ruby-changes:26916
From: nobu <ko1@a...>
Date: Tue, 29 Jan 2013 16:50:36 +0900 (JST)
Subject: [ruby-changes:26916] nobu:r38968 (trunk): vm_trace.c: trace_func safe level check
nobu 2013-01-29 16:50:27 +0900 (Tue, 29 Jan 2013) New Revision: 38968 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=38968 Log: vm_trace.c: trace_func safe level check * vm_trace.c (set_trace_func, thread_{add,set}_trace_func_m): check safe level as well as 1.8. Modified files: trunk/ChangeLog trunk/test/ruby/test_settracefunc.rb trunk/vm_trace.c Index: ChangeLog =================================================================== --- ChangeLog (revision 38967) +++ ChangeLog (revision 38968) @@ -1,3 +1,8 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 +Tue Jan 29 16:50:25 2013 Nobuyoshi Nakada <nobu@r...> + + * vm_trace.c (set_trace_func, thread_{add,set}_trace_func_m): check + safe level as well as 1.8. + Tue Jan 29 16:49:19 2013 Nobuyoshi Nakada <nobu@r...> * proc.c (rb_mod_method_arity): return original arity of the method if Index: vm_trace.c =================================================================== --- vm_trace.c (revision 38967) +++ vm_trace.c (revision 38968) @@ -443,6 +443,8 @@ static void call_trace_func(rb_event_fla https://github.com/ruby/ruby/blob/trunk/vm_trace.c#L443 static VALUE set_trace_func(VALUE obj, VALUE trace) { + rb_secure(4); + rb_remove_event_hook(call_trace_func); if (NIL_P(trace)) { @@ -479,6 +481,8 @@ static VALUE https://github.com/ruby/ruby/blob/trunk/vm_trace.c#L481 thread_add_trace_func_m(VALUE obj, VALUE trace) { rb_thread_t *th; + + rb_secure(4); GetThreadPtr(obj, th); thread_add_trace_func(th, trace); return trace; @@ -498,6 +502,8 @@ static VALUE https://github.com/ruby/ruby/blob/trunk/vm_trace.c#L502 thread_set_trace_func_m(VALUE obj, VALUE trace) { rb_thread_t *th; + + rb_secure(4); GetThreadPtr(obj, th); rb_threadptr_remove_event_hook(th, call_trace_func, Qundef); Index: test/ruby/test_settracefunc.rb =================================================================== --- test/ruby/test_settracefunc.rb (revision 38967) +++ test/ruby/test_settracefunc.rb (revision 38968) @@ -397,6 +397,38 @@ class TestSetTraceFunc < Test::Unit::Tes https://github.com/ruby/ruby/blob/trunk/test/ruby/test_settracefunc.rb#L397 assert_equal(self, ok, bug3921) end + def assert_security_error_safe4 + func = lambda { + $SAFE = 4 + proc {yield} + }.call + assert_raise(SecurityError, &func) + end + + def test_set_safe4 + assert_security_error_safe4 do + set_trace_func(lambda {|*|}) + end + end + + def test_thread_set_safe4 + th = Thread.start {sleep} + assert_security_error_safe4 do + th.set_trace_func(lambda {|*|}) + end + ensure + th.kill + end + + def test_thread_add_safe4 + th = Thread.start {sleep} + assert_security_error_safe4 do + th.add_trace_func(lambda {|*|}) + end + ensure + th.kill + end + class << self define_method(:method_added, Module.method(:method_added)) end -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/