ruby-changes:45411
From: nobu <ko1@a...>
Date: Tue, 31 Jan 2017 21:55:03 +0900 (JST)
Subject: [ruby-changes:45411] nobu:r57484 (trunk): ruby.c: forbid options
nobu 2017-01-31 21:54:59 +0900 (Tue, 31 Jan 2017) New Revision: 57484 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57484 Log: ruby.c: forbid options * ruby.c (forbid_setid): constified. * ruby.c (process_options): forbid if setid earlier. Modified files: trunk/ruby.c Index: ruby.c =================================================================== --- ruby.c (revision 57483) +++ ruby.c (revision 57484) @@ -176,7 +176,7 @@ cmdline_options_init(ruby_cmdline_option https://github.com/ruby/ruby/blob/trunk/ruby.c#L176 } static NODE *load_file(VALUE, VALUE, int, ruby_cmdline_options_t *); -static void forbid_setid(const char *, ruby_cmdline_options_t *); +static void forbid_setid(const char *, const ruby_cmdline_options_t *); #define forbid_setid(s) forbid_setid((s), opt) static struct { @@ -1050,6 +1050,7 @@ proc_options(long argc, char **argv, rub https://github.com/ruby/ruby/blob/trunk/ruby.c#L1050 case 'x': if (envopt) goto noenvopt; + forbid_setid("-x"); opt->xflag = TRUE; s++; if (*s && chdir(s) < 0) { @@ -1514,6 +1515,9 @@ process_options(int argc, char **argv, r https://github.com/ruby/ruby/blob/trunk/ruby.c#L1515 argc--; argv++; } + if (opt->script[0] == '-' && !opt->script[1]) { + forbid_setid("program input from stdin"); + } } opt->script_name = rb_str_new_cstr(opt->script); @@ -1641,10 +1645,6 @@ process_options(int argc, char **argv, r https://github.com/ruby/ruby/blob/trunk/ruby.c#L1645 tree = rb_parser_compile_string(parser, opt->script, opt->e_script, 1); } else { - if (opt->script[0] == '-' && !opt->script[1]) { - forbid_setid("program input from stdin"); - } - base_block = toplevel_context(toplevel_binding); rb_parser_set_context(parser, base_block, TRUE); tree = load_file(parser, opt->script_name, 1, opt); @@ -1780,8 +1780,6 @@ load_file_internal(VALUE argp_v) https://github.com/ruby/ruby/blob/trunk/ruby.c#L1780 if (xflag || opt->xflag) { line_start--; search_shebang: - forbid_setid("-x"); - opt->xflag = FALSE; while (!NIL_P(line = rb_io_gets(f))) { line_start++; RSTRING_GETMEM(line, str, len); @@ -2117,7 +2115,7 @@ init_ids(ruby_cmdline_options_t *opt) https://github.com/ruby/ruby/blob/trunk/ruby.c#L2115 #undef forbid_setid static void -forbid_setid(const char *s, ruby_cmdline_options_t *opt) +forbid_setid(const char *s, const ruby_cmdline_options_t *opt) { if (opt->setids & 1) rb_raise(rb_eSecurityError, "no %s allowed while running setuid", s); -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/