[Truffle] Mass taint handling in String.

jruby · Mar 5, 2015 · ccc540e · ccc540e
1 parent d258589
commit ccc540e
Show file tree

Hide file tree

Showing 17 changed files with 22 additions and 52 deletions.
diff --git a/spec/truffle/tags/core/string/append_tags.txt b/spec/truffle/tags/core/string/append_tags.txt
@@ -2,4 +2,3 @@ fails:String#<< with Integer concatencates the argument interpreted as a codepoi
 fails:String#<< with Integer returns a ASCII-8BIT string if self is US-ASCII and the argument is between 128-255 (inclusive)
 fails:String#<< with Integer raises RangeError if the argument is an invalid codepoint for self's encoding
 fails:String#<< with Integer raises RangeError if the argument is negative
-fails:String#<< with Integer raises a RuntimeError when self is frozen
diff --git a/spec/truffle/tags/core/string/capitalize_tags.txt b/spec/truffle/tags/core/string/capitalize_tags.txt
@@ -1,3 +1,2 @@
-fails:String#capitalize taints resulting string when self is tainted
 fails:String#capitalize is locale insensitive (only upcases a-z and only downcases A-Z)
 fails:String#capitalize returns subclass instances when called on a subclass
diff --git a/spec/truffle/tags/core/string/concat_tags.txt b/spec/truffle/tags/core/string/concat_tags.txt
@@ -2,4 +2,3 @@ fails:String#concat with Integer concatencates the argument interpreted as a cod
 fails:String#concat with Integer returns a ASCII-8BIT string if self is US-ASCII and the argument is between 128-255 (inclusive)
 fails:String#concat with Integer raises RangeError if the argument is an invalid codepoint for self's encoding
 fails:String#concat with Integer raises RangeError if the argument is negative
-fails:String#concat with Integer raises a RuntimeError when self is frozen
diff --git a/spec/truffle/tags/core/string/downcase_tags.txt b/spec/truffle/tags/core/string/downcase_tags.txt
@@ -1,3 +1,2 @@
 fails:String#downcase is locale insensitive (only replaces A-Z)
-fails:String#downcase taints result when self is tainted
 fails:String#downcase returns a subclass instance for subclasses
diff --git a/spec/truffle/tags/core/string/dump_tags.txt b/spec/truffle/tags/core/string/dump_tags.txt
@@ -1,4 +1,2 @@
-fails:String#dump taints the result if self is tainted
-fails:String#dump untrusts the result if self is untrusted
 fails:String#dump returns a subclass instance
 fails:String#dump includes .force_encoding(name) if the encoding isn't ASCII compatible
diff --git a/spec/truffle/tags/core/string/gsub_tags.txt b/spec/truffle/tags/core/string/gsub_tags.txt
@@ -1,20 +1,10 @@
 fails:String#gsub with pattern and replacement treats \+ as an empty string if there was no captures
 fails:String#gsub with pattern and replacement replaces \k named backreferences with the regexp's corresponding capture
-fails:String#gsub with pattern and Hash uses the hash's default value for missing keys
-fails:String#gsub with pattern and Hash coerces the hash values with #to_s
 fails:String#gsub with pattern and Hash uses the hash's value set from default_proc for missing keys
-fails:String#gsub! with pattern and Hash uses the hash's default value for missing keys
-fails:String#gsub! with pattern and Hash coerces the hash values with #to_s
 fails:String#gsub! with pattern and Hash uses the hash's value set from default_proc for missing keys
-fails:String#gsub! with pattern and Hash untrusts self if a hash value is untrusted
-fails:String#gsub! with pattern and Hash taints self if a hash value is tainted
 fails:String#gsub with pattern and block sets $~ for access from the block
 fails:String#gsub with pattern and block restores $~ after leaving the block
 passes:String#gsub with pattern and block converts the block's return value to a string using to_s
-fails:String#gsub! with pattern and replacement taints self if replacement is tainted
-fails:String#gsub! with pattern and replacement untrusts self if replacement is untrusted
-fails:String#gsub! with pattern and block taints self if block's result is tainted
-fails:String#gsub! with pattern and block untrusts self if block's result is untrusted
 fails:String#gsub! with pattern and block uses the compatible encoding if they are compatible
 fails:String#gsub! with pattern and block replaces the incompatible part properly even if the encodings are not compatible
 fails:String#gsub with pattern and replacement respects $KCODE when the pattern collapses

diff --git a/spec/truffle/tags/core/string/initialize_tags.txt b/spec/truffle/tags/core/string/initialize_tags.txt
@@ -1,5 +1,3 @@
-fails:String#initialize with an argument taints self if other is tainted
-fails:String#initialize with an argument untrusts self if other is untrusted
 fails:String#initialize with an argument tries to convert other to string using to_str
 fails:String#initialize with an argument raises a RuntimeError on a frozen instance that is modified
 fails:String#initialize with an argument raises a RuntimeError on a frozen instance when self-replacing
diff --git a/spec/truffle/tags/core/string/inspect_tags.txt b/spec/truffle/tags/core/string/inspect_tags.txt
diff --git a/spec/truffle/tags/core/string/replace_tags.txt b/spec/truffle/tags/core/string/replace_tags.txt
@@ -1,5 +1,3 @@
-fails:String#replace taints self if other is tainted
-fails:String#replace untrusts self if other is untrusted
 fails:String#replace replaces the encoding of self with that of other
 fails:String#replace carries over the encoding invalidity
 fails:String#replace tries to convert other to string using to_str
diff --git a/spec/truffle/tags/core/string/reverse_tags.txt b/spec/truffle/tags/core/string/reverse_tags.txt
@@ -1,4 +1,3 @@
-fails:String#reverse taints the result if self is tainted
 fails:String#reverse! raises a RuntimeError on a frozen instance that is modified
 fails:String#reverse! raises a RuntimeError on a frozen instance that would not be modified
 fails:String#reverse! reverses a string with multi byte characters

diff --git a/spec/truffle/tags/core/string/rstrip_tags.txt b/spec/truffle/tags/core/string/rstrip_tags.txt
@@ -1,6 +1,5 @@
 fails:String#rstrip returns a copy of self with trailing whitespace removed
 fails:String#rstrip returns a copy of self with all trailing whitespace and NULL bytes removed
-fails:String#rstrip taints the result when self is tainted
 fails:String#rstrip! modifies self in place and returns self
 fails:String#rstrip! modifies self removing trailing NULL bytes and whitespace
 fails:String#rstrip! returns nil if no modifications were made

diff --git a/spec/truffle/tags/core/string/sub_tags.txt b/spec/truffle/tags/core/string/sub_tags.txt
@@ -1,15 +1,7 @@
 fails:String#sub with pattern, replacement treats \+ as an empty string if there was no captures
 fails:String#sub with pattern, replacement returns subclass instances when called on a subclass
 fails:String#sub with pattern and block sets $~ for access from the block
-fails:String#sub! with pattern, replacement taints self if replacement is tainted
 fails:String#sub! with pattern and block sets $~ for access from the block
-fails:String#sub! with pattern and block taints self if block's result is tainted
 fails:String#sub! with pattern and block raises a RuntimeError if the string is modified while substituting
-fails:String#sub with pattern and Hash uses the hash's default value for missing keys
-fails:String#sub with pattern and Hash coerces the hash values with #to_s
 fails:String#sub with pattern and Hash uses the hash's value set from default_proc for missing keys
-fails:String#sub! with pattern and Hash uses the hash's default value for missing keys
-fails:String#sub! with pattern and Hash coerces the hash values with #to_s
 fails:String#sub! with pattern and Hash uses the hash's value set from default_proc for missing keys
-fails:String#sub! with pattern and Hash untrusts self if a hash value is untrusted
-fails:String#sub! with pattern and Hash taints self if a hash value is tainted
diff --git a/spec/truffle/tags/core/string/succ_tags.txt b/spec/truffle/tags/core/string/succ_tags.txt
@@ -1,2 +1 @@
 fails:String#succ returns subclass instances when called on a subclass
-fails:String#succ taints the result if self is tainted
diff --git a/spec/truffle/tags/core/string/swapcase_tags.txt b/spec/truffle/tags/core/string/swapcase_tags.txt
@@ -1,4 +1,3 @@
-fails:String#swapcase taints resulting string when self is tainted
 fails:String#swapcase is locale insensitive (only upcases a-z and only downcases A-Z)
 fails:String#swapcase returns subclass instances when called on a subclass
 fails:String#swapcase! returns nil if no modifications were made

diff --git a/spec/truffle/tags/core/string/upcase_tags.txt b/spec/truffle/tags/core/string/upcase_tags.txt
@@ -1,5 +1,4 @@
 fails:String#upcase is locale insensitive (only replaces a-z)
-fails:String#upcase taints result when self is tainted
 fails:String#upcase returns a subclass instance for subclasses
 fails:String#upcase! returns nil if no modifications were made
 fails:String#upcase! raises a RuntimeError when self is frozen
diff --git a/truffle/src/main/java/org/jruby/truffle/nodes/cast/TaintResultNode.java b/truffle/src/main/java/org/jruby/truffle/nodes/cast/TaintResultNode.java
@@ -78,9 +78,14 @@ public Object execute(VirtualFrame frame) {
             }
 
             for (int i = 0; i < taintFromParameters.length; i++) {
-                final RubyBasicObject taintSource =
-                        (RubyBasicObject) RubyArguments.getUserArgument(frame.getArguments(), taintFromParameters[i]);
-                maybeTaint(taintSource, result);
+                // It's possible the taintFromParamaters value was misconfigured by the user, but the far more likely
+                // scenario is that the argument at that position is an UndefinedPlaceholder, which doesn't take up
+                // a space in the frame.
+                if (taintFromParameters[i] < RubyArguments.getUserArgumentsCount(frame.getArguments())) {
+                    final RubyBasicObject taintSource =
+                            (RubyBasicObject) RubyArguments.getUserArgument(frame.getArguments(), taintFromParameters[i]);
+                    maybeTaint(taintSource, result);
+                }
             }
         }
 

diff --git a/truffle/src/main/java/org/jruby/truffle/nodes/core/StringNodes.java b/truffle/src/main/java/org/jruby/truffle/nodes/core/StringNodes.java
@@ -733,7 +733,7 @@ public RubiniusByteArray data(RubyString string) {
         }
     }
 
-    @CoreMethod(names = "downcase")
+    @CoreMethod(names = "downcase", taintFromSelf = true)
     public abstract static class DowncaseNode extends CoreMethodNode {
 
         public DowncaseNode(RubyContext context, SourceSection sourceSection) {
@@ -1052,7 +1052,7 @@ public int hash(RubyString string) {
 
     }
 
-    @CoreMethod(names = "inspect")
+    @CoreMethod(names = "inspect", taintFromSelf = true)
     public abstract static class InspectNode extends CoreMethodNode {
 
         public InspectNode(RubyContext context, SourceSection sourceSection) {
@@ -1073,7 +1073,7 @@ public RubyString inspect(RubyString string) {
         }
     }
 
-    @CoreMethod(names = "initialize", optional = 1)
+    @CoreMethod(names = "initialize", optional = 1, taintFromParameters = 0)
     public abstract static class InitializeNode extends CoreMethodNode {
 
         public InitializeNode(RubyContext context, SourceSection sourceSection) {
@@ -1124,7 +1124,7 @@ public Object initializeCopy(RubyString self, RubyString from) {
 
     }
 
-    @CoreMethod(names = "insert", required = 2, lowerFixnumParameters = 0, raiseIfFrozenSelf = true)
+    @CoreMethod(names = "insert", required = 2, lowerFixnumParameters = 0, raiseIfFrozenSelf = true, taintFromParameters = 1)
     public abstract static class InsertNode extends CoreMethodNode {
 
         @Child private ConcatNode concatNode;
@@ -1257,7 +1257,7 @@ public int ord(RubyString string) {
         }
     }
 
-    @CoreMethod(names = "replace", required = 1, raiseIfFrozenSelf = true)
+    @CoreMethod(names = "replace", required = 1, raiseIfFrozenSelf = true, taintFromParameters = 0)
     public abstract static class ReplaceNode extends CoreMethodNode {
 
         public ReplaceNode(RubyContext context, SourceSection sourceSection) {
@@ -1330,7 +1330,7 @@ public Object rindex(RubyString string, RubyString subString, int endPosition) {
         }
     }
 
-    @CoreMethod(names = "swapcase")
+    @CoreMethod(names = "swapcase", taintFromSelf = true)
     public abstract static class SwapcaseNode extends CoreMethodNode {
         public SwapcaseNode(RubyContext context, SourceSection sourceSection) {
             super(context, sourceSection);
@@ -1369,7 +1369,7 @@ public RubyString swapcase(RubyString string) {
         }
     }
 
-    @CoreMethod(names = "rstrip")
+    @CoreMethod(names = "rstrip", taintFromSelf = true)
     public abstract static class RStripNode extends CoreMethodNode {
 
         public RStripNode(RubyContext context, SourceSection sourceSection) {
@@ -1395,7 +1395,7 @@ public RubyString rstrip(RubyString string) {
 
     }
 
-    @CoreMethod(names = "dump")
+    @CoreMethod(names = "dump", taintFromSelf = true)
     public abstract static class DumpNode extends CoreMethodNode {
 
         public DumpNode(RubyContext context, SourceSection sourceSection) {
@@ -1415,7 +1415,7 @@ public RubyString rstrip(RubyString string) {
 
     }
 
-    @CoreMethod(names = "scan", required = 1, needsBlock = true)
+    @CoreMethod(names = "scan", required = 1, needsBlock = true, taintFromParameters = 0)
     public abstract static class ScanNode extends YieldingCoreMethodNode {
 
         public ScanNode(RubyContext context, SourceSection sourceSection) {
@@ -1545,7 +1545,7 @@ public int size(RubyString string) {
         }
     }
 
-    @CoreMethod(names = "split", optional = 2, lowerFixnumParameters = 2)
+    @CoreMethod(names = "split", optional = 2, lowerFixnumParameters = 2, taintFromSelf = true)
     public abstract static class SplitNode extends CoreMethodNode {
 
         public SplitNode(RubyContext context, SourceSection sourceSection) {
@@ -1597,7 +1597,7 @@ private RubyArray splitHelper(RubyString string, String sep) {
         }
     }
 
-    @CoreMethod(names = "succ")
+    @CoreMethod(names = "succ", taintFromSelf = true)
     public abstract static class SuccNode extends CoreMethodNode {
 
         public SuccNode(RubyContext context, SourceSection sourceSection) {
@@ -1750,7 +1750,7 @@ public RubySymbol toSym(RubyString string) {
         }
     }
 
-    @CoreMethod(names = "reverse")
+    @CoreMethod(names = "reverse", taintFromSelf = true)
     public abstract static class ReverseNode extends CoreMethodNode {
 
         public ReverseNode(RubyContext context, SourceSection sourceSection) {
@@ -1809,7 +1809,7 @@ public RubyArray unpack(RubyString string, RubyString format) {
 
     }
 
-    @CoreMethod(names = "upcase")
+    @CoreMethod(names = "upcase", taintFromSelf = true)
     public abstract static class UpcaseNode extends CoreMethodNode {
 
         public UpcaseNode(RubyContext context, SourceSection sourceSection) {
@@ -1901,7 +1901,7 @@ public RubyBasicObject capitalizeBang(RubyString string) {
         }
     }
 
-    @CoreMethod(names = "capitalize")
+    @CoreMethod(names = "capitalize", taintFromSelf = true)
     public abstract static class CapitalizeNode extends CoreMethodNode {
 
         public CapitalizeNode(RubyContext context, SourceSection sourceSection) {