ruby-changes:12156
From: nobu <ko1@a...>
Date: Tue, 23 Jun 2009 21:29:15 +0900 (JST)
Subject: [ruby-changes:12156] Ruby:r23831 (trunk): * file.c (rb_get_path_check): check with given safe level.
nobu 2009-06-23 21:28:16 +0900 (Tue, 23 Jun 2009) New Revision: 23831 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=23831 Log: * file.c (rb_get_path_check): check with given safe level. * file.c (rb_find_file_ext_safe, rb_find_file_safe): ditto. * safe.c (rb_insecure_operation): function to raise security error. Modified files: trunk/file.c trunk/include/ruby/ruby.h trunk/safe.c Index: include/ruby/ruby.h =================================================================== --- include/ruby/ruby.h (revision 23830) +++ include/ruby/ruby.h (revision 23831) @@ -427,6 +427,7 @@ void rb_set_safe_level(int); void rb_set_safe_level_force(int); void rb_secure_update(VALUE); +NORETURN(void rb_insecure_operation(void)); VALUE rb_errinfo(void); void rb_set_errinfo(VALUE); Index: safe.c =================================================================== --- safe.c (revision 23830) +++ safe.c (revision 23831) @@ -98,16 +98,22 @@ } void +rb_insecure_operation(void) +{ + if (rb_frame_callee()) { + rb_raise(rb_eSecurityError, "Insecure operation - %s", + rb_id2name(rb_frame_callee())); + } + else { + rb_raise(rb_eSecurityError, "Insecure operation: -r"); + } +} + +void rb_check_safe_obj(VALUE x) { if (rb_safe_level() > 0 && OBJ_TAINTED(x)) { - if (rb_frame_callee()) { - rb_raise(rb_eSecurityError, "Insecure operation - %s", - rb_id2name(rb_frame_callee())); - } - else { - rb_raise(rb_eSecurityError, "Insecure operation: -r"); - } + rb_insecure_operation(); } rb_secure(4); } Index: file.c =================================================================== --- file.c (revision 23830) +++ file.c (revision 23831) @@ -101,13 +101,17 @@ VALUE rb_mFileTest; VALUE rb_cStat; +#define insecure_obj_p(obj, level) (level >= 4 || (level > 0 && OBJ_TAINTED(obj))) + static VALUE -rb_get_path_check(VALUE obj, int check) +rb_get_path_check(VALUE obj, int level) { VALUE tmp; ID to_path; - if (check) rb_check_safe_obj(obj); + if (insecure_obj_p(obj, level)) { + rb_insecure_operation(); + } tmp = rb_check_string_type(obj); if (!NIL_P(tmp)) goto exit; @@ -120,8 +124,8 @@ } exit: StringValueCStr(tmp); - if (check && obj != tmp) { - rb_check_safe_obj(tmp); + if (obj != tmp && insecure_obj_p(tmp, level)) { + rb_insecure_operation(); } return rb_str_new4(tmp); } @@ -135,7 +139,7 @@ VALUE rb_get_path(VALUE obj) { - return rb_get_path_check(obj, 1); + return rb_get_path_check(obj, rb_safe_level()); } static long @@ -4673,7 +4677,7 @@ for (i = 0; i < RARRAY_LEN(load_path); i++) { VALUE str = RARRAY_PTR(load_path)[i]; - FilePathValue(str); + RB_GC_GUARD(str) = rb_get_path_check(str, safe_level); if (RSTRING_LEN(str) == 0) continue; file_expand_path(fname, str, 0, tmp); if (file_load_ok(RSTRING_PTR(tmp))) { @@ -4732,7 +4736,7 @@ tmp = rb_str_tmp_new(MAXPATHLEN + 2); for (i = 0; i < RARRAY_LEN(load_path); i++) { VALUE str = RARRAY_PTR(load_path)[i]; - FilePathValue(str); + RB_GC_GUARD(str) = rb_get_path_check(str, safe_level); if (RSTRING_LEN(str) > 0) { file_expand_path(path, str, 0, tmp); f = RSTRING_PTR(tmp); -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/