ruby-changes:1896
From: ko1@a...
Date: 7 Sep 2007 15:52:15 +0900
Subject: [ruby-changes:1896] shyouhei - Ruby:r13387 (ruby_1_8_6): * eval.c (mnew): should preserve noex as safe_level.
shyouhei 2007-09-07 15:52:05 +0900 (Fri, 07 Sep 2007)
New Revision: 13387
Modified files:
branches/ruby_1_8_6/ChangeLog
branches/ruby_1_8_6/eval.c
branches/ruby_1_8_6/version.h
Log:
* eval.c (mnew): should preserve noex as safe_level.
* eval.c (rb_call0): tighten security check condition..
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8_6/ChangeLog?r1=13387&r2=13386
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8_6/version.h?r1=13387&r2=13386
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8_6/eval.c?r1=13387&r2=13386
Index: ruby_1_8_6/ChangeLog
===================================================================
--- ruby_1_8_6/ChangeLog (revision 13386)
+++ ruby_1_8_6/ChangeLog (revision 13387)
@@ -1,3 +1,9 @@
+Fri Sep 7 15:50:50 2007 Yukihiro Matsumoto <matz@r...>
+
+ * eval.c (mnew): should preserve noex as safe_level.
+
+ * eval.c (rb_call0): tighten security check condition..
+
Fri Sep 7 15:43:43 2007 Nobuyoshi Nakada <nobu@r...>
* ext/tk/tcltklib.c (Init_tcltklib): use rb_set_end_proc().
Index: ruby_1_8_6/version.h
===================================================================
--- ruby_1_8_6/version.h (revision 13386)
+++ ruby_1_8_6/version.h (revision 13387)
@@ -2,7 +2,7 @@
#define RUBY_RELEASE_DATE "2007-09-07"
#define RUBY_VERSION_CODE 186
#define RUBY_RELEASE_CODE 20070907
-#define RUBY_PATCHLEVEL 93
+#define RUBY_PATCHLEVEL 94
#define RUBY_VERSION_MAJOR 1
#define RUBY_VERSION_MINOR 8
Index: ruby_1_8_6/eval.c
===================================================================
--- ruby_1_8_6/eval.c (revision 13386)
+++ ruby_1_8_6/eval.c (revision 13387)
@@ -5777,7 +5777,7 @@
volatile int safe = -1;
if (NOEX_SAFE(flags) > ruby_safe_level &&
- !(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) {
+ ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) {
rb_raise(rb_eSecurityError, "calling insecure method: %s",
rb_id2name(id));
}
@@ -9007,7 +9007,7 @@
data->body = body;
data->rklass = rklass;
data->oid = oid;
- data->safe_level = NOEX_WITH_SAFE(0);
+ data->safe_level = NOEX_WITH_SAFE(noex);
OBJ_INFECT(method, klass);
return method;
--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml