kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

* safe.c (rb_set_safe_level, safe_setter): raise an ArgumentError

Browse source 
when $SAFE is set to 4.  $SAFE=4 is now obsolete.
  [ruby-core:55222] [Feature #8468]

* object.c (rb_obj_untrusted, rb_obj_untrust, rb_obj_trust):
  Kernel#untrusted?, untrust, and trust are now deprecated.
  Their behavior is same as tainted?, taint, and untaint,
  respectively.

* include/ruby/ruby.h (OBJ_UNTRUSTED, OBJ_UNTRUST): OBJ_UNTRUSTED()
  and OBJ_UNTRUST() are aliases of OBJ_TAINTED() and OBJ_TAINT(),
  respectively.

* array.c, class.c, debug.c, dir.c, encoding.c, error.c, eval.c,
  ext/curses/curses.c, ext/dbm/dbm.c, ext/dl/cfunc.c,
  ext/dl/cptr.c, ext/dl/dl.c, ext/etc/etc.c, ext/fiddle/fiddle.c,
  ext/fiddle/pointer.c, ext/gdbm/gdbm.c, ext/readline/readline.c,
  ext/sdbm/init.c, ext/socket/ancdata.c, ext/socket/basicsocket.c,
  ext/socket/socket.c, ext/socket/udpsocket.c,
  ext/stringio/stringio.c, ext/syslog/syslog.c, ext/tk/tcltklib.c,
  ext/win32ole/win32ole.c, file.c, gc.c, hash.c, io.c, iseq.c,
  load.c, marshal.c, object.c, proc.c, process.c, random.c, re.c,
  safe.c, string.c, thread.c, transcode.c, variable.c,
  vm_insnhelper.c, vm_method.c, vm_trace.c: remove code for
  $SAFE=4.

* test/dl/test_dl2.rb, test/erb/test_erb.rb,
  test/readline/test_readline.rb,
  test/readline/test_readline_history.rb, test/ruby/test_alias.rb,
  test/ruby/test_array.rb, test/ruby/test_dir.rb,
  test/ruby/test_encoding.rb, test/ruby/test_env.rb,
  test/ruby/test_eval.rb, test/ruby/test_exception.rb,
  test/ruby/test_file_exhaustive.rb, test/ruby/test_hash.rb,
  test/ruby/test_io.rb, test/ruby/test_method.rb,
  test/ruby/test_module.rb, test/ruby/test_object.rb,
  test/ruby/test_pack.rb, test/ruby/test_rand.rb,
  test/ruby/test_regexp.rb, test/ruby/test_settracefunc.rb,
  test/ruby/test_struct.rb, test/ruby/test_thread.rb,
  test/ruby/test_time.rb: remove tests for $SAFE=4.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41259 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
shugo 2013-06-12 14:20:51 +00:00
parent b53a183c00
commit 1f828497d1
73 changed files with 95 additions and 978 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
ChangeLog
View file

@ -1,3 +1,45 @@
Wed Jun 12 22:58:48 2013 Shugo Maeda <shugo@ruby-lang.org>
* safe.c (rb_set_safe_level, safe_setter): raise an ArgumentError
when $SAFE is set to 4. $SAFE=4 is now obsolete.
[ruby-core:55222] [Feature #8468]
* object.c (rb_obj_untrusted, rb_obj_untrust, rb_obj_trust):
Kernel#untrusted?, untrust, and trust are now deprecated.
Their behavior is same as tainted?, taint, and untaint,
respectively.
* include/ruby/ruby.h (OBJ_UNTRUSTED, OBJ_UNTRUST): OBJ_UNTRUSTED()
and OBJ_UNTRUST() are aliases of OBJ_TAINTED() and OBJ_TAINT(),
respectively.
* array.c, class.c, debug.c, dir.c, encoding.c, error.c, eval.c,
ext/curses/curses.c, ext/dbm/dbm.c, ext/dl/cfunc.c,
ext/dl/cptr.c, ext/dl/dl.c, ext/etc/etc.c, ext/fiddle/fiddle.c,
ext/fiddle/pointer.c, ext/gdbm/gdbm.c, ext/readline/readline.c,
ext/sdbm/init.c, ext/socket/ancdata.c, ext/socket/basicsocket.c,
ext/socket/socket.c, ext/socket/udpsocket.c,
ext/stringio/stringio.c, ext/syslog/syslog.c, ext/tk/tcltklib.c,
ext/win32ole/win32ole.c, file.c, gc.c, hash.c, io.c, iseq.c,
load.c, marshal.c, object.c, proc.c, process.c, random.c, re.c,
safe.c, string.c, thread.c, transcode.c, variable.c,
vm_insnhelper.c, vm_method.c, vm_trace.c: remove code for
$SAFE=4.
* test/dl/test_dl2.rb, test/erb/test_erb.rb,
test/readline/test_readline.rb,
test/readline/test_readline_history.rb, test/ruby/test_alias.rb,
test/ruby/test_array.rb, test/ruby/test_dir.rb,
test/ruby/test_encoding.rb, test/ruby/test_env.rb,
test/ruby/test_eval.rb, test/ruby/test_exception.rb,
test/ruby/test_file_exhaustive.rb, test/ruby/test_hash.rb,
test/ruby/test_io.rb, test/ruby/test_method.rb,
test/ruby/test_module.rb, test/ruby/test_object.rb,
test/ruby/test_pack.rb, test/ruby/test_rand.rb,
test/ruby/test_regexp.rb, test/ruby/test_settracefunc.rb,
test/ruby/test_struct.rb, test/ruby/test_thread.rb,
test/ruby/test_time.rb: remove tests for $SAFE=4.
Wed Jun 12 22:18:23 2013 Tanaka Akira <akr@fsij.org>
* bignum.c (integer_unpack_num_bdigits_generic): Rewritten without

10
array.c
View file

@ -257,8 +257,6 @@ static inline void
rb_ary_modify_check(VALUE ary)
{
rb_check_frozen(ary);
if (!OBJ_UNTRUSTED(ary) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: can't modify array");
}
void
@ -1843,7 +1841,6 @@ ary_join_0(VALUE ary, VALUE sep, long max, VALUE result)
rb_str_buf_append(result, sep);
rb_str_buf_append(result, val);
if (OBJ_TAINTED(val)) OBJ_TAINT(result);
if (OBJ_UNTRUSTED(val)) OBJ_TAINT(result);
}
}
@ -1905,12 +1902,10 @@ rb_ary_join(VALUE ary, VALUE sep)
{
long len = 1, i;
int taint = FALSE;
int untrust = FALSE;
VALUE val, tmp, result;
if (RARRAY_LEN(ary) == 0) return rb_usascii_str_new(0, 0);
if (OBJ_TAINTED(ary)) taint = TRUE;
if (OBJ_UNTRUSTED(ary)) untrust = TRUE;
if (!NIL_P(sep)) {
StringValue(sep);
@ -1925,7 +1920,6 @@ rb_ary_join(VALUE ary, VALUE sep)
result = rb_str_buf_new(len + (RARRAY_LEN(ary)-i)*10);
rb_enc_associate(result, rb_usascii_encoding());
if (taint) OBJ_TAINT(result);
if (untrust) OBJ_UNTRUST(result);
ary_join_0(ary, sep, i, result);
first = i == 0;
ary_join_1(ary, ary, sep, i, result, &first);
@ -1937,7 +1931,6 @@ rb_ary_join(VALUE ary, VALUE sep)
result = rb_str_buf_new(len);
if (taint) OBJ_TAINT(result);
if (untrust) OBJ_UNTRUST(result);
ary_join_0(ary, sep, RARRAY_LEN(ary), result);
return result;
@ -1971,7 +1964,6 @@ static VALUE
inspect_ary(VALUE ary, VALUE dummy, int recur)
{
int tainted = OBJ_TAINTED(ary);
int untrust = OBJ_UNTRUSTED(ary);
long i;
VALUE s, str;
@ -1980,14 +1972,12 @@ inspect_ary(VALUE ary, VALUE dummy, int recur)
for (i=0; i<RARRAY_LEN(ary); i++) {
s = rb_inspect(RARRAY_AREF(ary, i));
if (OBJ_TAINTED(s)) tainted = TRUE;
if (OBJ_UNTRUSTED(s)) untrust = TRUE;
if (i > 0) rb_str_buf_cat2(str, ", ");
else rb_enc_copy(str, s);
rb_str_buf_append(str, s);
}
rb_str_buf_cat2(str, "]");
if (tainted) OBJ_TAINT(str);
if (untrust) OBJ_UNTRUST(str);
return str;
}

12
class.c
View file

@ -696,9 +696,6 @@ rb_include_module(VALUE klass, VALUE module)
int changed = 0;
rb_frozen_class_p(klass);
if (!OBJ_UNTRUSTED(klass)) {
rb_secure(4);
}
if (!RB_TYPE_P(module, T_MODULE)) {
Check_Type(module, T_MODULE);
@ -804,9 +801,6 @@ rb_prepend_module(VALUE klass, VALUE module)
int changed = 0;
rb_frozen_class_p(klass);
if (!OBJ_UNTRUSTED(klass)) {
rb_secure(4);
}
Check_Type(module, T_MODULE);
@ -1440,12 +1434,6 @@ singleton_class_of(VALUE obj)
else {
FL_UNSET(klass, FL_TAINT);
}
if (OBJ_UNTRUSTED(obj)) {
OBJ_UNTRUST(klass);
}
else {
FL_UNSET(klass, FL_UNTRUSTED);
}
if (OBJ_FROZEN(obj)) OBJ_FREEZE(klass);
return klass;

1
debug.c
View file

@ -36,7 +36,6 @@ const union {
RUBY_FL_OLDGEN = FL_OLDGEN,
RUBY_FL_FINALIZE = FL_FINALIZE,
RUBY_FL_TAINT = FL_TAINT,
RUBY_FL_UNTRUSTED = FL_UNTRUSTED,
RUBY_FL_EXIVAR = FL_EXIVAR,
RUBY_FL_FREEZE = FL_FREEZE,
RUBY_FL_SINGLETON = FL_SINGLETON,

6
dir.c
View file

@ -507,8 +507,6 @@ static struct dir_data *
dir_check(VALUE dir)
{
struct dir_data *dirp;
if (!OBJ_UNTRUSTED(dir) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: operation on trusted Dir");
rb_check_frozen(dir);
dirp = rb_check_typeddata(dir, &dir_data_type);
if (!dirp->dir) dir_closed();
@ -746,9 +744,6 @@ dir_rewind(VALUE dir)
{
struct dir_data *dirp;
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(dir)) {
rb_raise(rb_eSecurityError, "Insecure: can't close");
}
GetDIR(dir, dirp);
rewinddir(dirp->dir);
return dir;
@ -896,7 +891,6 @@ rb_dir_getwd(void)
char *path;
VALUE cwd;
rb_secure(4);
path = my_getcwd();
cwd = rb_tainted_str_new2(path);
rb_enc_associate(cwd, rb_filesystem_encoding());

2
encoding.c
View file

@ -591,7 +591,7 @@ load_encoding(const char *name)
else if (ISUPPER(*s)) *s = (char)TOLOWER(*s);
++s;
}
FL_UNSET(enclib, FL_TAINT|FL_UNTRUSTED);
FL_UNSET(enclib, FL_TAINT);
OBJ_FREEZE(enclib);
ruby_verbose = Qfalse;
ruby_debug = Qfalse;

4
error.c
View file

@ -2039,7 +2039,6 @@ rb_error_untrusted(VALUE obj)
void
rb_check_trusted(VALUE obj)
{
rb_check_trusted_internal(obj);
}
void
@ -2047,9 +2046,8 @@ rb_check_copyable(VALUE obj, VALUE orig)
{
if (!FL_ABLE(obj)) return;
rb_check_frozen_internal(obj);
rb_check_trusted_internal(obj);
if (!FL_ABLE(orig)) return;
if ((~RBASIC(obj)->flags & RBASIC(orig)->flags) & (FL_UNTRUSTED|FL_TAINT)) {
if ((~RBASIC(obj)->flags & RBASIC(orig)->flags) & FL_TAINT) {
if (rb_safe_level() > 0) {
rb_raise(rb_eSecurityError, "Insecure: can't modify %"PRIsVALUE,
RBASIC(obj)->klass);

1
eval.c
View file

@ -1331,7 +1331,6 @@ top_include(int argc, VALUE *argv, VALUE self)
{
rb_thread_t *th = GET_THREAD();
rb_secure(4);
if (th->top_wrapper) {
rb_warning("main.include in the wrapped load is effective only in wrapper module");
return rb_mod_include(argc, argv, th->top_wrapper);

3
ext/curses/curses.c
View file

@ -145,7 +145,6 @@ prep_window(VALUE class, WINDOW *window)
static VALUE
curses_init_screen(void)
{
rb_secure(4);
if (rb_stdscr) return rb_stdscr;
initscr();
if (stdscr == 0) {
@ -1491,7 +1490,6 @@ window_initialize(VALUE obj, VALUE h, VALUE w, VALUE top, VALUE left)
struct windata *winp;
WINDOW *window;
rb_secure(4);
curses_init_screen();
TypedData_Get_Struct(obj, struct windata, &windata_type, winp);
if (winp->window) delwin(winp->window);
@ -2511,7 +2509,6 @@ pad_initialize(VALUE obj, VALUE h, VALUE w)
struct windata *padp;
WINDOW *window;
rb_secure(4);
curses_init_screen();
TypedData_Get_Struct(obj, struct windata, &windata_type, padp);
if (padp->window) delwin(padp->window);

1
ext/dbm/dbm.c
View file

@ -392,7 +392,6 @@ fdbm_values_at(int argc, VALUE *argv, VALUE obj)
static void
fdbm_modify(VALUE obj)
{
rb_secure(4);
if (OBJ_FROZEN(obj)) rb_error_frozen("DBM");
}

3
ext/dl/cfunc.c
View file

@ -86,7 +86,6 @@ rb_dlcfunc_new(void (*func)(), int type, const char *name, ID calltype)
VALUE val;
struct cfunc_data *data;
rb_secure(4);
if( func ){
val = TypedData_Make_Struct(rb_cDLCFunc, struct cfunc_data, &dlcfunc_data_type, data);
data->ptr = (void *)(VALUE)func;
@ -346,8 +345,6 @@ rb_dlcfunc_call(VALUE self, VALUE ary)
DLSTACK_TYPE stack[DLSTACK_SIZE];
VALUE result = Qnil;
rb_secure_update(self);
memset(stack, 0, sizeof(DLSTACK_TYPE) * DLSTACK_SIZE);
Check_Type(ary, T_ARRAY);

3
ext/dl/cptr.c
View file

@ -69,7 +69,6 @@ rb_dlptr_new2(VALUE klass, void *ptr, long size, freefunc_t func)
struct ptr_data *data;
VALUE val;
rb_secure(4);
val = TypedData_Make_Struct(klass, struct ptr_data, &dlptr_data_type, data);
data->ptr = ptr;
data->free = func;
@ -90,7 +89,6 @@ rb_dlptr_malloc(long size, freefunc_t func)
{
void *ptr;
rb_secure(4);
ptr = ruby_xmalloc((size_t)size);
memset(ptr,0,(size_t)size);
return rb_dlptr_new(ptr, size, func);
@ -122,7 +120,6 @@ rb_dlptr_s_allocate(VALUE klass)
VALUE obj;
struct ptr_data *data;
rb_secure(4);
obj = TypedData_Make_Struct(klass, struct ptr_data, &dlptr_data_type, data);
data->ptr = 0;
data->size = 0;

4
ext/dl/dl.c
View file

@ -81,7 +81,6 @@ rb_dl_malloc(VALUE self, VALUE size)
{
void *ptr;
rb_secure(4);
ptr = (void*)ruby_xmalloc(NUM2INT(size));
return PTR2NUM(ptr);
}
@ -98,7 +97,6 @@ rb_dl_realloc(VALUE self, VALUE addr, VALUE size)
{
void *ptr = NUM2PTR(addr);
rb_secure(4);
ptr = (void*)ruby_xrealloc(ptr, NUM2INT(size));
return PTR2NUM(ptr);
}
@ -113,7 +111,6 @@ rb_dl_free(VALUE self, VALUE addr)
{
void *ptr = NUM2PTR(addr);
rb_secure(4);
ruby_xfree(ptr);
return Qnil;
}
@ -137,7 +134,6 @@ rb_dl_free(VALUE self, VALUE addr)
VALUE
rb_dl_ptr2value(VALUE self, VALUE addr)
{
rb_secure(4);
return (VALUE)NUM2PTR(addr);
}

8
ext/etc/etc.c
View file

@ -60,7 +60,6 @@ etc_getlogin(VALUE obj)
{
char *login;
rb_secure(4);
#ifdef HAVE_GETLOGIN
login = getlogin();
if (!login) login = getenv("USER");
@ -147,7 +146,6 @@ etc_getpwuid(int argc, VALUE *argv, VALUE obj)
rb_uid_t uid;
struct passwd *pwd;
rb_secure(4);
if (rb_scan_args(argc, argv, "01", &id) == 1) {
uid = NUM2UIDT(id);
}
@ -251,7 +249,6 @@ etc_passwd(VALUE obj)
#ifdef HAVE_GETPWENT
struct passwd *pw;
rb_secure(4);
if (rb_block_given_p()) {
each_passwd();
}
@ -391,7 +388,6 @@ etc_getgrgid(int argc, VALUE *argv, VALUE obj)
gid_t gid;
struct group *grp;
rb_secure(4);
if (rb_scan_args(argc, argv, "01", &id) == 1) {
gid = NUM2GIDT(id);
}
@ -428,7 +424,6 @@ etc_getgrnam(VALUE obj, VALUE nam)
#ifdef HAVE_GETGRENT
struct group *grp;
rb_secure(4);
SafeStringValue(nam);
grp = getgrnam(RSTRING_PTR(nam));
if (grp == 0) rb_raise(rb_eArgError, "can't find group for %s", RSTRING_PTR(nam));
@ -494,7 +489,6 @@ etc_group(VALUE obj)
#ifdef HAVE_GETGRENT
struct group *grp;
rb_secure(4);
if (rb_block_given_p()) {
each_group();
}
@ -624,7 +618,7 @@ etc_systmpdir(void)
#else
tmpdir = rb_filesystem_str_new_cstr("/tmp");
#endif
FL_UNSET(tmpdir, FL_TAINT|FL_UNTRUSTED);
FL_UNSET(tmpdir, FL_TAINT);
return tmpdir;
}

4
ext/fiddle/fiddle.c
View file

@ -48,7 +48,6 @@ rb_fiddle_malloc(VALUE self, VALUE size)
{
void *ptr;
rb_secure(4);
ptr = (void*)ruby_xmalloc(NUM2INT(size));
return PTR2NUM(ptr);
}
@ -65,7 +64,6 @@ rb_fiddle_realloc(VALUE self, VALUE addr, VALUE size)
{
void *ptr = NUM2PTR(addr);
rb_secure(4);
ptr = (void*)ruby_xrealloc(ptr, NUM2INT(size));
return PTR2NUM(ptr);
}
@ -80,7 +78,6 @@ rb_fiddle_free(VALUE self, VALUE addr)
{
void *ptr = NUM2PTR(addr);
rb_secure(4);
ruby_xfree(ptr);
return Qnil;
}
@ -104,7 +101,6 @@ rb_fiddle_free(VALUE self, VALUE addr)
VALUE
rb_fiddle_ptr2value(VALUE self, VALUE addr)
{
rb_secure(4);
return (VALUE)NUM2PTR(addr);
}

3
ext/fiddle/pointer.c
View file

@ -76,7 +76,6 @@ rb_fiddle_ptr_new2(VALUE klass, void *ptr, long size, freefunc_t func)
struct ptr_data *data;
VALUE val;
rb_secure(4);
val = TypedData_Make_Struct(klass, struct ptr_data, &fiddle_ptr_data_type, data);
data->ptr = ptr;
data->free = func;
@ -97,7 +96,6 @@ rb_fiddle_ptr_malloc(long size, freefunc_t func)
{
void *ptr;
rb_secure(4);
ptr = ruby_xmalloc((size_t)size);
memset(ptr,0,(size_t)size);
return rb_fiddle_ptr_new(ptr, size, func);
@ -129,7 +127,6 @@ rb_fiddle_ptr_s_allocate(VALUE klass)
VALUE obj;
struct ptr_data *data;
rb_secure(4);
obj = TypedData_Make_Struct(klass, struct ptr_data, &fiddle_ptr_data_type, data);
data->ptr = 0;
data->size = 0;

1
ext/gdbm/gdbm.c
View file

@ -506,7 +506,6 @@ fgdbm_values_at(int argc, VALUE *argv, VALUE obj)
static void
rb_gdbm_modify(VALUE obj)
{
rb_secure(4);
if (OBJ_FROZEN(obj)) rb_error_frozen("GDBM");
}

46
ext/readline/readline.c
View file

@ -382,7 +382,6 @@ readline_readline(int argc, VALUE *argv, VALUE self)
char *buff;
int status;
rb_secure(4);
if (rb_scan_args(argc, argv, "02", &tmp, &add_hist) > 0) {
OutputStringValue(tmp);
#if USE_INSERT_IGNORE_ESCAPE
@ -454,7 +453,6 @@ readline_s_set_input(VALUE self, VALUE input)
{
rb_io_t *ifp;
rb_secure(4);
Check_Type(input, T_FILE);
GetOpenFile(input, ifp);
rl_instream = rb_io_stdio_file(ifp);
@ -478,7 +476,6 @@ readline_s_set_output(VALUE self, VALUE output)
{
rb_io_t *ofp;
rb_secure(4);
Check_Type(output, T_FILE);
GetOpenFile(output, ofp);
rl_outstream = rb_io_stdio_file(ofp);
@ -503,7 +500,6 @@ readline_s_set_output(VALUE self, VALUE output)
static VALUE
readline_s_set_pre_input_hook(VALUE self, VALUE proc)
{
rb_secure(4);
if (!NIL_P(proc) && !rb_respond_to(proc, rb_intern("call")))
rb_raise(rb_eArgError, "argument must respond to `call'");
return rb_ivar_set(mReadline, id_pre_input_hook, proc);
@ -522,7 +518,6 @@ readline_s_set_pre_input_hook(VALUE self, VALUE proc)
static VALUE
readline_s_get_pre_input_hook(VALUE self)
{
rb_secure(4);
return rb_attr_get(mReadline, id_pre_input_hook);
}
@ -555,7 +550,6 @@ readline_pre_input_hook(void)
static VALUE
readline_s_insert_text(VALUE self, VALUE str)
{
rb_secure(4);
OutputStringValue(str);
rl_insert_text(RSTRING_PTR(str));
return self;
@ -579,7 +573,6 @@ readline_s_insert_text(VALUE self, VALUE str)
static VALUE
readline_s_redisplay(VALUE self)
{
rb_secure(4);
rl_redisplay();
return self;
}
@ -660,7 +653,6 @@ readline_s_redisplay(VALUE self)
static VALUE
readline_s_set_completion_proc(VALUE self, VALUE proc)
{
rb_secure(4);
if (!NIL_P(proc) && !rb_respond_to(proc, rb_intern("call")))
rb_raise(rb_eArgError, "argument must respond to `call'");
return rb_ivar_set(mReadline, completion_proc, proc);
@ -677,7 +669,6 @@ readline_s_set_completion_proc(VALUE self, VALUE proc)
static VALUE
readline_s_get_completion_proc(VALUE self)
{
rb_secure(4);
return rb_attr_get(mReadline, completion_proc);
}
@ -692,7 +683,6 @@ readline_s_get_completion_proc(VALUE self)
static VALUE
readline_s_set_completion_case_fold(VALUE self, VALUE val)
{
rb_secure(4);
return rb_ivar_set(mReadline, completion_case_fold, val);
}
@ -715,7 +705,6 @@ readline_s_set_completion_case_fold(VALUE self, VALUE val)
static VALUE
readline_s_get_completion_case_fold(VALUE self)
{
rb_secure(4);
return rb_attr_get(mReadline, completion_case_fold);
}
@ -734,7 +723,6 @@ readline_s_get_completion_case_fold(VALUE self)
static VALUE
readline_s_get_line_buffer(VALUE self)
{
rb_secure(4);
if (rl_line_buffer == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_line_buffer);
@ -760,7 +748,6 @@ readline_s_get_line_buffer(VALUE self)
static VALUE
readline_s_get_point(VALUE self)
{
rb_secure(4);
return INT2NUM(rl_point);
}
#else
@ -857,7 +844,6 @@ readline_attempted_completion_function(const char *text, int start, int end)
static VALUE
readline_s_set_screen_size(VALUE self, VALUE rows, VALUE columns)
{
rb_secure(4);
rl_set_screen_size(NUM2INT(rows), NUM2INT(columns));
return self;
}
@ -884,7 +870,6 @@ readline_s_get_screen_size(VALUE self)
int rows, columns;
VALUE res;
rb_secure(4);
rl_get_screen_size(&rows, &columns);
res = rb_ary_new();
rb_ary_push(res, INT2NUM(rows));
@ -910,7 +895,6 @@ readline_s_get_screen_size(VALUE self)
static VALUE
readline_s_vi_editing_mode(VALUE self)
{
rb_secure(4);
rl_vi_editing_mode(1,0);
return Qnil;
}
@ -932,7 +916,6 @@ readline_s_vi_editing_mode(VALUE self)
static VALUE
readline_s_vi_editing_mode_p(VALUE self)
{
rb_secure(4);
return rl_editing_mode == 0 ? Qtrue : Qfalse;
}
#else
@ -954,7 +937,6 @@ readline_s_vi_editing_mode_p(VALUE self)
static VALUE
readline_s_emacs_editing_mode(VALUE self)
{
rb_secure(4);
rl_emacs_editing_mode(1,0);
return Qnil;
}
@ -976,7 +958,6 @@ readline_s_emacs_editing_mode(VALUE self)
static VALUE
readline_s_emacs_editing_mode_p(VALUE self)
{
rb_secure(4);
return rl_editing_mode == 1 ? Qtrue : Qfalse;
}
#else
@ -1025,7 +1006,6 @@ readline_s_emacs_editing_mode_p(VALUE self)
static VALUE
readline_s_set_completion_append_character(VALUE self, VALUE str)
{
rb_secure(4);
if (NIL_P(str)) {
rl_completion_append_character = '\0';
}
@ -1060,7 +1040,6 @@ readline_s_get_completion_append_character(VALUE self)
{
char buf[1];
rb_secure(4);
if (rl_completion_append_character == '\0')
return Qnil;
@ -1089,7 +1068,6 @@ readline_s_set_basic_word_break_characters(VALUE self, VALUE str)
{
static char *basic_word_break_characters = NULL;
rb_secure(4);
OutputStringValue(str);
if (basic_word_break_characters == NULL) {
basic_word_break_characters =
@ -1123,7 +1101,6 @@ readline_s_set_basic_word_break_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_basic_word_break_characters(VALUE self, VALUE str)
{
rb_secure(4);
if (rl_basic_word_break_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_basic_word_break_characters);
@ -1150,7 +1127,6 @@ readline_s_set_completer_word_break_characters(VALUE self, VALUE str)
{
static char *completer_word_break_characters = NULL;
rb_secure(4);
OutputStringValue(str);
if (completer_word_break_characters == NULL) {
completer_word_break_characters =
@ -1184,7 +1160,6 @@ readline_s_set_completer_word_break_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_completer_word_break_characters(VALUE self, VALUE str)
{
rb_secure(4);
if (rl_completer_word_break_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_completer_word_break_characters);
@ -1213,7 +1188,6 @@ readline_s_get_completer_word_break_characters(VALUE self, VALUE str)
static VALUE
readline_s_set_special_prefixes(VALUE self, VALUE str)
{
rb_secure(4);
if (!NIL_P(str)) {
OutputStringValue(str);
str = rb_str_dup_frozen(str);
@ -1247,7 +1221,6 @@ static VALUE
readline_s_get_special_prefixes(VALUE self)
{
VALUE str;
rb_secure(4);
if (rl_special_prefixes == NULL) return Qnil;
str = rb_ivar_get(mReadline, id_special_prefixes);
if (!NIL_P(str)) {
@ -1277,7 +1250,6 @@ readline_s_set_basic_quote_characters(VALUE self, VALUE str)
{
static char *basic_quote_characters = NULL;
rb_secure(4);
OutputStringValue(str);
if (basic_quote_characters == NULL) {
basic_quote_characters =
@ -1311,7 +1283,6 @@ readline_s_set_basic_quote_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_basic_quote_characters(VALUE self, VALUE str)
{
rb_secure(4);
if (rl_basic_quote_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_basic_quote_characters);
@ -1339,7 +1310,6 @@ readline_s_set_completer_quote_characters(VALUE self, VALUE str)
{
static char *completer_quote_characters = NULL;
rb_secure(4);
OutputStringValue(str);
if (completer_quote_characters == NULL) {
completer_quote_characters =
@ -1373,7 +1343,6 @@ readline_s_set_completer_quote_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_completer_quote_characters(VALUE self, VALUE str)
{
rb_secure(4);
if (rl_completer_quote_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_completer_quote_characters);
@ -1399,7 +1368,6 @@ readline_s_set_filename_quote_characters(VALUE self, VALUE str)
{
static char *filename_quote_characters = NULL;
rb_secure(4);
OutputStringValue(str);
if (filename_quote_characters == NULL) {
filename_quote_characters =
@ -1433,7 +1401,6 @@ readline_s_set_filename_quote_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_filename_quote_characters(VALUE self, VALUE str)
{
rb_secure(4);
if (rl_filename_quote_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_filename_quote_characters);
@ -1454,7 +1421,6 @@ readline_s_get_filename_quote_characters(VALUE self, VALUE str)
static VALUE
readline_s_refresh_line(VALUE self)
{
rb_secure(4);
rl_refresh_line(0, 0);
return Qnil;
}
@ -1486,7 +1452,6 @@ hist_get(VALUE self, VALUE index)
HIST_ENTRY *entry = NULL;
int i;
rb_secure(4);
i = NUM2INT(index);
if (i < 0) {
i += history_length;
@ -1507,7 +1472,6 @@ hist_set(VALUE self, VALUE index, VALUE str)
HIST_ENTRY *entry = NULL;
int i;
rb_secure(4);
i = NUM2INT(index);
OutputStringValue(str);
if (i < 0) {
@ -1528,7 +1492,6 @@ hist_set(VALUE self, VALUE index, VALUE str)
static VALUE
hist_push(VALUE self, VALUE str)
{
rb_secure(4);
OutputStringValue(str);
add_history(RSTRING_PTR(str));
return self;
@ -1539,7 +1502,6 @@ hist_push_method(int argc, VALUE *argv, VALUE self)
{
VALUE str;
rb_secure(4);
while (argc--) {
str = *argv++;
OutputStringValue(str);
@ -1555,7 +1517,6 @@ rb_remove_history(int index)
HIST_ENTRY *entry;
VALUE val;
rb_secure(4);
entry = remove_history(index);
if (entry) {
val = rb_locale_str_new_cstr(entry->line);
@ -1574,7 +1535,6 @@ rb_remove_history(int index)
static VALUE
hist_pop(VALUE self)
{
rb_secure(4);
if (history_length > 0) {
return rb_remove_history(history_length - 1);
} else {
@ -1585,7 +1545,6 @@ hist_pop(VALUE self)
static VALUE
hist_shift(VALUE self)
{
rb_secure(4);
if (history_length > 0) {
return rb_remove_history(0);
} else {
@ -1601,7 +1560,6 @@ hist_each(VALUE self)
RETURN_ENUMERATOR(self, 0, 0);
rb_secure(4);
for (i = 0; i < history_length; i++) {
entry = history_get(history_get_offset_func(i));
if (entry == NULL)
@ -1614,14 +1572,12 @@ hist_each(VALUE self)
static VALUE
hist_length(VALUE self)
{
rb_secure(4);
return INT2NUM(history_length);
}
static VALUE
hist_empty_p(VALUE self)
{
rb_secure(4);
return history_length == 0 ? Qtrue : Qfalse;
}
@ -1630,7 +1586,6 @@ hist_delete_at(VALUE self, VALUE index)
{
int i;
rb_secure(4);
i = NUM2INT(index);
if (i < 0)
i += history_length;
@ -1644,7 +1599,6 @@ hist_delete_at(VALUE self, VALUE index)
static VALUE
hist_clear(VALUE self)
{
rb_secure(4);
clear_history();
return self;
}

1
ext/sdbm/init.c
View file

@ -396,7 +396,6 @@ fsdbm_values_at(int argc, VALUE *argv, VALUE obj)
static void
fdbm_modify(VALUE obj)
{
rb_secure(4);
if (OBJ_FROZEN(obj)) rb_error_frozen("SDBM");
}

2
ext/socket/ancdata.c
View file

@ -1140,7 +1140,6 @@ bsock_sendmsg_internal(int argc, VALUE *argv, VALUE sock, int nonblock)
int flags;
ssize_t ss;
rb_secure(4);
GetOpenFile(sock, fptr);
#if defined(HAVE_STRUCT_MSGHDR_MSG_CONTROL)
family = rsock_getfamily(fptr->fd);
@ -1504,7 +1503,6 @@ bsock_recvmsg_internal(int argc, VALUE *argv, VALUE sock, int nonblock)
int gc_done = 0;
#endif
rb_secure(4);
rb_scan_args(argc, argv, "03:", &vmaxdatlen, &vflags, &vmaxctllen, &vopts);

3
ext/socket/basicsocket.c
View file

@ -547,7 +547,6 @@ rsock_bsock_send(int argc, VALUE *argv, VALUE sock)
int n;
rb_blocking_function_t *func;
rb_secure(4);
rb_scan_args(argc, argv, "21", &arg.mesg, &flags, &to);
StringValue(arg.mesg);
@ -613,7 +612,6 @@ bsock_do_not_reverse_lookup_set(VALUE sock, VALUE state)
{
rb_io_t *fptr;
rb_secure(4);
GetOpenFile(sock, fptr);
if (RTEST(state)) {
fptr->mode |= FMODE_NOREVLOOKUP;
@ -733,7 +731,6 @@ bsock_do_not_rev_lookup(void)
static VALUE
bsock_do_not_rev_lookup_set(VALUE self, VALUE val)
{
rb_secure(4);
rsock_do_not_reverse_lookup = RTEST(val);
return val;
}

1
ext/socket/socket.c
View file

@ -629,7 +629,6 @@ rsock_sock_listen(VALUE sock, VALUE log)
rb_io_t *fptr;
int backlog;
rb_secure(4);
backlog = NUM2INT(log);
GetOpenFile(sock, fptr);
if (listen(fptr->fd, backlog) < 0)

1
ext/socket/udpsocket.c
View file

@ -166,7 +166,6 @@ udp_send(int argc, VALUE *argv, VALUE sock)
if (argc == 2 || argc == 3) {
return rsock_bsock_send(argc, argv, sock);
}
rb_secure(4);
rb_scan_args(argc, argv, "4", &arg.mesg, &flags, &host, &port);
StringValue(arg.mesg);

1
ext/stringio/stringio.c
View file

@ -136,7 +136,6 @@ writable(VALUE strio)
rb_raise(rb_eIOError, "not opened for writing");
}
if (!OBJ_TAINTED(ptr->string)) {
rb_secure(4);
}
return ptr;
}

3
ext/syslog/syslog.c
View file

@ -37,7 +37,6 @@ static void syslog_write(int pri, int argc, VALUE *argv)
{
VALUE str;
rb_secure(4);
if (argc < 1) {
rb_raise(rb_eArgError, "no log message supplied");
}
@ -56,7 +55,6 @@ static void syslog_write(int pri, int argc, VALUE *argv)
*/
static VALUE mSyslog_close(VALUE self)
{
rb_secure(4);
if (!syslog_opened) {
rb_raise(rb_eRuntimeError, "syslog not opened");
}
@ -263,7 +261,6 @@ static VALUE mSyslog_get_mask(VALUE self)
*/
static VALUE mSyslog_set_mask(VALUE self, VALUE mask)
{
rb_secure(4);
if (!syslog_opened) {
rb_raise(rb_eRuntimeError, "must open syslog before setting log mask");
}

16
ext/tk/tcltklib.c
View file

@ -1668,7 +1668,6 @@ set_eventloop_window_mode(self, mode)
VALUE self;
VALUE mode;
{
rb_secure(4);
if (RTEST(mode)) {
window_event_mode = ~0;
@ -1698,7 +1697,6 @@ set_eventloop_tick(self, tick)
int ttick = NUM2INT(tick);
int thr_crit_bup;
rb_secure(4);
if (ttick < 0) {
rb_raise(rb_eArgError,
@ -1765,7 +1763,6 @@ set_no_event_wait(self, wait)
{
int t_wait = NUM2INT(wait);
rb_secure(4);
if (t_wait <= 0) {
rb_raise(rb_eArgError,
@ -1819,7 +1816,6 @@ set_eventloop_weight(self, loop_max, no_event)
int lpmax = NUM2INT(loop_max);
int no_ev = NUM2INT(no_event);
rb_secure(4);
if (lpmax <= 0 || no_ev <= 0) {
rb_raise(rb_eArgError, "weight parameters must be positive numbers");
@ -1938,7 +1934,6 @@ static VALUE
lib_evloop_abort_on_exc_set(self, val)
VALUE self, val;
{
rb_secure(4);
if (RTEST(val)) {
event_loop_abort_on_exc = 1;
} else if (NIL_P(val)) {
@ -1955,7 +1950,6 @@ ip_evloop_abort_on_exc_set(self, val)
{
struct tcltkip *ptr = get_ip(self);
rb_secure(4);
/* ip is deleted? */
if (deleted_ip(ptr)) {
@ -6403,7 +6397,6 @@ ip_create_slave_core(interp, argc, argv)
safe = 1;
} else if (safemode == Qfalse || NIL_P(safemode)) {
safe = 0;
/* rb_secure(4); */ /* already checked */
} else {
safe = 1;
}
@ -6510,7 +6503,6 @@ ip_create_slave(argc, argv, self)
}
if (Tcl_IsSafe(master->ip) != 1
&& (safemode == Qfalse || NIL_P(safemode))) {
rb_secure(4);
}
StringValue(name);
@ -6717,7 +6709,6 @@ ip_allow_ruby_exit_set(self, val)
struct tcltkip *ptr = get_ip(self);
Tk_Window mainWin;
rb_secure(4);
/* ip is deleted? */
if (deleted_ip(ptr)) {
@ -7821,7 +7812,6 @@ lib_restart_core(interp, argc, argv)
struct tcltkip *ptr = get_ip(interp);
int thr_crit_bup;
/* rb_secure(4); */ /* already checked */
/* tcl_stubs_check(); */ /* already checked */
@ -7879,7 +7869,6 @@ lib_restart(self)
{
struct tcltkip *ptr = get_ip(self);
rb_secure(4);
tcl_stubs_check();
@ -7898,7 +7887,6 @@ ip_restart(self)
{
struct tcltkip *ptr = get_ip(self);
rb_secure(4);
tcl_stubs_check();
@ -9257,7 +9245,6 @@ ip_invoke_immediate(argc, argv, obj)
VALUE obj;
{
/* POTENTIALY INSECURE : can create infinite loop */
rb_secure(4);
return ip_invoke_with_position(argc, argv, obj, TCL_QUEUE_HEAD);
}
@ -10061,7 +10048,6 @@ create_dummy_encoding_for_tk_core(interp, name, error_mode)
{
get_ip(interp);
rb_secure(4);
StringValue(name);
@ -10519,7 +10505,6 @@ create_encoding_table_core(arg, interp)
Tcl_Obj **objv;
Tcl_Obj *enc_list;
rb_secure(4);
/* set 'binary' encoding */
rb_hash_aset(table, ENCODING_NAME_BINARY, ENCODING_NAME_BINARY);
@ -10555,7 +10540,6 @@ create_encoding_table_core(arg, interp)
VALUE interp;
{
volatile VALUE table = rb_hash_new();
rb_secure(4);
rb_ivar_set(interp, ID_encoding_table, table);
return table;
}

8
ext/win32ole/win32ole.c
View file

@ -2725,7 +2725,6 @@ fole_s_connect(int argc, VALUE *argv, VALUE self)
void *p;
IUnknown *pUnknown;
rb_secure(4);
/* initialize to use OLE */
ole_initialize();
@ -2809,7 +2808,6 @@ fole_s_const_load(int argc, VALUE *argv, VALUE self)
VALUE file;
LCID lcid = cWIN32OLE_lcid;
rb_secure(4);
rb_scan_args(argc, argv, "11", &ole, &klass);
if (TYPE(klass) != T_CLASS &&
TYPE(klass) != T_MODULE &&
@ -2872,7 +2870,6 @@ ole_types_from_typelib(ITypeLib *pTypeLib, VALUE classes)
ITypeInfo *pTypeInfo;
VALUE type;
rb_secure(4);
count = pTypeLib->lpVtbl->GetTypeInfoCount(pTypeLib);
for (i = 0; i < count; i++) {
hr = pTypeLib->lpVtbl->GetDocumentation(pTypeLib, i,
@ -3236,7 +3233,6 @@ fole_initialize(int argc, VALUE *argv, VALUE self)
OLECHAR *pBuf;
IDispatch *pDispatch;
void *p;
rb_secure(4);
rb_call_super(0, 0);
rb_scan_args(argc, argv, "11*", &svr_name, &host, &others);
@ -3964,7 +3960,6 @@ static VALUE
fole_free(VALUE self)
{
struct oledata *pole;
rb_secure(4);
OLEData_Get_Struct(self, pole);
OLE_FREE(pole->pDispatch);
pole->pDispatch = NULL;
@ -4527,7 +4522,6 @@ fole_respond_to(VALUE self, VALUE method)
BSTR wcmdname;
DISPID DispID;
HRESULT hr;
rb_secure(4);
if(TYPE(method) != T_STRING && TYPE(method) != T_SYMBOL) {
rb_raise(rb_eTypeError, "wrong argument type (expected String or Symbol)");
}
@ -8299,7 +8293,6 @@ ev_advise(int argc, VALUE *argv, VALUE self)
struct oleeventdata *poleev;
void *p;
rb_secure(4);
rb_scan_args(argc, argv, "11", &ole, &itf);
if (!rb_obj_is_kind_of(ole, cWIN32OLE)) {
@ -8507,7 +8500,6 @@ fev_off_event(int argc, VALUE *argv, VALUE self)
VALUE event = Qnil;
VALUE events;
rb_secure(4);
rb_scan_args(argc, argv, "01", &event);
if(!NIL_P(event)) {
if(TYPE(event) != T_STRING && TYPE(event) != T_SYMBOL) {

4
file.c
View file

@ -249,7 +249,6 @@ apply2files(void (*func)(const char *, VALUE, void *), VALUE vargs, void *arg)
long i;
volatile VALUE path;
rb_secure(4);
for (i=0; i<RARRAY_LEN(vargs); i++) {
const char *s;
path = rb_get_path(RARRAY_AREF(vargs, i));
@ -915,7 +914,6 @@ rb_file_s_stat(VALUE klass, VALUE fname)
{
struct stat st;
rb_secure(4);
FilePathValue(fname);
if (rb_stat(fname, &st) < 0) {
rb_sys_fail_path(fname);
@ -5376,7 +5374,7 @@ rb_find_file_ext_safe(VALUE *filep, const char *const *ext, int safe_level)
*filep = copy_path_class(tmp, *filep);
return (int)(j+1);
}
FL_UNSET(tmp, FL_TAINT | FL_UNTRUSTED);
FL_UNSET(tmp, FL_TAINT);
}
rb_str_set_len(fname, fnlen);
}

4
gc.c
View file

@ -899,7 +899,7 @@ newobj_of(VALUE klass, VALUE flags, VALUE v1, VALUE v2, VALUE v3)
/* OBJSETUP */
RBASIC(obj)->flags = flags;
RBASIC_SET_CLASS(obj, klass);
if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT | FL_UNTRUSTED);
if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT);
RANY(obj)->as.values.v1 = v1;
RANY(obj)->as.values.v2 = v2;
RANY(obj)->as.values.v3 = v3;
@ -1485,7 +1485,6 @@ os_each_obj(int argc, VALUE *argv, VALUE os)
{
VALUE of;
rb_secure(4);
if (argc == 0) {
of = 0;
}
@ -1879,7 +1878,6 @@ id2ref(VALUE obj, VALUE objid)
VALUE ptr;
void *p0;
rb_secure(4);
ptr = NUM2PTR(objid);
p0 = (void *)ptr;

38
hash.c
View file

@ -267,7 +267,7 @@ rb_hash_dup(VALUE hash)
{
NEWOBJ_OF(ret, struct RHash,
rb_obj_class(hash),
(RBASIC(hash)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT|FL_UNTRUSTED));
(RBASIC(hash)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT));
if (FL_TEST((hash), FL_EXIVAR))
rb_copy_generic_ivar((VALUE)(ret),(VALUE)(hash));
@ -284,8 +284,6 @@ static void
rb_hash_modify_check(VALUE hash)
{
rb_check_frozen(hash);
if (!OBJ_UNTRUSTED(hash) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: can't modify hash");
}
static struct st_table *
@ -2263,7 +2261,6 @@ env_delete(VALUE obj, VALUE name)
{
char *nam, *val;
rb_secure(4);
SafeStringValue(name);
nam = RSTRING_PTR(name);
if (memchr(nam, '\0', RSTRING_LEN(name))) {
@ -2315,7 +2312,6 @@ rb_f_getenv(VALUE obj, VALUE name)
{
char *nam, *env;
rb_secure(4);
SafeStringValue(name);
nam = RSTRING_PTR(name);
if (memchr(nam, '\0', RSTRING_LEN(name))) {
@ -2359,7 +2355,6 @@ env_fetch(int argc, VALUE *argv)
long block_given;
char *nam, *env;
rb_secure(4);
rb_scan_args(argc, argv, "11", &key, &if_none);
block_given = rb_block_given_p();
if (block_given && argc == 2) {
@ -2629,7 +2624,6 @@ env_keys(void)
char **env;
VALUE ary;
rb_secure(4);
ary = rb_ary_new();
env = GET_ENVIRON(environ);
while (*env) {
@ -2649,8 +2643,6 @@ rb_env_size(VALUE ehash)
char **env;
long cnt = 0;
rb_secure(4);
env = GET_ENVIRON(environ);
for (; *env ; ++env) {
if (strchr(*env, '=')) {
@ -2677,7 +2669,7 @@ env_each_key(VALUE ehash)
long i;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
keys = env_keys(); /* rb_secure(4); */
keys = env_keys();
for (i=0; i<RARRAY_LEN(keys); i++) {
rb_yield(RARRAY_AREF(keys, i));
}
@ -2696,7 +2688,6 @@ env_values(void)
VALUE ary;
char **env;
rb_secure(4);
ary = rb_ary_new();
env = GET_ENVIRON(environ);
while (*env) {
@ -2726,7 +2717,7 @@ env_each_value(VALUE ehash)
long i;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
values = env_values(); /* rb_secure(4); */
values = env_values();
for (i=0; i<RARRAY_LEN(values); i++) {
rb_yield(RARRAY_AREF(values, i));
}
@ -2753,7 +2744,6 @@ env_each_pair(VALUE ehash)
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
rb_secure(4);
ary = rb_ary_new();
env = GET_ENVIRON(environ);
while (*env) {
@ -2789,7 +2779,7 @@ env_reject_bang(VALUE ehash)
int del = 0;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
keys = env_keys(); /* rb_secure(4); */
keys = env_keys();
RBASIC_CLEAR_CLASS(keys);
for (i=0; i<RARRAY_LEN(keys); i++) {
VALUE val = rb_f_getenv(Qnil, RARRAY_AREF(keys, i));
@ -2835,7 +2825,6 @@ env_values_at(int argc, VALUE *argv)
VALUE result;
long i;
rb_secure(4);
result = rb_ary_new();
for (i=0; i<argc; i++) {
rb_ary_push(result, rb_f_getenv(Qnil, argv[i]));
@ -2859,7 +2848,6 @@ env_select(VALUE ehash)
char **env;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
rb_secure(4);
result = rb_hash_new();
env = GET_ENVIRON(environ);
while (*env) {
@ -2893,7 +2881,7 @@ env_select_bang(VALUE ehash)
int del = 0;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
keys = env_keys(); /* rb_secure(4); */
keys = env_keys();
RBASIC_CLEAR_CLASS(keys);
for (i=0; i<RARRAY_LEN(keys); i++) {
VALUE val = rb_f_getenv(Qnil, RARRAY_AREF(keys, i));
@ -2938,7 +2926,7 @@ rb_env_clear(void)
volatile VALUE keys;
long i;
keys = env_keys(); /* rb_secure(4); */
keys = env_keys();
for (i=0; i<RARRAY_LEN(keys); i++) {
VALUE val = rb_f_getenv(Qnil, RARRAY_AREF(keys, i));
if (!NIL_P(val)) {
@ -2972,7 +2960,6 @@ env_inspect(void)
char **env;
VALUE str, i;
rb_secure(4);
str = rb_str_buf_new2("{");
env = GET_ENVIRON(environ);
while (*env) {
@ -3012,7 +2999,6 @@ env_to_a(void)
char **env;
VALUE ary;
rb_secure(4);
ary = rb_ary_new();
env = GET_ENVIRON(environ);
while (*env) {
@ -3053,7 +3039,6 @@ env_size(void)
int i;
char **env;
rb_secure(4);
env = GET_ENVIRON(environ);
for (i=0; env[i]; i++)
;
@ -3072,7 +3057,6 @@ env_empty_p(void)
{
char **env;
rb_secure(4);
env = GET_ENVIRON(environ);
if (env[0] == 0) {
FREE_ENVIRON(environ);
@ -3096,7 +3080,6 @@ env_has_key(VALUE env, VALUE key)
{
char *s;
rb_secure(4);
s = StringValuePtr(key);
if (memchr(s, '\0', RSTRING_LEN(key)))
rb_raise(rb_eArgError, "bad environment variable name");
@ -3116,7 +3099,6 @@ env_assoc(VALUE env, VALUE key)
{
char *s, *e;
rb_secure(4);
s = StringValuePtr(key);
if (memchr(s, '\0', RSTRING_LEN(key)))
rb_raise(rb_eArgError, "bad environment variable name");
@ -3137,7 +3119,6 @@ env_has_value(VALUE dmy, VALUE obj)
{
char **env;
rb_secure(4);
obj = rb_check_string_type(obj);
if (NIL_P(obj)) return Qnil;
env = GET_ENVIRON(environ);
@ -3168,7 +3149,6 @@ env_rassoc(VALUE dmy, VALUE obj)
{
char **env;
rb_secure(4);
obj = rb_check_string_type(obj);
if (NIL_P(obj)) return Qnil;
env = GET_ENVIRON(environ);
@ -3201,7 +3181,6 @@ env_key(VALUE dmy, VALUE value)
char **env;
VALUE str;
rb_secure(4);
StringValue(value);
env = GET_ENVIRON(environ);
while (*env) {
@ -3247,7 +3226,6 @@ env_to_hash(void)
char **env;
VALUE hash;
rb_secure(4);
hash = rb_hash_new();
env = GET_ENVIRON(environ);
while (*env) {
@ -3288,7 +3266,6 @@ env_shift(void)
{
char **env;
rb_secure(4);
env = GET_ENVIRON(environ);
if (*env) {
char *s = strchr(*env, '=');
@ -3339,7 +3316,7 @@ env_replace(VALUE env, VALUE hash)
volatile VALUE keys;
long i;
keys = env_keys(); /* rb_secure(4); */
keys = env_keys();
if (env == hash) return env;
hash = to_hash(hash);
rb_hash_foreach(hash, env_replace_i, keys);
@ -3373,7 +3350,6 @@ env_update_i(VALUE key, VALUE val)
static VALUE
env_update(VALUE env, VALUE hash)
{
rb_secure(4);
if (env == hash) return env;
hash = to_hash(hash);
rb_hash_foreach(hash, env_update_i, 0);

7
include/ruby/intern.h
View file

@ -229,12 +229,7 @@ void rb_check_trusted(VALUE);
rb_error_frozen(rb_obj_classname(frozen_obj)); \
} \
} while (0)
#define rb_check_trusted_internal(obj) do { \
VALUE untrusted_obj = (obj); \
if (!OBJ_UNTRUSTED(untrusted_obj)) { \
rb_error_untrusted(untrusted_obj); \
} \
} while (0)
#define rb_check_trusted_internal(obj) ((void) 0)
#ifdef __GNUC__
#define rb_check_frozen(obj) __extension__({rb_check_frozen_internal(obj);})
#define rb_check_trusted(obj) __extension__({rb_check_trusted_internal(obj);})

11
include/ruby/ruby.h
View file

@ -678,7 +678,7 @@ VALUE rb_obj_setup(VALUE obj, VALUE klass, VALUE type);
if (FL_TEST((obj), FL_EXIVAR)) rb_copy_generic_ivar((VALUE)(clone),(VALUE)(obj));\
} while (0)
#define DUPSETUP(dup,obj) do {\
OBJSETUP((dup),rb_obj_class(obj), (RBASIC(obj)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT|FL_UNTRUSTED)); \
OBJSETUP((dup),rb_obj_class(obj), (RBASIC(obj)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT)); \
if (FL_TEST((obj), FL_EXIVAR)) rb_copy_generic_ivar((VALUE)(dup),(VALUE)(obj));\
} while (0)
@ -1163,7 +1163,7 @@ struct RBignum {
#define FL_OLDGEN (((VALUE)1)<<6)
#define FL_FINALIZE (((VALUE)1)<<7)
#define FL_TAINT (((VALUE)1)<<8)
#define FL_UNTRUSTED (((VALUE)1)<<9)
#define FL_UNTRUSTED FL_TAINT
#define FL_EXIVAR (((VALUE)1)<<10)
#define FL_FREEZE (((VALUE)1)<<11)
@ -1203,12 +1203,11 @@ struct RBignum {
#define OBJ_TAINTED(x) (!!FL_TEST((x), FL_TAINT))
#define OBJ_TAINT(x) FL_SET((x), FL_TAINT)
#define OBJ_UNTRUSTED(x) (!!FL_TEST((x), FL_UNTRUSTED))
#define OBJ_UNTRUST(x) FL_SET((x), FL_UNTRUSTED)
#define OBJ_UNTRUSTED(x) OBJ_TAINTED(x)
#define OBJ_UNTRUST(x) OBJ_TAINT(x)
#define OBJ_INFECT(x,s) do { \
if (FL_ABLE(x) && FL_ABLE(s)) \
RBASIC(x)->flags |= RBASIC(s)->flags & \
(FL_TAINT | FL_UNTRUSTED); \
RBASIC(x)->flags |= RBASIC(s)->flags & FL_TAINT; \
} while (0)
#define OBJ_FROZEN(x) (!!(FL_ABLE(x)?(RBASIC(x)->flags&(FL_FREEZE)):(FIXNUM_P(x)||FLONUM_P(x))))

22
io.c
View file

@ -597,8 +597,6 @@ rb_eof_error(void)
VALUE
rb_io_taint_check(VALUE io)
{
if (!OBJ_UNTRUSTED(io) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: operation on trusted IO");
rb_check_frozen(io);
return io;
}
@ -1376,7 +1374,6 @@ io_write(VALUE io, VALUE str, int nosync)
long n;
VALUE tmp;
rb_secure(4);
io = GetWriteIO(io);
str = rb_obj_as_string(str);
tmp = rb_io_check_io(io);
@ -2610,7 +2607,6 @@ rb_io_write_nonblock(VALUE io, VALUE str)
rb_io_t *fptr;
long n;
rb_secure(4);
if (!RB_TYPE_P(str, T_STRING))
str = rb_obj_as_string(str);
@ -4256,9 +4252,6 @@ rb_io_close(VALUE io)
static VALUE
rb_io_close_m(VALUE io)
{
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(io)) {
rb_raise(rb_eSecurityError, "Insecure: can't close");
}
rb_io_check_closed(RFILE(io)->fptr);
rb_io_close(io);
return Qnil;
@ -4339,9 +4332,6 @@ rb_io_close_read(VALUE io)
rb_io_t *fptr;
VALUE write_io;
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(io)) {
rb_raise(rb_eSecurityError, "Insecure: can't close");
}
GetOpenFile(io, fptr);
if (is_socket(fptr->fd, fptr->pathv)) {
#ifndef SHUT_RD
@ -4397,9 +4387,6 @@ rb_io_close_write(VALUE io)
rb_io_t *fptr;
VALUE write_io;
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(io)) {
rb_raise(rb_eSecurityError, "Insecure: can't close");
}
write_io = GetWriteIO(io);
GetOpenFile(write_io, fptr);
if (is_socket(fptr->fd, fptr->pathv)) {
@ -4486,7 +4473,6 @@ rb_io_syswrite(VALUE io, VALUE str)
rb_io_t *fptr;
long n;
rb_secure(4);
if (!RB_TYPE_P(str, T_STRING))
str = rb_obj_as_string(str);
@ -6411,10 +6397,6 @@ io_reopen(VALUE io, VALUE nfile)
off_t pos = 0;
nfile = rb_io_get_io(nfile);
if (rb_safe_level() >= 4 &&
(!OBJ_UNTRUSTED(io) || !OBJ_UNTRUSTED(nfile))) {
rb_raise(rb_eSecurityError, "Insecure: can't reopen");
}
GetOpenFile(io, fptr);
GetOpenFile(nfile, orig);
@ -6516,7 +6498,6 @@ rb_io_reopen(int argc, VALUE *argv, VALUE file)
int oflags;
rb_io_t *fptr;
rb_secure(4);
if (rb_scan_args(argc, argv, "11:", &fname, &nmode, &opt) == 1) {
VALUE tmp = rb_io_check_io(fname);
if (!NIL_P(tmp)) {
@ -7308,7 +7289,6 @@ rb_io_initialize(int argc, VALUE *argv, VALUE io)
struct stat st;
#endif
rb_secure(4);
argc = rb_scan_args(argc, argv, "11:", &fnum, &vmode, &opt);
rb_io_extract_modeenc(&vmode, 0, opt, &oflags, &fmode, &convconfig);
@ -7436,7 +7416,6 @@ static VALUE
rb_io_autoclose_p(VALUE io)
{
rb_io_t *fptr;
rb_secure(4);
GetOpenFile(io, fptr);
return (fptr->mode & FMODE_PREP) ? Qfalse : Qtrue;
}
@ -7462,7 +7441,6 @@ static VALUE
rb_io_set_autoclose(VALUE io, VALUE autoclose)
{
rb_io_t *fptr;
rb_secure(4);
GetOpenFile(io, fptr);
if (!RTEST(autoclose))
fptr->mode |= FMODE_PREP;

1
iseq.c
View file

@ -243,7 +243,6 @@ rb_iseq_add_mark_object(rb_iseq_t *iseq, VALUE obj)
{
if (!RTEST(iseq->mark_ary)) {
iseq->mark_ary = rb_ary_tmp_new(3);
OBJ_UNTRUST(iseq->mark_ary);
RBASIC_CLEAR_CLASS(iseq->mark_ary);
}
rb_ary_push(iseq->mark_ary, obj);

1
load.c
View file

@ -574,7 +574,6 @@ rb_load_internal(VALUE fname, int wrap)
th->errinfo = Qnil; /* ensure */
if (!wrap) {
rb_secure(4); /* should alter global state */
th->top_wrapper = 0;
}
else {

4
marshal.c
View file

@ -130,7 +130,7 @@ rb_marshal_define_compat(VALUE newclass, VALUE oldclass, VALUE (*dumper)(VALUE),
st_insert(compat_allocator_tbl, (st_data_t)allocator, (st_data_t)compat);
}
#define MARSHAL_INFECTION (FL_TAINT|FL_UNTRUSTED)
#define MARSHAL_INFECTION FL_TAINT
typedef char ruby_check_marshal_viral_flags[MARSHAL_INFECTION == (int)MARSHAL_INFECTION ? 1 : -1];
struct dump_arg {
@ -1939,7 +1939,7 @@ marshal_load(int argc, VALUE *argv)
}
else if (rb_respond_to(port, s_getbyte) && rb_respond_to(port, s_read)) {
rb_check_funcall(port, s_binmode, 0, 0);
infection = (int)(FL_TAINT | FL_TEST(port, FL_UNTRUSTED));
infection = (int)FL_TAINT;
}
else {
io_needed();

53
object.c
View file

@ -72,7 +72,7 @@ rb_obj_setup(VALUE obj, VALUE klass, VALUE type)
{
RBASIC(obj)->flags = type;
RBASIC_SET_CLASS(obj, klass);
if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT | FL_UNTRUSTED);
if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT);
return obj;
}
@ -259,7 +259,7 @@ init_copy(VALUE dest, VALUE obj)
rb_raise(rb_eTypeError, "[bug] frozen object (%s) allocated", rb_obj_classname(dest));
}
RBASIC(dest)->flags &= ~(T_MASK|FL_EXIVAR);
RBASIC(dest)->flags |= RBASIC(obj)->flags & (T_MASK|FL_EXIVAR|FL_TAINT|FL_UNTRUSTED);
RBASIC(dest)->flags |= RBASIC(obj)->flags & (T_MASK|FL_EXIVAR|FL_TAINT);
rb_copy_generic_ivar(dest, obj);
rb_gc_copy_finalizer(dest, obj);
switch (TYPE(obj)) {
@ -335,7 +335,7 @@ rb_obj_clone(VALUE obj)
rb_raise(rb_eTypeError, "can't clone %s", rb_obj_classname(obj));
}
clone = rb_obj_alloc(rb_obj_class(obj));
RBASIC(clone)->flags &= (FL_TAINT|FL_UNTRUSTED);
RBASIC(clone)->flags &= FL_TAINT;
RBASIC(clone)->flags |= RBASIC(obj)->flags & ~(FL_OLDGEN|FL_FREEZE|FL_FINALIZE);
singleton = rb_singleton_class_clone_and_attach(obj, clone);
@ -907,7 +907,6 @@ rb_obj_tainted(VALUE obj)
VALUE
rb_obj_taint(VALUE obj)
{
rb_secure(4);
if (!OBJ_TAINTED(obj)) {
rb_check_frozen(obj);
OBJ_TAINT(obj);
@ -940,47 +939,28 @@ rb_obj_untaint(VALUE obj)
* call-seq:
* obj.untrusted? -> true or false
*
* Returns true if the object is untrusted.
*
* See #untrust for more information.
* Deprecated method that is equivalent to #tainted?.
*/
VALUE
rb_obj_untrusted(VALUE obj)
{
if (OBJ_UNTRUSTED(obj))
return Qtrue;
return Qfalse;
rb_warning("untrusted? is deprecated and its behavior is same as tainted?");
return rb_obj_tainted(obj);
}
/*
* call-seq:
* obj.untrust -> obj
*
* Mark the object as untrusted.
*
* An untrusted object is not allowed to modify any trusted objects. To check
* whether an object is trusted, use #untrusted?
*
* Any object created by untrusted code is marked as both tainted and
* untrusted. See #taint for more information.
*
* You should only trust an untrusted object if your code has inspected it and
* determined that it is safe. To do so use #trust
*
* In $SAFE level 3 and 4, all objects are tainted and untrusted, any use of
* trust or taint methods will raise a SecurityError exception.
* Deprecated method that is equivalent to #taint.
*/
VALUE
rb_obj_untrust(VALUE obj)
{
rb_secure(4);
if (!OBJ_UNTRUSTED(obj)) {
rb_check_frozen(obj);
OBJ_UNTRUST(obj);
}
return obj;
rb_warning("untrust is deprecated and its behavior is same as taint");
return rb_obj_taint(obj);
}
@ -988,20 +968,14 @@ rb_obj_untrust(VALUE obj)
* call-seq:
* obj.trust -> obj
*
* Removes the untrusted mark from the object.
*
* See #untrust for more information.
* Deprecated method that is equivalent to #untaint.
*/
VALUE
rb_obj_trust(VALUE obj)
{
rb_secure(3);
if (OBJ_UNTRUSTED(obj)) {
rb_check_frozen(obj);
FL_UNSET(obj, FL_UNTRUSTED);
}
return obj;
rb_warning("trust is deprecated and its behavior is same as untaint");
return rb_obj_untaint(obj);
}
void
@ -1037,9 +1011,6 @@ VALUE
rb_obj_freeze(VALUE obj)
{
if (!OBJ_FROZEN(obj)) {
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(obj)) {
rb_raise(rb_eSecurityError, "Insecure: can't freeze object");
}
OBJ_FREEZE(obj);
if (SPECIAL_CONST_P(obj)) {
if (!immediate_frozen_tbl) {

1
proc.c
View file

@ -1532,7 +1532,6 @@ top_define_method(int argc, VALUE *argv, VALUE obj)
rb_thread_t *th = GET_THREAD();
VALUE klass;
rb_secure(4);
klass = th->top_wrapper;
if (klass) {
rb_warning("main.define_method in the wrapped load is effective only in wrapper module");

3
process.c
View file

@ -3535,7 +3535,6 @@ rb_f_exit_bang(int argc, VALUE *argv, VALUE obj)
VALUE status;
int istatus;
rb_secure(4);
if (argc > 0 && rb_scan_args(argc, argv, "01", &status) == 1) {
istatus = exit_status_code(status);
}
@ -3609,7 +3608,6 @@ rb_f_exit(int argc, VALUE *argv)
VALUE status;
int istatus;
rb_secure(4);
if (argc > 0 && rb_scan_args(argc, argv, "01", &status) == 1) {
istatus = exit_status_code(status);
}
@ -3636,7 +3634,6 @@ rb_f_exit(int argc, VALUE *argv)
VALUE
rb_f_abort(int argc, VALUE *argv)
{
rb_secure(4);
if (argc == 0) {
if (!NIL_P(GET_THREAD()->errinfo)) {
ruby_error_print();

1
random.c
View file

@ -687,7 +687,6 @@ rb_f_srand(int argc, VALUE *argv, VALUE obj)
VALUE seed, old;
rb_random_t *r = &default_rand;
rb_secure(4);
if (argc == 0) {
seed = random_seed();
}

2
re.c
View file

@ -2395,8 +2395,6 @@ rb_reg_initialize(VALUE obj, const char *s, long len, rb_encoding *enc,
rb_encoding *fixed_enc = 0;
rb_encoding *a_enc = rb_ascii8bit_encoding();
if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: can't modify regexp");
rb_check_frozen(obj);
if (FL_TEST(obj, REG_LITERAL))
rb_raise(rb_eSecurityError, "can't modify literal regexp");

12
safe.c
View file

@ -14,10 +14,9 @@
1 - no dangerous operation by tainted value
2 - process/file operations prohibited
3 - all generated objects are tainted
4 - no global (non-tainted) variable modification/no direct output
*/
#define SAFE_LEVEL_MAX 4
#define SAFE_LEVEL_MAX 3
#include "ruby/ruby.h"
#include "vm_core.h"
@ -43,7 +42,7 @@ rb_set_safe_level(int level)
if (level > th->safe_level) {
if (level > SAFE_LEVEL_MAX) {
level = SAFE_LEVEL_MAX;
rb_raise(rb_eArgError, "$SAFE=4 is obsolete");
}
th->safe_level = level;
}
@ -67,10 +66,10 @@ safe_setter(VALUE val)
th->safe_level, level);
}
if (level == 3) {
rb_warning("$SAFE=3 does no sandboxing; you might want to use $SAFE=4");
rb_warning("$SAFE=3 does no sandboxing");
}
if (level > SAFE_LEVEL_MAX) {
level = SAFE_LEVEL_MAX;
rb_raise(rb_eArgError, "$SAFE=4 is obsolete");
}
th->safe_level = level;
}
@ -94,8 +93,6 @@ rb_secure(int level)
void
rb_secure_update(VALUE obj)
{
if (!OBJ_TAINTED(obj))
rb_secure(4);
}
void
@ -117,7 +114,6 @@ rb_check_safe_obj(VALUE x)
if (rb_safe_level() > 0 && OBJ_TAINTED(x)) {
rb_insecure_operation();
}
rb_secure(4);
}
void

8
string.c
View file

@ -704,7 +704,7 @@ rb_str_new_frozen(VALUE orig)
assert(OBJ_FROZEN(str));
ofs = RSTRING_LEN(str) - RSTRING_LEN(orig);
if ((ofs > 0) || (klass != RBASIC(str)->klass) ||
((RBASIC(str)->flags ^ RBASIC(orig)->flags) & (FL_TAINT|FL_UNTRUSTED)) ||
((RBASIC(str)->flags ^ RBASIC(orig)->flags) & FL_TAINT) ||
ENCODING_GET(str) != ENCODING_GET(orig)) {
str = str_new3(klass, str);
RSTRING(str)->as.heap.ptr += ofs;
@ -1305,8 +1305,6 @@ str_modifiable(VALUE str)
rb_raise(rb_eRuntimeError, "can't modify string; temporarily locked");
}
rb_check_frozen(str);
if (!OBJ_UNTRUSTED(str) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: can't modify string");
}
static inline int
@ -3659,7 +3657,6 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str)
VALUE pat, repl, hash = Qnil;
int iter = 0;
int tainted = 0;
int untrusted = 0;
long plen;
int min_arity = rb_block_given_p() ? 1 : 2;
@ -3674,7 +3671,6 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str)
StringValue(repl);
}
if (OBJ_TAINTED(repl)) tainted = 1;
if (OBJ_UNTRUSTED(repl)) untrusted = 1;
}
pat = get_pat(argv[0], 1);
@ -3720,7 +3716,6 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str)
rb_str_modify(str);
rb_enc_associate(str, enc);
if (OBJ_TAINTED(repl)) tainted = 1;
if (OBJ_UNTRUSTED(repl)) untrusted = 1;
if (ENC_CODERANGE_UNKNOWN < cr && cr < ENC_CODERANGE_BROKEN) {
int cr2 = ENC_CODERANGE(repl);
if (cr2 == ENC_CODERANGE_BROKEN ||
@ -3745,7 +3740,6 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str)
RSTRING_PTR(str)[len] = '\0';
ENC_CODERANGE_SET(str, cr);
if (tainted) OBJ_TAINT(str);
if (untrusted) OBJ_UNTRUST(str);
return str;
}

27
test/dl/test_dl2.rb
View file

@ -11,15 +11,6 @@ class TestDL < TestBase
# TODO: refactor test repetition
def test_free_secure
assert_raises(SecurityError) do
Thread.new do
$SAFE = 4
DL.free(0)
end.join
end
end
def test_realloc
str = "abc"
ptr_id = DL.realloc(0, 4)
@ -33,15 +24,6 @@ class TestDL < TestBase
DL.free ptr_id
end
def test_realloc_secure
assert_raises(SecurityError) do
Thread.new do
$SAFE = 4
DL.realloc(0, 4)
end.join
end
end
def test_malloc
str = "abc"
@ -56,15 +38,6 @@ class TestDL < TestBase
DL.free ptr_id
end
def test_malloc_security
assert_raises(SecurityError) do
Thread.new do
$SAFE = 4
DL.malloc(4)
end.join
end
end
def test_call_int()
cfunc = CFunc.new(@libc['atoi'], TYPE_INT, 'atoi')
x = cfunc.call(["100"].pack("p").unpack("l!*"))

5
test/erb/test_erb.rb
View file

@ -185,11 +185,6 @@ EOS
assert_equal(ans, erb.result)
end
def test_safe_04
erb = @erb.new('<%=$SAFE%>', 4)
assert_equal('4', erb.result(TOPLEVEL_BINDING.taint))
end
class Foo; end
def test_def_class

55
test/readline/test_readline.rb
View file

@ -18,55 +18,6 @@ class TestReadline < Test::Unit::TestCase
Readline.instance_variable_set("@completion_proc", nil)
end
def test_safe_level_4
method_args =
[
["readline"],
["input=", $stdin],
["output=", $stdout],
["completion_proc=", proc {}],
["completion_proc"],
["completion_case_fold=", true],
["completion_case_fold"],
["vi_editing_mode"],
["vi_editing_mode?"],
["emacs_editing_mode"],
["emacs_editing_mode?"],
["completion_append_character=", "s"],
["completion_append_character"],
["basic_word_break_characters=", "s"],
["basic_word_break_characters"],
["completer_word_break_characters=", "s"],
["completer_word_break_characters"],
["basic_quote_characters=", "\\"],
["basic_quote_characters"],
["completer_quote_characters=", "\\"],
["completer_quote_characters"],
["filename_quote_characters=", "\\"],
["filename_quote_characters"],
["line_buffer"],
["point"],
["set_screen_size", 1, 1],
["get_screen_size"],
["pre_input_hook=", proc {}],
["pre_input_hook"],
["insert_text", ""],
["redisplay"],
["special_prefixes=", "$"],
["special_prefixes"],
]
method_args.each do |method_name, *args|
assert_raise(SecurityError, NotImplementedError,
"method=<#{method_name}>") do
Thread.start {
$SAFE = 4
Readline.send(method_name.to_sym, *args)
assert(true)
}.join
end
end
end
if !/EditLine/n.match(Readline::VERSION)
def test_readline
with_temp_stdio do |stdin, stdout|
@ -90,12 +41,6 @@ class TestReadline < Test::Unit::TestCase
end
}.join
end
assert_raise(SecurityError) do
Thread.start {
$SAFE = 4
replace_stdio(stdin.path, stdout.path) { Readline.readline("> ") }
}.join
end
end
end

35
test/readline/test_readline_history.rb
View file

@ -39,41 +39,6 @@ class Readline::TestHistory < Test::Unit::TestCase
HISTORY.clear
end
def test_safe_level_4
method_args =
[
["[]", [0]],
["[]=", [0, "s"]],
["\<\<", ["s"]],
["push", ["s"]],
["pop", []],
["shift", []],
["length", []],
["delete_at", [0]],
["clear", []],
]
method_args.each do |method_name, args|
assert_raise(SecurityError, NotImplementedError,
"method=<#{method_name}>") do
Thread.start {
$SAFE = 4
HISTORY.send(method_name.to_sym, *args)
assert(true)
}.join
end
end
assert_raise(SecurityError, NotImplementedError,
"method=<each>") do
Thread.start {
$SAFE = 4
HISTORY.each { |s|
assert(true)
}
}.join
end
end
def test_to_s
expected = "HISTORY"
assert_equal(expected, HISTORY.to_s)

10
test/ruby/test_alias.rb
View file

@ -52,16 +52,6 @@ class TestAlias < Test::Unit::TestCase
end
end
def test_JVN_83768862
d = lambda {
$SAFE = 4
dclass = Class.new(C)
dclass.send(:alias_method, :mm, :m)
dclass.new
}.call
assert_raise(SecurityError) { d.mm }
end
def test_nonexistmethod
assert_raise(NameError){
Class.new{

13
test/ruby/test_array.rb
View file

@ -1732,19 +1732,6 @@ class TestArray < Test::Unit::TestCase
assert_equal([3,4,5,0], [1,2,3,4,5,0].drop_while {|i| i < 3 })
end
def test_modify_check
a = []
a.freeze
assert_raise(RuntimeError) { a.shift }
a = [1, 2]
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
a.shift
end.value
end
end
LONGP = [127, 63, 31, 15, 7].map {|x| 2**x-1 }.find do |x|
begin
[].first(x)

15
test/ruby/test_dir.rb
View file

@ -43,15 +43,6 @@ class TestDir < Test::Unit::TestCase
end
end
def test_JVN_13947696
b = lambda {
d = Dir.open('.')
$SAFE = 4
d.close
}
assert_raise(SecurityError) { b.call }
end
def test_nodir
assert_raise(Errno::ENOENT) { Dir.open(@nodir) }
end
@ -90,12 +81,6 @@ class TestDir < Test::Unit::TestCase
d.rewind
b = (0..5).map { d.read }
assert_equal(a, b)
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
d.rewind
end.join
end
ensure
d.close
end

5
test/ruby/test_encoding.rb
View file

@ -100,11 +100,6 @@ class TestEncoding < Test::Unit::TestCase
assert_equal(str, str2, '[ruby-dev:38596]')
end
def test_unsafe
bug5279 = '[ruby-dev:44469]'
assert_ruby_status([], '$SAFE=4; "a".encode("utf-16be")', bug5279)
end
def test_compatible_p
ua = "abc".force_encoding(Encoding::UTF_8)
assert_equal(Encoding::UTF_8, Encoding.compatible?(ua, :abc))

6
test/ruby/test_env.rb
View file

@ -114,12 +114,6 @@ class TestEnv < Test::Unit::TestCase
end
def test_aset
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
ENV["test"] = "foo"
end.join
end
assert_nothing_raised { ENV["test"] = nil }
assert_equal(nil, ENV["test"])
assert_raise(ArgumentError) { ENV["foo\0bar"] = "test" }

10
test/ruby/test_eval.rb
View file

@ -440,16 +440,6 @@ class TestEval < Test::Unit::TestCase
assert_raise(RuntimeError) { eval("raise ''") }
end
def test_eval_using_untainted_binding_under_safe4
assert_raise(SecurityError) do
Thread.new do
b = binding
$SAFE = 4
eval("", b)
end.join
end
end
def test_eval_with_toplevel_binding # [ruby-dev:37142]
ruby("-e", "x = 0; eval('p x', TOPLEVEL_BINDING)") do |f|
f.close_write

47
test/ruby/test_exception.rb
View file

@ -255,25 +255,6 @@ class TestException < Test::Unit::TestCase
INPUT
end
def test_safe4
cmd = proc{raise SystemExit}
safe0_p = proc{|*args| args}
test_proc = proc {
$SAFE = 4
begin
cmd.call
rescue SystemExit => e
safe0_p["SystemExit: #{e.inspect}"]
raise e
rescue Exception => e
safe0_p["Exception (NOT SystemExit): #{e.inspect}"]
raise e
end
}
assert_raise(SystemExit, '[ruby-dev:38760]') {test_proc.call}
end
def test_thread_signal_location
_, stderr, _ = EnvUtil.invoke_ruby("--disable-gems -d", <<-RUBY, false, true)
Thread.start do
@ -475,32 +456,4 @@ end.join
s = e.to_s
assert_equal(false, s.tainted?)
end
def test_exception_to_s_should_not_propagate_untrustedness
favorite_lang = "Ruby"
for exc in [Exception, NameError]
assert_raise(SecurityError) do
lambda {
$SAFE = 4
exc.new(favorite_lang).to_s
favorite_lang.replace("Python")
}.call
end
end
assert_raise(SecurityError) do
lambda {
$SAFE = 4
o = Object.new
o.singleton_class.send(:define_method, :to_str) {
favorite_lang
}
NameError.new(o).to_s
favorite_lang.replace("Python")
}.call
end
assert_equal("Ruby", favorite_lang)
end
end

9
test/ruby/test_file_exhaustive.rb
View file

@ -1109,15 +1109,6 @@ class TestFileExhaustive < Test::Unit::TestCase
assert_nothing_raised { ENV["PATH"] }
end
def test_find_file
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
load(@file)
end.join
end
end
def test_size
assert_equal(3, File.open(@file) {|f| f.size })
File.open(@file, "a") do |f|

10
test/ruby/test_hash.rb
View file

@ -722,16 +722,6 @@ class TestHash < Test::Unit::TestCase
assert_equal([], expected - vals)
end
def test_security_check
h = {}
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
h[1] = 1
end.join
end
end
def test_intialize_wrong_arguments
assert_raise(ArgumentError) do
Hash.new(0) { }

44
test/ruby/test_io.rb
View file

@ -918,17 +918,6 @@ class TestIO < Test::Unit::TestCase
}
end
def safe_4
t = Thread.new do
$SAFE = 4
yield
end
unless t.join(10)
t.kill
flunk("timeout in safe_4")
end
end
def ruby(*args)
args = ['-e', '$>.write($<.read)'] if args.empty?
ruby = EnvUtil.rubybin
@ -1001,9 +990,6 @@ class TestIO < Test::Unit::TestCase
def test_inspect
with_pipe do |r, w|
assert_match(/^#<IO:fd \d+>$/, r.inspect)
assert_raise(SecurityError) do
safe_4 { r.inspect }
end
end
end
@ -1179,14 +1165,6 @@ class TestIO < Test::Unit::TestCase
end
end
def test_close_read_security_error
with_pipe do |r, w|
assert_raise(SecurityError) do
safe_4 { r.close_read }
end
end
end
def test_close_read_non_readable
with_pipe do |r, w|
assert_raise(IOError) do
@ -1203,14 +1181,6 @@ class TestIO < Test::Unit::TestCase
end
end
def test_close_write_security_error
with_pipe do |r, w|
assert_raise(SecurityError) do
safe_4 { r.close_write }
end
end
end
def test_close_write_non_readable
with_pipe do |r, w|
assert_raise(IOError) do
@ -1441,14 +1411,6 @@ class TestIO < Test::Unit::TestCase
end
end
def test_close_security_error
with_pipe do |r, w|
assert_raise(SecurityError) do
safe_4 { r.close }
end
end
end
def test_pos
make_tempfile {|t|
@ -1710,12 +1672,6 @@ class TestIO < Test::Unit::TestCase
def test_reopen
make_tempfile {|t|
with_pipe do |r, w|
assert_raise(SecurityError) do
safe_4 { r.reopen(t.path) }
end
end
open(__FILE__) do |f|
f.gets
assert_nothing_raised {

9
test/ruby/test_method.rb
View file

@ -325,15 +325,6 @@ class TestMethod < Test::Unit::TestCase
assert_equal(:bar, m.clone.bar)
end
def test_call
o = Object.new
def o.foo; p 1; end
def o.bar(x); x; end
m = o.method(:foo)
m.taint
assert_raise(SecurityError) { m.call }
end
def test_inspect
o = Object.new
def o.foo; end

38
test/ruby/test_module.rb
View file

@ -760,13 +760,6 @@ class TestModule < Test::Unit::TestCase
end
def test_undef
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
Class.instance_eval { undef_method(:foo) }
end.join
end
c = Class.new
assert_raise(NameError) do
c.instance_eval { undef_method(:foo) }
@ -861,19 +854,6 @@ class TestModule < Test::Unit::TestCase
assert_equal(true, c.private_method_defined?(:baz))
end
def test_change_visibility_under_safe4
c = Class.new
c.class_eval do
def foo; end
end
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
c.class_eval { private :foo }
end.join
end
end
def test_top_public_private
assert_in_out_err([], <<-INPUT, %w([:foo] [:bar]), [])
private
@ -970,24 +950,6 @@ class TestModule < Test::Unit::TestCase
assert_equal(false, m.include?(m))
end
def test_include_under_safe4
m = Module.new
c1 = Class.new
assert_raise(SecurityError) do
lambda {
$SAFE = 4
c1.instance_eval { include(m) }
}.call
end
assert_nothing_raised do
lambda {
$SAFE = 4
c2 = Class.new
c2.instance_eval { include(m) }
}.call
end
end
def test_send
a = AClass.new
assert_equal(:aClass, a.__send__(:aClass))

154
test/ruby/test_object.rb
View file

@ -52,16 +52,6 @@ class TestObject < Test::Unit::TestCase
assert_raise(RuntimeError) { o.untaint }
end
def test_freeze_under_safe_4
o = Object.new
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
o.freeze
end.join
end
end
def test_freeze_immediate
assert_equal(true, 1.frozen?)
1.freeze
@ -282,17 +272,6 @@ class TestObject < Test::Unit::TestCase
assert_equal(1+3+5+7+9, n)
end
def test_add_method_under_safe4
o = Object.new
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
def o.foo
end
end.join
end
end
def test_redefine_method_under_verbose
assert_in_out_err([], <<-INPUT, %w(2), /warning: method redefined; discarding old foo$/)
$VERBOSE = true
@ -316,20 +295,6 @@ class TestObject < Test::Unit::TestCase
end
def test_remove_method
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
Object.instance_eval { remove_method(:foo) }
end.join
end
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
Class.instance_eval { remove_method(:foo) }
end.join
end
c = Class.new
c.freeze
assert_raise(RuntimeError) do
@ -687,72 +652,21 @@ class TestObject < Test::Unit::TestCase
end
def test_untrusted
obj = lambda {
$SAFE = 4
x = Object.new
x.instance_eval { @foo = 1 }
x
}.call
obj = Object.new
assert_equal(false, obj.untrusted?)
assert_equal(false, obj.tainted?)
obj.untrust
assert_equal(true, obj.untrusted?)
assert_equal(true, obj.tainted?)
x = Object.new
assert_equal(false, x.untrusted?)
assert_raise(SecurityError) do
lambda {
$SAFE = 4
x.instance_eval { @foo = 1 }
}.call
end
x = Object.new
x.taint
assert_raise(SecurityError) do
lambda {
$SAFE = 4
x.instance_eval { @foo = 1 }
}.call
end
x.untrust
assert_equal(true, x.untrusted?)
assert_nothing_raised do
lambda {
$SAFE = 4
x.instance_eval { @foo = 1 }
}.call
end
x.trust
assert_equal(false, x.untrusted?)
assert_raise(SecurityError) do
lambda {
$SAFE = 4
x.instance_eval { @foo = 1 }
}.call
end
a = Object.new
a.untrust
assert_equal(true, a.untrusted?)
b = a.dup
assert_equal(true, b.untrusted?)
c = a.clone
assert_equal(true, c.untrusted?)
a = Object.new
b = lambda {
$SAFE = 4
a.dup
}.call
assert_equal(true, b.untrusted?)
a = Object.new
b = lambda {
$SAFE = 4
a.clone
}.call
assert_equal(true, b.untrusted?)
obj.trust
assert_equal(false, obj.untrusted?)
assert_equal(false, obj.tainted?)
obj.taint
assert_equal(true, obj.untrusted?)
assert_equal(true, obj.tainted?)
obj.untaint
assert_equal(false, obj.untrusted?)
assert_equal(false, obj.tainted?)
end
def test_to_s
@ -813,42 +727,6 @@ class TestObject < Test::Unit::TestCase
assert_match(/\bInspect\u{3042}:.* @\u{3044}=42\b/, x)
end
def test_exec_recursive
Thread.current[:__recursive_key__] = nil
a = [[]]
a.inspect
assert_nothing_raised do
-> do
$SAFE = 4
begin
a.hash
rescue ArgumentError
end
end.call
end
-> do
assert_nothing_raised do
$SAFE = 4
a.inspect
end
end.call
-> do
o = Object.new
def o.to_ary(x); end
def o.==(x); $SAFE = 4; false; end
a = [[o]]
b = []
b << b
assert_nothing_raised do
b == a
end
end.call
end
def test_singleton_class
x = Object.new
xs = class << x; self; end
@ -895,12 +773,6 @@ class TestObject < Test::Unit::TestCase
c = a.dup.freeze
assert_raise(RuntimeError, "frozen") {c.instance_eval {initialize_copy(b)}}
d = a.dup.trust
assert_raise(SecurityError, "untrust") do
proc {
$SAFE = 4
d.instance_eval {initialize_copy(b)}
}.call
end
[a, b, c, d]
end

10
test/ruby/test_pack.rb
View file

@ -644,16 +644,6 @@ EXPECTED
assert_equal([0x100000000], "\220\200\200\200\000".unpack("w"), [0x100000000])
end
def test_modify_under_safe4
s = "foo"
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
s.clear
end.join
end
end
def test_length_too_big
assert_raise(RangeError) { [].pack("C100000000000000000000") }
end

12
test/ruby/test_rand.rb
View file

@ -504,18 +504,6 @@ END
end
end
def test_marshal_load_insecure
r = Random.new(0)
d = r.__send__(:marshal_dump)
l = proc do
$SAFE = 4
r.__send__(:marshal_load, d)
end
assert_raise(SecurityError, '[Bug #6540]') do
l.call
end
end
def test_random_ulong_limited
def (gen = Object.new).rand(*) 1 end
assert_equal([2], (1..100).map {[1,2,3].sample(random: gen)}.uniq)

12
test/ruby/test_regexp.rb
View file

@ -340,14 +340,6 @@ class TestRegexp < Test::Unit::TestCase
def test_initialize
assert_raise(ArgumentError) { Regexp.new }
assert_equal(/foo/, Regexp.new(/foo/, Regexp::IGNORECASE))
re = /foo/
assert_raise(SecurityError) do
Thread.new { $SAFE = 4; re.instance_eval { initialize(re) } }.join
end
re.taint
assert_raise(SecurityError) do
Thread.new { $SAFE = 4; re.instance_eval { initialize(re) } }.join
end
assert_equal(Encoding.find("US-ASCII"), Regexp.new("b..", nil, "n").encoding)
assert_equal("bar", "foobarbaz"[Regexp.new("b..", nil, "n")])
@ -545,12 +537,12 @@ class TestRegexp < Test::Unit::TestCase
def test_taint
m = Thread.new do
"foo"[/foo/]
$SAFE = 4
$SAFE = 3
/foo/.match("foo")
end.value
assert(m.tainted?)
assert_nothing_raised('[ruby-core:26137]') {
m = proc {$SAFE = 4; %r"#{ }"o}.call
m = proc {$SAFE = 3; %r"#{ }"o}.call
}
assert(m.tainted?)
end

54
test/ruby/test_settracefunc.rb
View file

@ -397,42 +397,6 @@ class TestSetTraceFunc < Test::Unit::TestCase
assert_equal(self, ok, bug3921)
end
def assert_security_error_safe4(block)
assert_raise(SecurityError) do
block.call
end
end
def test_set_safe4
func = proc do
$SAFE = 4
set_trace_func(lambda {|*|})
end
assert_security_error_safe4(func)
end
def test_thread_set_safe4
th = Thread.start {sleep}
func = proc do
$SAFE = 4
th.set_trace_func(lambda {|*|})
end
assert_security_error_safe4(func)
ensure
th.kill
end
def test_thread_add_safe4
th = Thread.start {sleep}
func = proc do
$SAFE = 4
th.add_trace_func(lambda {|*|})
end
assert_security_error_safe4(func)
ensure
th.kill
end
class << self
define_method(:method_added, Module.method(:method_added))
end
@ -924,24 +888,6 @@ class TestSetTraceFunc < Test::Unit::TestCase
end
end
def test_trace_point_enable_safe4
tp = TracePoint.new {}
func = proc do
$SAFE = 4
tp.enable
end
assert_security_error_safe4(func)
end
def test_trace_point_disable_safe4
tp = TracePoint.new {}
func = proc do
$SAFE = 4
tp.disable
end
assert_security_error_safe4(func)
end
def m1_for_test_trace_point_binding_in_ifunc(arg)
arg + nil
rescue

24
test/ruby/test_struct.rb
View file

@ -74,17 +74,6 @@ class TestStruct < Test::Unit::TestCase
assert_raise(NameError) { o[:b] }
end
def test_modify
klass = Struct.new(:a)
o = klass.new(1)
assert_raise(SecurityError) do
Thread.new do
$SAFE = 4
o.a = 2
end.value
end
end
def test_set
klass = Struct.new(:a)
o = klass.new(1)
@ -263,19 +252,6 @@ class TestStruct < Test::Unit::TestCase
}
end
def test_struct_subclass
bug5036 = '[ruby-dev:44122]'
st = Class.new(Struct)
s = st.new("S", :m).new
error = assert_raise(SecurityError) do
proc do
$SAFE = 4
s.m = 1
end.call
end
assert_equal("Insecure: can't modify #{st}::S", error.message, bug5036)
end
def test_to_h
klass = Struct.new(:a, :b, :c, :d, :e, :f)
o = klass.new(1, 2, 3, 4, 5, 6)

20
test/ruby/test_thread.rb
View file

@ -88,18 +88,6 @@ class TestThread < Test::Unit::TestCase
end
end
def test_thread_variable_security
t = Thread.new { sleep }
assert_raises(SecurityError) do
Thread.new { $SAFE = 4; t.thread_variable_get(:foo) }.join
end
assert_raises(SecurityError) do
Thread.new { $SAFE = 4; t.thread_variable_set(:foo, :baz) }.join
end
end
def test_mutex_synchronize
m = Mutex.new
r = 0
@ -396,14 +384,6 @@ class TestThread < Test::Unit::TestCase
def test_thread_local_security
t = Thread.new { sleep }
assert_raise(SecurityError) do
Thread.new { $SAFE = 4; t[:foo] }.join
end
assert_raise(SecurityError) do
Thread.new { $SAFE = 4; t[:foo] = :baz }.join
end
assert_raise(RuntimeError) do
Thread.new do
Thread.current[:foo] = :bar

24
test/ruby/test_time.rb
View file

@ -312,16 +312,6 @@ class TestTime < Test::Unit::TestCase
"[ruby-dev:44827] [Bug #5586]")
end
def test_security_error
assert_raise(SecurityError) do
Thread.new do
t = Time.gm(2000)
$SAFE = 4
t.localtime
end.join
end
end
def test_at3
t2000 = get_t2000
assert_equal(t2000, Time.at(t2000))
@ -884,20 +874,6 @@ class TestTime < Test::Unit::TestCase
assert_raise(NoMethodError, bug5012) { t1.m }
end
def test_time_subclass
bug5036 = '[ruby-dev:44122]'
tc = Class.new(Time)
tc.inspect
t = tc.now
error = assert_raise(SecurityError) do
proc do
$SAFE = 4
t.gmtime
end.call
end
assert_equal("Insecure: can't modify #{tc}", error.message, bug5036)
end
def test_sec_str
bug6193 = '[ruby-core:43569]'
t = nil

8
thread.c
View file

@ -2165,7 +2165,6 @@ rb_thread_kill(VALUE thread)
GetThreadPtr(thread, th);
if (th != GET_THREAD() && th->safe_level < 4) {
rb_secure(4);
}
if (th->to_kill || th->status == THREAD_KILLED) {
return thread;
@ -2474,7 +2473,6 @@ rb_thread_s_abort_exc(void)
static VALUE
rb_thread_s_abort_exc_set(VALUE self, VALUE val)
{
rb_secure(4);
GET_THREAD()->vm->thread_abort_on_exception = RTEST(val);
return val;
}
@ -2523,7 +2521,6 @@ static VALUE
rb_thread_abort_exc_set(VALUE thread, VALUE val)
{
rb_thread_t *th;
rb_secure(4);
GetThreadPtr(thread, th);
th->abort_on_exception = RTEST(val);
@ -3142,7 +3139,6 @@ rb_thread_priority_set(VALUE thread, VALUE prio)
int priority;
GetThreadPtr(thread, th);
rb_secure(4);
#if USE_NATIVE_THREAD_PRIORITY
th->priority = NUM2INT(prio);
@ -4116,7 +4112,6 @@ thgroup_add(VALUE group, VALUE thread)
rb_thread_t *th;
struct thgroup *data;
rb_secure(4);
GetThreadPtr(thread, th);
if (OBJ_FROZEN(group)) {
@ -4738,7 +4733,6 @@ recursive_list_access(void)
VALUE list;
if (NIL_P(hash) || !RB_TYPE_P(hash, T_HASH)) {
hash = rb_hash_new();
OBJ_UNTRUST(hash);
rb_thread_local_aset(rb_thread_current(), recursive_key, hash);
list = Qnil;
}
@ -4747,7 +4741,6 @@ recursive_list_access(void)
}
if (NIL_P(list) || !RB_TYPE_P(list, T_HASH)) {
list = rb_hash_new();
OBJ_UNTRUST(list);
rb_hash_aset(hash, sym, list);
}
return list;
@ -4809,7 +4802,6 @@ recursive_push(VALUE list, VALUE obj, VALUE paired_obj)
if (!RB_TYPE_P(pair_list, T_HASH)){
VALUE other_paired_obj = pair_list;
pair_list = rb_hash_new();
OBJ_UNTRUST(pair_list);
rb_hash_aset(pair_list, other_paired_obj, Qtrue);
rb_hash_aset(list, obj, pair_list);
}

2
transcode.c
View file

@ -377,7 +377,7 @@ load_transcoder_entry(transcoder_entry_t *entry)
memcpy(path, transcoder_lib_prefix, sizeof(transcoder_lib_prefix) - 1);
memcpy(path + sizeof(transcoder_lib_prefix) - 1, lib, len);
rb_str_set_len(fn, total_len);
FL_UNSET(fn, FL_TAINT|FL_UNTRUSTED);
FL_UNSET(fn, FL_TAINT);
OBJ_FREEZE(fn);
if (!rb_require_safe(fn, safe > 3 ? 3 : safe))
return NULL;

18
variable.c
View file

@ -645,7 +645,6 @@ rb_f_trace_var(int argc, VALUE *argv)
struct global_entry *entry;
struct trace_var *trace;
rb_secure(4);
if (rb_scan_args(argc, argv, "11", &var, &cmd) == 1) {
cmd = rb_block_proc();
}
@ -707,7 +706,6 @@ rb_f_untrace_var(int argc, VALUE *argv)
struct trace_var *trace;
st_data_t data;
rb_secure(4);
rb_scan_args(argc, argv, "11", &var, &cmd);
id = rb_check_id(&var);
if (!id) {
@ -1130,8 +1128,6 @@ rb_ivar_set(VALUE obj, ID id, VALUE val)
long i, len;
int ivar_extended;
if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable");
rb_check_frozen(obj);
if (SPECIAL_CONST_P(obj)) goto generic;
switch (BUILTIN_TYPE(obj)) {
@ -1404,8 +1400,6 @@ rb_obj_remove_instance_variable(VALUE obj, VALUE name)
struct st_table *iv_index_tbl;
st_data_t index;
if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable");
rb_check_frozen(obj);
if (!id) {
if (rb_is_instance_name(name)) {
@ -1939,8 +1933,6 @@ rb_const_remove(VALUE mod, ID id)
VALUE val;
st_data_t v, n = id;
if (!OBJ_UNTRUSTED(mod) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: can't remove constant");
rb_check_frozen(mod);
if (!RCLASS_CONST_TBL(mod) || !st_delete(RCLASS_CONST_TBL(mod), &n, &v)) {
if (rb_const_defined_at(mod, id)) {
@ -2131,8 +2123,6 @@ rb_public_const_defined_at(VALUE klass, ID id)
static void
check_before_mod_set(VALUE klass, ID id, VALUE val, const char *dest)
{
if (!OBJ_UNTRUSTED(klass) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: can't set %s", dest);
rb_check_frozen(klass);
}
@ -2206,7 +2196,6 @@ rb_define_const(VALUE klass, const char *name, VALUE val)
rb_warn("rb_define_const: invalid name `%s' for constant", name);
}
if (klass == rb_cObject) {
rb_secure(4);
}
rb_const_set(klass, id, val);
}
@ -2224,11 +2213,6 @@ set_const_visibility(VALUE mod, int argc, VALUE *argv, rb_const_flag_t flag)
st_data_t v;
ID id;
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(mod)) {
rb_raise(rb_eSecurityError,
"Insecure: can't change constant visibility");
}
if (argc == 0) {
rb_warning("%"PRIsVALUE" with no argument is just ignored",
QUOTE_ID(rb_frame_callee()));
@ -2563,8 +2547,6 @@ rb_mod_remove_cvar(VALUE mod, VALUE name)
if (!rb_is_class_id(id)) {
rb_name_error(id, "wrong class variable name %"PRIsVALUE"", QUOTE_ID(id));
}
if (!OBJ_UNTRUSTED(mod) && rb_safe_level() >= 4)
rb_raise(rb_eSecurityError, "Insecure: can't remove class variable");
rb_check_frozen(mod);
if (RCLASS_IV_TBL(mod) && st_delete(RCLASS_IV_TBL(mod), &n, &val)) {
return (VALUE)val;

4
vm_insnhelper.c
View file

@ -559,10 +559,6 @@ static inline VALUE
vm_setivar(VALUE obj, ID id, VALUE val, IC ic, rb_call_info_t *ci, int is_attr)
{
#if USE_IC_FOR_IVAR
if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4) {
rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable");
}
rb_check_frozen(obj);
if (RB_TYPE_P(obj, T_OBJECT)) {

26
vm_method.c
View file

@ -234,10 +234,6 @@ rb_method_entry_make(VALUE klass, ID mid, rb_method_type_t type,
if (NIL_P(klass)) {
klass = rb_cObject;
}
if (rb_safe_level() >= 4 &&
(klass == rb_cObject || !OBJ_UNTRUSTED(klass))) {
rb_raise(rb_eSecurityError, "Insecure: can't define method");
}
if (!FL_TEST(klass, FL_SINGLETON) &&
type != VM_METHOD_TYPE_NOTIMPLEMENTED &&
type != VM_METHOD_TYPE_ZSUPER &&
@ -657,10 +653,6 @@ remove_method(VALUE klass, ID mid)
klass = RCLASS_ORIGIN(klass);
if (klass == rb_cObject) {
rb_secure(4);
}
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(klass)) {
rb_raise(rb_eSecurityError, "Insecure: can't remove method");
}
rb_check_frozen(klass);
if (mid == object_id || mid == id__send__ || mid == idInitialize) {
@ -744,7 +736,6 @@ rb_export_method(VALUE klass, ID name, rb_method_flag_t noex)
VALUE defined_class;
if (klass == rb_cObject) {
rb_secure(4);
}
me = search_method(klass, name, &defined_class);
@ -847,10 +838,6 @@ rb_undef(VALUE klass, ID id)
rb_raise(rb_eTypeError, "no class to undef method");
}
if (rb_vm_cbase() == rb_cObject && klass == rb_cObject) {
rb_secure(4);
}
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(klass)) {
rb_raise(rb_eSecurityError, "Insecure: can't undef `%s'", rb_id2name(id));
}
rb_frozen_class_p(klass);
if (id == object_id || id == id__send__ || id == idInitialize) {
@ -1201,7 +1188,6 @@ rb_alias(VALUE klass, ID name, ID def)
rb_frozen_class_p(klass);
if (klass == rb_cObject) {
rb_secure(4);
}
again:
@ -1258,20 +1244,10 @@ rb_mod_alias_method(VALUE mod, VALUE newname, VALUE oldname)
return mod;
}
static void
secure_visibility(VALUE self)
{
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(self)) {
rb_raise(rb_eSecurityError,
"Insecure: can't change method visibility");
}
}
static void
set_method_visibility(VALUE self, int argc, VALUE *argv, rb_method_flag_t ex)
{
int i;
secure_visibility(self);
if (argc == 0) {
rb_warning("%"PRIsVALUE" with no argument is just ignored",
@ -1293,7 +1269,6 @@ set_method_visibility(VALUE self, int argc, VALUE *argv, rb_method_flag_t ex)
static VALUE
set_visibility(int argc, VALUE *argv, VALUE module, rb_method_flag_t ex)
{
secure_visibility(module);
if (argc == 0) {
SCOPE_SET(ex);
}
@ -1495,7 +1470,6 @@ rb_mod_modfunc(int argc, VALUE *argv, VALUE module)
rb_raise(rb_eTypeError, "module_function must be called for modules");
}
secure_visibility(module);
if (argc == 0) {
SCOPE_SET(NOEX_MODFUNC);
return module;

5
vm_trace.c
View file

@ -449,7 +449,6 @@ static void call_trace_func(rb_event_flag_t, VALUE data, VALUE self, ID id, VALU
static VALUE
set_trace_func(VALUE obj, VALUE trace)
{
rb_secure(4);
rb_remove_event_hook(call_trace_func);
@ -489,7 +488,6 @@ thread_add_trace_func_m(VALUE obj, VALUE trace)
{
rb_thread_t *th;
rb_secure(4);
GetThreadPtr(obj, th);
thread_add_trace_func(th, trace);
return trace;
@ -511,7 +509,6 @@ thread_set_trace_func_m(VALUE obj, VALUE trace)
{
rb_thread_t *th;
rb_secure(4);
GetThreadPtr(obj, th);
rb_threadptr_remove_event_hook(th, call_trace_func, Qundef);
@ -973,7 +970,6 @@ rb_tracepoint_enable(VALUE tpval)
{
rb_tp_t *tp;
rb_secure(4);
tp = tpptr(tpval);
if (tp->target_th) {
@ -993,7 +989,6 @@ rb_tracepoint_disable(VALUE tpval)
{
rb_tp_t *tp;
rb_secure(4);
tp = tpptr(tpval);
if (tp->target_th) {