call(k, v)
    end
    self
  end

matz added a commit that referenced this issue Jan 5, 2017
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants