Details
-
Type:
Bug
-
Status:
Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: None
-
Fix Version/s: JRuby 1.0.2, JRuby 1.1b1, JRuby 1.x+
-
Component/s: Core Classes/Modules
-
Labels:None
-
Number of attachments :
Description
The IdUtil.isXXX methods do not sufficiently validate names passed to const_set, instance_variable_set and class_variable_set. (Likewise for the get methods, but that's less problematic.) So, for example, the following are currently accepted:
mod.const_set 'A nice, long phrase!', 86
obj.instance_variable_set '@1 * @2 / @3 =', 4
clazz.send :class_variable_set, '@@@@@@@@', 99
I've got a fix in the works, part of other ivar/cvar/constant work.
Don't fix getVarType as part of this. It is used by the parser/lexer code and does not need extra sanity checks (lexer already does it). I can either move that function into that area or you can comment why it does not have extra checks on it.