diff options
| author | Samuel Giddins <[email protected]> | 2023-08-18 13:35:23 -0700 |
|---|---|---|
| committer | git <[email protected]> | 2023-09-20 02:02:58 +0000 |
| commit | d182d83ce929cd322f4a6fd134cd31be950eca77 (patch) | |
| tree | 18808133999aab348990d35cae6920d0252dfa56 /lib/rubygems/indexer.rb | |
| parent | c47608494f961d2a8fe24b1a7b7f627b305cf7fe (diff) | |
[rubygems/rubygems] Add a Marshal.load replacement that walks an AST to safely load permitted classes/symbols
https://github.com/rubygems/rubygems/commit/7e4478fe73
Diffstat (limited to 'lib/rubygems/indexer.rb')
| -rw-r--r-- | lib/rubygems/indexer.rb | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/rubygems/indexer.rb b/lib/rubygems/indexer.rb index c6691517b3..f4c981b9ef 100644 --- a/lib/rubygems/indexer.rb +++ b/lib/rubygems/indexer.rb @@ -411,7 +411,8 @@ class Gem::Indexer # +dest+. For a latest index, does not ensure the new file is minimal. def update_specs_index(index, source, dest) - specs_index = Marshal.load Gem.read_binary(source) + Gem.load_safe_marshal + specs_index = Gem::SafeMarshal.safe_load Gem.read_binary(source) index.each do |spec| platform = spec.original_platform |