diff options
Diffstat (limited to 'io.c')
| -rw-r--r-- | io.c | 19 |
1 files changed, 10 insertions, 9 deletions
@@ -7423,7 +7423,7 @@ static VALUE popen_finish(VALUE port, VALUE klass); * whose $stdin and $stdout are connected to a new stream +io+. * * This method has potential security vulnerabilities if called with untrusted input; - * see {Command Injection}[command_injection.rdoc]. + * see {Command Injection}[rdoc-ref:command_injection.rdoc]. * * If no block is given, returns the new stream, * which depending on given +mode+ may be open for reading, writing, or both. @@ -9901,7 +9901,7 @@ argf_readlines(int argc, VALUE *argv, VALUE argf) * sets global variable <tt>$?</tt> to the process status. * * This method has potential security vulnerabilities if called with untrusted input; - * see {Command Injection}[command_injection.rdoc]. + * see {Command Injection}[rdoc-ref:command_injection.rdoc]. * * Examples: * @@ -11292,7 +11292,7 @@ io_s_foreach(VALUE v) * * When called from class \IO (but not subclasses of \IO), * this method has potential security vulnerabilities if called with untrusted input; - * see {Command Injection}[command_injection.rdoc]. + * see {Command Injection}[rdoc-ref:command_injection.rdoc]. * * The first argument must be a string that is one of the following: * @@ -11302,7 +11302,8 @@ io_s_foreach(VALUE v) * - Command: if +self+ is the class \IO, * and if the string starts with the pipe character, * the rest of the string is a command to be executed as a subprocess. - * See the {Note on Security}[@Note+on+Security]. + * This usage has potential security vulnerabilities if called with untrusted input; + * see {Command Injection}[rdoc-ref:command_injection.rdoc]. * * With only argument +path+ given, parses lines from the file at the given +path+, * as determined by the default line separator, @@ -11407,7 +11408,7 @@ io_s_readlines(VALUE v) * * When called from class \IO (but not subclasses of \IO), * this method has potential security vulnerabilities if called with untrusted input; - * see {Command Injection}[command_injection.rdoc]. + * see {Command Injection}[rdoc-ref:command_injection.rdoc]. * * The first argument must be a string; * its meaning depends on whether it starts with the pipe character (<tt>'|'</tt>): @@ -11512,7 +11513,7 @@ seek_before_access(VALUE argp) * * When called from class \IO (but not subclasses of \IO), * this method has potential security vulnerabilities if called with untrusted input; - * see {Command Injection}[command_injection.rdoc]. + * see {Command Injection}[rdoc-ref:command_injection.rdoc]. * * The first argument must be a string; * its meaning depends on whether it starts with the pipe character (<tt>'|'</tt>): @@ -11589,7 +11590,7 @@ rb_io_s_read(int argc, VALUE *argv, VALUE io) * * When called from class \IO (but not subclasses of \IO), * this method has potential security vulnerabilities if called with untrusted input; - * see {Command Injection}[command_injection.rdoc]. + * see {Command Injection}[rdoc-ref:command_injection.rdoc]. * */ @@ -11694,7 +11695,7 @@ io_s_write(int argc, VALUE *argv, VALUE klass, int binary) * * When called from class \IO (but not subclasses of \IO), * this method has potential security vulnerabilities if called with untrusted input; - * see {Command Injection}[command_injection.rdoc]. + * see {Command Injection}[rdoc-ref:command_injection.rdoc]. * * The first argument must be a string; * its meaning depends on whether it starts with the pipe character (<tt>'|'</tt>): @@ -11761,7 +11762,7 @@ rb_io_s_write(int argc, VALUE *argv, VALUE io) * * When called from class \IO (but not subclasses of \IO), * this method has potential security vulnerabilities if called with untrusted input; - * see {Command Injection}[command_injection.rdoc]. + * see {Command Injection}[rdoc-ref:command_injection.rdoc]. * */ |