ruby-changes:26917
From: nobu <ko1@a...>
Date: Tue, 29 Jan 2013 16:51:09 +0900 (JST)
Subject: [ruby-changes:26917] nobu:r38969 (trunk): vm_trace.c: TracePoint safe level check
nobu 2013-01-29 16:51:00 +0900 (Tue, 29 Jan 2013) New Revision: 38969 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=38969 Log: vm_trace.c: TracePoint safe level check * vm_trace.c (rb_tracepoint_enable, rb_tracepoint_disable): check safe level as well as set_trace_func. Modified files: trunk/ChangeLog trunk/test/ruby/test_settracefunc.rb trunk/vm_trace.c Index: ChangeLog =================================================================== --- ChangeLog (revision 38968) +++ ChangeLog (revision 38969) @@ -1,4 +1,7 @@ https://github.com/ruby/ruby/blob/trunk/ChangeLog#L1 -Tue Jan 29 16:50:25 2013 Nobuyoshi Nakada <nobu@r...> +Tue Jan 29 16:50:58 2013 Nobuyoshi Nakada <nobu@r...> + + * vm_trace.c (rb_tracepoint_enable, rb_tracepoint_disable): check safe + level as well as set_trace_func. * vm_trace.c (set_trace_func, thread_{add,set}_trace_func_m): check safe level as well as 1.8. Index: vm_trace.c =================================================================== --- vm_trace.c (revision 38968) +++ vm_trace.c (revision 38969) @@ -943,7 +943,10 @@ tp_call_trace(VALUE tpval, rb_trace_arg_ https://github.com/ruby/ruby/blob/trunk/vm_trace.c#L943 VALUE rb_tracepoint_enable(VALUE tpval) { - rb_tp_t *tp = tpptr(tpval); + rb_tp_t *tp; + + rb_secure(4); + tp = tpptr(tpval); if (tp->target_th) { rb_thread_add_event_hook2(tp->target_th->self, (rb_event_hook_func_t)tp_call_trace, tp->events, tpval, @@ -960,7 +963,10 @@ rb_tracepoint_enable(VALUE tpval) https://github.com/ruby/ruby/blob/trunk/vm_trace.c#L963 VALUE rb_tracepoint_disable(VALUE tpval) { - rb_tp_t *tp = tpptr(tpval); + rb_tp_t *tp; + + rb_secure(4); + tp = tpptr(tpval); if (tp->target_th) { rb_thread_remove_event_hook_with_data(tp->target_th->self, (rb_event_hook_func_t)tp_call_trace, tpval); Index: test/ruby/test_settracefunc.rb =================================================================== --- test/ruby/test_settracefunc.rb (revision 38968) +++ test/ruby/test_settracefunc.rb (revision 38969) @@ -919,4 +919,18 @@ class TestSetTraceFunc < Test::Unit::Tes https://github.com/ruby/ruby/blob/trunk/test/ruby/test_settracefunc.rb#L919 assert_equal([:b_call, :b_return], ary, bug_7668) end end + + def test_trace_point_enable_safe4 + tp = TracePoint.new {} + assert_security_error_safe4 do + tp.enable + end + end + + def test_trace_point_disable_safe4 + tp = TracePoint.new {} + assert_security_error_safe4 do + tp.disable + end + end end -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/