mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* marshal.c (struct dump_arg, struct load_arg): merge taint and
untrust flags into infection as bit flags. * marshal.c (w_nbyte, clear_dump_arg): infect the buffer as soon as appending, because it might have been finalized already at exit. based on a patch by Tomoyuki Chikanaga at [ruby-dev:41672]. [Bug #3463] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@28413 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu
parent
78cfe71555
commit
23af1d2a4b
2 changed files with 27 additions and 32 deletions
10
ChangeLog
10
ChangeLog
|
|
@ -1,3 +1,13 @@
|
||||||
|
Thu Jun 24 05:44:27 2010 Nobuyoshi Nakada <nobu@ruby-lang.org>
|
||||||
|
|
||||||
|
* marshal.c (struct dump_arg, struct load_arg): merge taint and
|
||||||
|
untrust flags into infection as bit flags.
|
||||||
|
|
||||||
|
* marshal.c (w_nbyte, clear_dump_arg): infect the buffer as soon
|
||||||
|
as appending, because it might have been finalized already at
|
||||||
|
exit. based on a patch by Tomoyuki Chikanaga
|
||||||
|
at [ruby-dev:41672]. [Bug #3463]
|
||||||
|
|
||||||
Wed Jun 23 23:49:21 2010 Tanaka Akira <akr@fsij.org>
|
Wed Jun 23 23:49:21 2010 Tanaka Akira <akr@fsij.org>
|
||||||
|
|
||||||
* ext/socket/raddrinfo.c (str_is_number): renamed from str_isnumber to
|
* ext/socket/raddrinfo.c (str_is_number): renamed from str_isnumber to
|
||||||
|
|
|
||||||
49
marshal.c
49
marshal.c
|
|
@ -131,14 +131,16 @@ rb_marshal_define_compat(VALUE newclass, VALUE oldclass, VALUE (*dumper)(VALUE),
|
||||||
st_insert(compat_allocator_tbl, (st_data_t)allocator, (st_data_t)compat);
|
st_insert(compat_allocator_tbl, (st_data_t)allocator, (st_data_t)compat);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#define MARSHAL_INFECTION (FL_TAINT|FL_UNTRUSTED)
|
||||||
|
typedef char ruby_check_marshal_viral_flags[MARSHAL_INFECTION == (int)MARSHAL_INFECTION ? 1 : -1];
|
||||||
|
|
||||||
struct dump_arg {
|
struct dump_arg {
|
||||||
VALUE str, dest;
|
VALUE str, dest;
|
||||||
st_table *symbols;
|
st_table *symbols;
|
||||||
st_table *data;
|
st_table *data;
|
||||||
int taint;
|
|
||||||
int untrust;
|
|
||||||
st_table *compat_tbl;
|
st_table *compat_tbl;
|
||||||
st_table *encodings;
|
st_table *encodings;
|
||||||
|
int infection;
|
||||||
};
|
};
|
||||||
|
|
||||||
struct dump_call_arg {
|
struct dump_call_arg {
|
||||||
|
|
@ -224,9 +226,8 @@ w_nbyte(const char *s, long n, struct dump_arg *arg)
|
||||||
{
|
{
|
||||||
VALUE buf = arg->str;
|
VALUE buf = arg->str;
|
||||||
rb_str_buf_cat(buf, s, n);
|
rb_str_buf_cat(buf, s, n);
|
||||||
|
RBASIC(buf)->flags |= arg->infection;
|
||||||
if (arg->dest && RSTRING_LEN(buf) >= BUFSIZ) {
|
if (arg->dest && RSTRING_LEN(buf) >= BUFSIZ) {
|
||||||
if (arg->taint) OBJ_TAINT(buf);
|
|
||||||
if (arg->untrust) OBJ_UNTRUST(buf);
|
|
||||||
rb_io_write(arg->dest, buf);
|
rb_io_write(arg->dest, buf);
|
||||||
rb_str_resize(buf, 0);
|
rb_str_resize(buf, 0);
|
||||||
}
|
}
|
||||||
|
|
@ -636,8 +637,7 @@ w_object(VALUE obj, struct dump_arg *arg, int limit)
|
||||||
w_symbol(SYM2ID(obj), arg);
|
w_symbol(SYM2ID(obj), arg);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
if (OBJ_TAINTED(obj)) arg->taint = TRUE;
|
arg->infection |= FL_TEST(obj, MARSHAL_INFECTION);
|
||||||
if (OBJ_UNTRUSTED(obj)) arg->untrust = TRUE;
|
|
||||||
|
|
||||||
if (rb_respond_to(obj, s_mdump)) {
|
if (rb_respond_to(obj, s_mdump)) {
|
||||||
volatile VALUE v;
|
volatile VALUE v;
|
||||||
|
|
@ -856,12 +856,6 @@ clear_dump_arg(struct dump_arg *arg)
|
||||||
st_free_table(arg->encodings);
|
st_free_table(arg->encodings);
|
||||||
arg->encodings = 0;
|
arg->encodings = 0;
|
||||||
}
|
}
|
||||||
if (arg->taint) {
|
|
||||||
OBJ_TAINT(arg->str);
|
|
||||||
}
|
|
||||||
if (arg->untrust) {
|
|
||||||
OBJ_UNTRUST(arg->str);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
@ -922,8 +916,7 @@ marshal_dump(int argc, VALUE *argv)
|
||||||
arg->dest = 0;
|
arg->dest = 0;
|
||||||
arg->symbols = st_init_numtable();
|
arg->symbols = st_init_numtable();
|
||||||
arg->data = st_init_numtable();
|
arg->data = st_init_numtable();
|
||||||
arg->taint = FALSE;
|
arg->infection = 0;
|
||||||
arg->untrust = FALSE;
|
|
||||||
arg->compat_tbl = st_init_numtable();
|
arg->compat_tbl = st_init_numtable();
|
||||||
arg->encodings = 0;
|
arg->encodings = 0;
|
||||||
arg->str = rb_str_buf_new(0);
|
arg->str = rb_str_buf_new(0);
|
||||||
|
|
@ -962,9 +955,8 @@ struct load_arg {
|
||||||
st_table *symbols;
|
st_table *symbols;
|
||||||
st_table *data;
|
st_table *data;
|
||||||
VALUE proc;
|
VALUE proc;
|
||||||
int taint;
|
|
||||||
int untrust;
|
|
||||||
st_table *compat_tbl;
|
st_table *compat_tbl;
|
||||||
|
int infection;
|
||||||
};
|
};
|
||||||
|
|
||||||
static void
|
static void
|
||||||
|
|
@ -1118,8 +1110,7 @@ r_bytes0(long len, struct load_arg *arg)
|
||||||
if (NIL_P(str)) goto too_short;
|
if (NIL_P(str)) goto too_short;
|
||||||
StringValue(str);
|
StringValue(str);
|
||||||
if (RSTRING_LEN(str) != len) goto too_short;
|
if (RSTRING_LEN(str) != len) goto too_short;
|
||||||
if (OBJ_TAINTED(str)) arg->taint = TRUE;
|
arg->infection |= FL_TEST(str, MARSHAL_INFECTION);
|
||||||
if (OBJ_UNTRUSTED(str)) arg->untrust = TRUE;
|
|
||||||
}
|
}
|
||||||
return str;
|
return str;
|
||||||
}
|
}
|
||||||
|
|
@ -1220,15 +1211,10 @@ r_entry0(VALUE v, st_index_t num, struct load_arg *arg)
|
||||||
else {
|
else {
|
||||||
st_insert(arg->data, num, (st_data_t)v);
|
st_insert(arg->data, num, (st_data_t)v);
|
||||||
}
|
}
|
||||||
if (arg->taint) {
|
if (arg->infection) {
|
||||||
OBJ_TAINT(v);
|
FL_SET(v, arg->infection);
|
||||||
if ((VALUE)real_obj != Qundef)
|
if ((VALUE)real_obj != Qundef)
|
||||||
OBJ_TAINT((VALUE)real_obj);
|
FL_SET((VALUE)real_obj, arg->infection);
|
||||||
}
|
|
||||||
if (arg->untrust) {
|
|
||||||
OBJ_UNTRUST(v);
|
|
||||||
if ((VALUE)real_obj != Qundef)
|
|
||||||
OBJ_UNTRUST((VALUE)real_obj);
|
|
||||||
}
|
}
|
||||||
return v;
|
return v;
|
||||||
}
|
}
|
||||||
|
|
@ -1765,7 +1751,7 @@ static VALUE
|
||||||
marshal_load(int argc, VALUE *argv)
|
marshal_load(int argc, VALUE *argv)
|
||||||
{
|
{
|
||||||
VALUE port, proc;
|
VALUE port, proc;
|
||||||
int major, minor, taint = FALSE;
|
int major, minor, infection = 0;
|
||||||
VALUE v;
|
VALUE v;
|
||||||
volatile VALUE wrapper;
|
volatile VALUE wrapper;
|
||||||
struct load_arg *arg;
|
struct load_arg *arg;
|
||||||
|
|
@ -1773,21 +1759,20 @@ marshal_load(int argc, VALUE *argv)
|
||||||
rb_scan_args(argc, argv, "11", &port, &proc);
|
rb_scan_args(argc, argv, "11", &port, &proc);
|
||||||
v = rb_check_string_type(port);
|
v = rb_check_string_type(port);
|
||||||
if (!NIL_P(v)) {
|
if (!NIL_P(v)) {
|
||||||
taint = OBJ_TAINTED(port); /* original taintedness */
|
infection = FL_TEST(port, MARSHAL_INFECTION); /* original taintedness */
|
||||||
port = v;
|
port = v;
|
||||||
}
|
}
|
||||||
else if (rb_respond_to(port, s_getbyte) && rb_respond_to(port, s_read)) {
|
else if (rb_respond_to(port, s_getbyte) && rb_respond_to(port, s_read)) {
|
||||||
if (rb_respond_to(port, s_binmode)) {
|
if (rb_respond_to(port, s_binmode)) {
|
||||||
rb_funcall2(port, s_binmode, 0, 0);
|
rb_funcall2(port, s_binmode, 0, 0);
|
||||||
}
|
}
|
||||||
taint = TRUE;
|
infection = FL_TAINT | FL_TEST(port, FL_UNTRUSTED);
|
||||||
}
|
}
|
||||||
else {
|
else {
|
||||||
rb_raise(rb_eTypeError, "instance of IO needed");
|
rb_raise(rb_eTypeError, "instance of IO needed");
|
||||||
}
|
}
|
||||||
wrapper = TypedData_Make_Struct(rb_cData, struct load_arg, &load_arg_data, arg);
|
wrapper = TypedData_Make_Struct(rb_cData, struct load_arg, &load_arg_data, arg);
|
||||||
arg->taint = taint;
|
arg->infection = infection;
|
||||||
arg->untrust = OBJ_UNTRUSTED(port);
|
|
||||||
arg->src = port;
|
arg->src = port;
|
||||||
arg->offset = 0;
|
arg->offset = 0;
|
||||||
arg->symbols = st_init_numtable();
|
arg->symbols = st_init_numtable();
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue