From ffd0820ab317542f8780aac475da590a4bdbc7a8 Mon Sep 17 00:00:00 2001 From: Jeremy Evans Date: Tue, 24 Sep 2019 20:59:12 -0700 Subject: Deprecate taint/trust and related methods, and make the methods no-ops This removes the related tests, and puts the related specs behind version guards. This affects all code in lib, including some libraries that may want to support older versions of Ruby. --- spec/ruby/core/hash/reject_spec.rb | 8 ++-- spec/ruby/core/hash/shared/eql.rb | 96 ++++++++++++++++++++++++++------------ spec/ruby/core/hash/shared/to_s.rb | 16 ++++--- spec/ruby/core/hash/to_a_spec.rb | 12 +++-- 4 files changed, 86 insertions(+), 46 deletions(-) (limited to 'spec/ruby/core/hash') diff --git a/spec/ruby/core/hash/reject_spec.rb b/spec/ruby/core/hash/reject_spec.rb index 8016be5e83..1051ebd76c 100644 --- a/spec/ruby/core/hash/reject_spec.rb +++ b/spec/ruby/core/hash/reject_spec.rb @@ -32,9 +32,11 @@ describe "Hash#reject" do HashSpecs::MyHash[1 => 2, 3 => 4].reject { true }.should be_kind_of(Hash) end - it "does not taint the resulting hash" do - h = { a: 1 }.taint - h.reject {false}.tainted?.should == false + ruby_version_is ''...'2.7' do + it "does not taint the resulting hash" do + h = { a: 1 }.taint + h.reject {false}.tainted?.should == false + end end end diff --git a/spec/ruby/core/hash/shared/eql.rb b/spec/ruby/core/hash/shared/eql.rb index 1aed5f51fb..d8c33179fc 100644 --- a/spec/ruby/core/hash/shared/eql.rb +++ b/spec/ruby/core/hash/shared/eql.rb @@ -149,46 +149,80 @@ describe :hash_eql_additional, shared: true do h.send(@method, HashSpecs::MyHash[h]).should be_true end - # Why isn't this true of eql? too ? - it "compares keys with matching hash codes via eql?" do - a = Array.new(2) do - obj = mock('0') - obj.should_receive(:hash).at_least(1).and_return(0) - - # It's undefined whether the impl does a[0].eql?(a[1]) or - # a[1].eql?(a[0]) so we taint both. - def obj.eql?(o) - return true if self.equal?(o) - taint - o.taint - false + ruby_version_is '2.7' do + # Why isn't this true of eql? too ? + it "compares keys with matching hash codes via eql?" do + a = Array.new(2) do + obj = mock('0') + obj.should_receive(:hash).at_least(1).and_return(0) + + def obj.eql?(o) + return true if self.equal?(o) + false + end + + obj end - obj - end + { a[0] => 1 }.send(@method, { a[1] => 1 }).should be_false - { a[0] => 1 }.send(@method, { a[1] => 1 }).should be_false - a[0].tainted?.should be_true - a[1].tainted?.should be_true + a = Array.new(2) do + obj = mock('0') + obj.should_receive(:hash).at_least(1).and_return(0) - a = Array.new(2) do - obj = mock('0') - obj.should_receive(:hash).at_least(1).and_return(0) + def obj.eql?(o) + true + end - def obj.eql?(o) - # It's undefined whether the impl does a[0].send(@method, a[1]) or - # a[1].send(@method, a[0]) so we taint both. - taint - o.taint - true + obj end - obj + { a[0] => 1 }.send(@method, { a[1] => 1 }).should be_true end + end + + ruby_version_is ''...'2.7' do + # Why isn't this true of eql? too ? + it "compares keys with matching hash codes via eql?" do + a = Array.new(2) do + obj = mock('0') + obj.should_receive(:hash).at_least(1).and_return(0) + + # It's undefined whether the impl does a[0].eql?(a[1]) or + # a[1].eql?(a[0]) so we taint both. + def obj.eql?(o) + return true if self.equal?(o) + taint + o.taint + false + end + + obj + end - { a[0] => 1 }.send(@method, { a[1] => 1 }).should be_true - a[0].tainted?.should be_true - a[1].tainted?.should be_true + { a[0] => 1 }.send(@method, { a[1] => 1 }).should be_false + a[0].tainted?.should be_true + a[1].tainted?.should be_true + + a = Array.new(2) do + obj = mock('0') + obj.should_receive(:hash).at_least(1).and_return(0) + + def obj.eql?(o) + # It's undefined whether the impl does a[0].send(@method, a[1]) or + # a[1].send(@method, a[0]) so we taint both. + taint + o.taint + true + end + + obj + end + + { a[0] => 1 }.send(@method, { a[1] => 1 }).should be_true + a[0].tainted?.should be_true + a[1].tainted?.should be_true + end end it "compares the values in self to values in other hash" do diff --git a/spec/ruby/core/hash/shared/to_s.rb b/spec/ruby/core/hash/shared/to_s.rb index d180d08c2c..b0e3705d01 100644 --- a/spec/ruby/core/hash/shared/to_s.rb +++ b/spec/ruby/core/hash/shared/to_s.rb @@ -77,14 +77,16 @@ describe :hash_to_s, shared: true do y.send(@method).should == "{1=>{0=>{...}}}" end - it "returns a tainted string if self is tainted and not empty" do - {}.taint.send(@method).tainted?.should be_false - { nil => nil }.taint.send(@method).tainted?.should be_true - end + ruby_version_is ''...'2.7' do + it "returns a tainted string if self is tainted and not empty" do + {}.taint.send(@method).tainted?.should be_false + { nil => nil }.taint.send(@method).tainted?.should be_true + end - it "returns an untrusted string if self is untrusted and not empty" do - {}.untrust.send(@method).untrusted?.should be_false - { nil => nil }.untrust.send(@method).untrusted?.should be_true + it "returns an untrusted string if self is untrusted and not empty" do + {}.untrust.send(@method).untrusted?.should be_false + { nil => nil }.untrust.send(@method).untrusted?.should be_true + end end it "does not raise if inspected result is not default external encoding" do diff --git a/spec/ruby/core/hash/to_a_spec.rb b/spec/ruby/core/hash/to_a_spec.rb index 33ad7cdec9..46f871389a 100644 --- a/spec/ruby/core/hash/to_a_spec.rb +++ b/spec/ruby/core/hash/to_a_spec.rb @@ -27,11 +27,13 @@ describe "Hash#to_a" do ent.should == pairs end - it "returns a tainted array if self is tainted" do - {}.taint.to_a.tainted?.should be_true - end + ruby_version_is ''...'2.7' do + it "returns a tainted array if self is tainted" do + {}.taint.to_a.tainted?.should be_true + end - it "returns an untrusted array if self is untrusted" do - {}.untrust.to_a.untrusted?.should be_true + it "returns an untrusted array if self is untrusted" do + {}.untrust.to_a.untrusted?.should be_true + end end end -- cgit v1.2.3