goyox86 · July 28, 2010 16:51
diff --git a/0003-Fix-for-the-following-Marshal.dump-specs.patch b/0003-Fix-for-the-following-Marshal.dump-specs.patch
 From b5fd0d635b7937f7716b8b89ca1ab89709c5609a Mon Sep 17 00:00:00 2001
 From: Jose Narvaez <[email protected]>
 Date: Wed, 28 Jul 2010 12:13:55 -0430
 Subject: [PATCH 3/3] Fix for the following Marshal.dump specs:

 Marshal.dump returns a tainted string if object is tainted
 Marshal.dump returns a tainted string if object is tainted deep in nested structure
 ---
 kernel/common/marshal.rb |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

 diff --git a/kernel/common/marshal.rb b/kernel/common/marshal.rb
 index 9396f49..cfcaf55 100644
 --- a/kernel/common/marshal.rb
 +++ b/kernel/common/marshal.rb
 @@ -720,7 +720,7 @@ module Marshal
 
       @depth += 1
 
 -      return str
 +      obj.tainted? ? str.taint : str
     end
 
     def serialize_extended_object(obj)
 -- 
 1.7.0.3
	From b5fd0d635b7937f7716b8b89ca1ab89709c5609a Mon Sep 17 00:00:00 2001
	From: Jose Narvaez <[email protected]>
	Date: Wed, 28 Jul 2010 12:13:55 -0430
	Subject: [PATCH 3/3] Fix for the following Marshal.dump specs:

	Marshal.dump returns a tainted string if object is tainted
	Marshal.dump returns a tainted string if object is tainted deep in nested structure
	---
	kernel/common/marshal.rb \| 2 +-
	1 files changed, 1 insertions(+), 1 deletions(-)

	diff --git a/kernel/common/marshal.rb b/kernel/common/marshal.rb
	index 9396f49..cfcaf55 100644
	--- a/kernel/common/marshal.rb
	+++ b/kernel/common/marshal.rb
	@@ -720,7 +720,7 @@ module Marshal

	@depth += 1

	- return str
	+ obj.tainted? ? str.taint : str
	end

	def serialize_extended_object(obj)
	--
	1.7.0.3