Hi,

I stepped through the C source code, and the longer I think
about it I'm convinced it is a real bug.

On Tuesday, 14. Jul 2015, 22:07:32 +0200, Bertram Scharpf wrote:
> [On ruby-talk]
> 
> is this an intended behaviour or is it a bug? I did boil
> down the problem I detected to the smallest possible code.
> 
>   class C
>     t = Thread.new do
>       $SAFE = 1
>       def inspect
>         "<C>"
>       end
>     end
>     t.join
>   end
>   c = C.new
>   puts c.inspect
>   puts [c].inspect
>   not_reached
> 
> The output is:
> 
>   <C>
>   insecure.rb:12:in `inspect': calling insecure method: inspect (SecurityError)
>           from insecure.rb:12:in `<main>'
> 
> Why is the first #inspect allowed but the second is not?
> Should I still use $SAFE at all?

The exception is being raised by the function rb_inspect()
but not by rb_obj_inspect(). The function rb_ary_inspect()
calls rb_inspect() for the objects it contains. The lonely
C#inspect call goes directly to rb_obj_inspect().

When I replace rb_inspect() by rb_obj_inspect() in
rb_ary_inspect(), no exception will be raised.

Either, Array#inspect should call rb_obj_inspect(), too, so
that both lines succeed. The other solution would be that
rb_obj_inspect() raises an exception as well.

This is a matter of programming logic far beyond the $SAFE
mechanism. Please make a decision.

Thanks in advance.

Bertram


-- 
Bertram Scharpf
Stuttgart, Deutschland/Germany
http://www.bertram-scharpf.de