Hi,

At Wed, 7 Oct 2009 12:11:57 +0900,
> That's fine, but 99.9% of Ruby programs out there don't use it and it
> impacts performance, so isn't making it an on-by-default configurable option
> a good idea?

Do you have exact data?


Index: configure.in =================================================================== --- configure.in (revision 25254) +++ configure.in (working copy) @@ -2131,4 +2131,11 @@ esac AC_SUBST(INSTALLDOC) +AC_ARG_ENABLE(taintness-checking, + AS_HELP_STRING([--disable-taintness-checking], [do not check taintness]), + [taintness_checking=$enableval], [taintness_checking=yes]) +if test $taintness_checking = no; then + AC_DEFINE(RUBY_DISABLE_TAINTNESS) +fi + if test "$rb_with_pthread" = "yes"; then THREAD_MODEL=pthread Index: include/ruby/ruby.h =================================================================== --- include/ruby/ruby.h (revision 25254) +++ include/ruby/ruby.h (working copy) @@ -513,8 +513,14 @@ VALUE rb_int2big(SIGNED_VALUE); VALUE rb_newobj(void); #define NEWOBJ(obj,type) type *obj = (type*)rb_newobj() +#ifdef RUBY_DISABLE_TAINTNESS +#define TAINT_IF_UNSAFE(level, obj) \ + if (rb_safe_level() >= level) FL_SET(obj, FL_TAINT | FL_UNTRUSTED) +#else +#define TAINT_IF_UNSAFE(level, obj) (void)0 +#endif #define OBJSETUP(obj,c,t) do {\ RBASIC(obj)->flags = (t);\ RBASIC(obj)->klass = (c);\ - if (rb_safe_level() >= 3) FL_SET(obj, FL_TAINT | FL_UNTRUSTED);\ + TAINT_IF_UNSAFE(3, obj);\ } while (0) #define CLONESETUP(clone,obj) do {\ @@ -891,4 +897,11 @@ struct RBignum { #define FL_REVERSE(x,f) do {if (FL_ABLE(x)) RBASIC(x)->flags ^= (f);} while (0) +#ifdef RUBY_DISABLE_TAINTNESS +#define OBJ_TAINTED(x) 0 +#define OBJ_TAINT(x) do {(void)(x);} while (0) +#define OBJ_UNTRUSTED(x) 0 +#define OBJ_UNTRUST(x) do {(void)(x);} while (0) +#define OBJ_INFECT(x,s) do {(void)(x);(void)(s);} while (0) +#else #define OBJ_TAINTED(x) (!!FL_TEST((x), FL_TAINT)) #define OBJ_TAINT(x) FL_SET((x), FL_TAINT) @@ -896,4 +909,5 @@ struct RBignum { #define OBJ_UNTRUST(x) FL_SET((x), FL_UNTRUSTED) #define OBJ_INFECT(x,s) do {if (FL_ABLE(x) && FL_ABLE(s)) RBASIC(x)->flags |= RBASIC(s)->flags & (FL_TAINT | FL_UNTRUSTED);} while (0) +#endif #define OBJ_FROZEN(x) (!!FL_TEST((x), FL_FREEZE))
-- Nobu Nakada