Skip to content
Permalink
Browse files

Merge pull request #812 from tobarja/stringinfect

String#inspect can taint and untrust
  • Loading branch information
alex committed Jul 26, 2013
2 parents 879e92b + 36f0e65 commit 7e8a9b8c143d59e3242db3316a929ea76d7d0a8f
Showing with 3 additions and 3 deletions.
  1. +0 −2 spec/tags/core/string/inspect_tags.txt
  2. +3 −1 topaz/objects/stringobject.py
@@ -1,5 +1,3 @@
fails:String#inspect taints the result if self is tainted
fails:String#inspect untrusts the result if self is untrusted
fails:String#inspect returns a string with special characters replaced with \<char> notation
fails:String#inspect returns a string with " and \ escaped with a backslash
fails:String#inspect returns a string with \#<char> when # is followed by $, @, {
@@ -493,7 +493,9 @@ def method_ord(self, space):

@classdef.method("inspect")
def method_inspect(self, space):
return space.newstr_fromstr('"%s"' % self.str_w(space))
s = space.newstr_fromstr('"%s"' % self.str_w(space))
space.infect(s, self)
return s

@classdef.method("+")
def method_plus(self, space, w_obj):

0 comments on commit 7e8a9b8

Please sign in to comment.
You can’t perform that action at this time.