diff options
| author | Yukihiro "Matz" Matsumoto <[email protected]> | 2018-09-19 20:53:32 +0900 |
|---|---|---|
| committer | Yukihiro "Matz" Matsumoto <[email protected]> | 2018-11-19 11:28:51 +0900 |
| commit | afca99a40b8a3415b3a9a0e8fc41c93ddcbb11d8 (patch) | |
| tree | 6ecbeb3c8a562ce64713ccd4d2d6b1d12e6b5fa2 /src/kernel.c | |
| parent | 426c1f9e0b77a27d5384ccdee7f7a49eef0e2ed0 (diff) | |
| download | mruby-afca99a40b8a3415b3a9a0e8fc41c93ddcbb11d8.tar.gz mruby-afca99a40b8a3415b3a9a0e8fc41c93ddcbb11d8.zip | |
Remove implicit conversion using `to_int` method.
The ISO standard does not include implicit type conversion using
`to_int`. This implicit conversion often causes vulnerability.
There will be no more attacks like #4120.
In addition, we have added internal convenience method `__to_int` which
does type check and conversion (from floats).
Diffstat (limited to 'src/kernel.c')
| -rw-r--r-- | src/kernel.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/kernel.c b/src/kernel.c index db681d510..195594d6b 100644 --- a/src/kernel.c +++ b/src/kernel.c @@ -830,6 +830,7 @@ mrb_obj_ceqq(mrb_state *mrb, mrb_value self) } mrb_value mrb_obj_equal_m(mrb_state *mrb, mrb_value); + void mrb_init_kernel(mrb_state *mrb) { @@ -871,6 +872,7 @@ mrb_init_kernel(mrb_state *mrb) mrb_define_method(mrb, krn, "respond_to?", obj_respond_to, MRB_ARGS_ANY()); /* 15.3.1.3.43 */ mrb_define_method(mrb, krn, "to_s", mrb_any_to_s, MRB_ARGS_NONE()); /* 15.3.1.3.46 */ mrb_define_method(mrb, krn, "__case_eqq", mrb_obj_ceqq, MRB_ARGS_REQ(1)); /* internal */ + mrb_define_method(mrb, krn, "__to_int", mrb_to_int, MRB_ARGS_NONE()); /* internal */ mrb_define_method(mrb, krn, "class_defined?", mrb_krn_class_defined, MRB_ARGS_REQ(1)); |