Issue #15998 has been reported by byroot (Jean Boussier).

----------------------------------------
Feature #15998: Allow String#-@ to deduplicate tainted string, but return an untainted one
https://bugs.ruby-lang.org/issues/15998

* Author: byroot (Jean Boussier)
* Status: Open
* Priority: Normal
* Assignee: 
* Target version: 
----------------------------------------
Patch: https://github.com/ruby/ruby/pull/2287

There was a previous attempt by Eric Wong to allow deduplication of tainted strings, but it was reverted because of unknown CI issues: https://github.com/ruby/ruby/commit/0493b1ce3a4

The previous approach was trying to segregate tainted fstrings from untainted ones. This patch is different.

Instead it returns an untainted fstring.

The rationale is that `String#-@` purpose is to deduplicate string we know will stay in memory for long if not until exit, hence I'd argue that by doing so we're implicitly trusting them. A typical usage for instance is:

```ruby
CONFIG = YAML.load_file('path/to/config.yml').transform_keys { |k| -k }.freeze
```

Except the above currently doesn't work because YAML returns tainted instances when it reads from a file, so instead you have to do:

```ruby
CONFIG = YAML.load_file('path/to/config.yml').transform_keys { |k| -(+k).untaint }.freeze
```

Which is fairly inefficient and unexpected. Several time I wondered why `-@` wouldn't deduplicate strings until I noticed they were tainted.



-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>