* eval.c (secure_visibility): visibility check for untainted modules.

* signal.c (sigpipe): sighandler which does nothing. * signal.c (trap): set sigpipe function for SIGPIPE. * signal.c (Init_signal): default SIGPIPE handler should be sigpipe function. * array.c (rb_ary_subseq): wrong boundary check. * parse.y (cond0): integer literal in condition should not be compared to lineno ($.). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1199 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2001-02-19 07:03:06 +00:00 · 2001-02-19 07:03:06 +00:00 · 3ae4fd7258
commit 3ae4fd7258
parent d63d8012f4
8 changed files with 90 additions and 16 deletions
--- a/22
+++ b/22
@ -1,3 +1,16 @@
+Mon Feb 19 01:55:43 2001  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* eval.c (secure_visibility): visibility check for untainted modules.
+
+Mon Feb 19 00:29:29 2001  Nobuyoshi Nakada  <nobu.nakada@nifty.ne.jp>
+
+	* signal.c (sigpipe): sighandler which does nothing.
+
+	* signal.c (trap): set sigpipe function for SIGPIPE.
+
+	* signal.c (Init_signal): default SIGPIPE handler should be
+	  sigpipe function.
+
 Sun Feb 18 15:42:38 2001  WATANABE Hirofumi  <eban@ruby-lang.org>

 	* ext/curses/extconf.rb: add dir_config.
@ -8,6 +21,10 @@ Sun Feb 18 05:46:03 2001  Minero Aoki  <aamine@dp.u-netsurf.ne.jp>

 	* lib/net/http.rb: Response#range_length was not debugged.

+Sun Feb 18 04:02:03 2001  Yasushi Shoji  <yashi@yashi.com>
+
+	* array.c (rb_ary_subseq): wrong boundary check.
+
 Sun Feb 18 00:09:50 2001  Nobuyoshi Nakada  <nobu.nakada@nifty.ne.jp>

 	* win32/win32.c: fasten file I/O on mswin32/mingw32.
@ -16,6 +33,11 @@ Sun Feb 18 00:09:50 2001  Nobuyoshi Nakada  <nobu.nakada@nifty.ne.jp>

 	* rubysig.h: ditto.

+Sat Feb 17 23:32:45 2001  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* parse.y (cond0): integer literal in condition should not be
+	  compared to lineno ($.).
+
 Fri Feb 16 01:44:56 2001  Yukihiro Matsumoto  <matz@ruby-lang.org>

 	* io.c (set_outfile): f should be the FILE* from the assigning value.
--- a/1
+++ b/1
@ -74,6 +74,7 @@ Standard Libraries
 * or raise ForkException to every thread but fork caller.
 * Hash::new{default} or recommend Hash#fetch?
 * new user-defined marshal scheme. _dump(dumper), _load(restorer)
+* warn, warning for Ruby level

 Extension Libraries

--- a/array.c
+++ b/array.c
@ -400,7 +400,7 @@ rb_ary_subseq(ary, beg, len)
 {
    VALUE ary2;

-    if (beg > RARRAY(ary)->len) return Qnil;
+    if (beg >= RARRAY(ary)->len) return Qnil;
    if (beg < 0 || len < 0) return Qnil;

    if (beg + len > RARRAY(ary)->len) {
--- a/error.c
+++ b/error.c
@ -412,6 +412,13 @@ exc_set_backtrace(exc, bt)
    return rb_iv_set(exc, "bt", check_backtrace(bt));
 }

+static VALUE
+exit_status(exc)
+    VALUE exc;
+{
+    return rb_iv_get(exc, "status");
+}
+
 #ifdef __BEOS__
 typedef struct {
   VALUE *list;
@ -554,6 +561,8 @@ Init_Exception()
    rb_define_method(rb_eException, "set_backtrace", exc_set_backtrace, 1);

    rb_eSystemExit  = rb_define_class("SystemExit", rb_eException);
+    rb_define_method(rb_eSystemExit, "status", exit_status, 0);
+
    rb_eFatal  	    = rb_define_class("fatal", rb_eException);
    rb_eSignal      = rb_define_class("SignalException", rb_eException);
    rb_eInterrupt   = rb_define_class("Interrupt", rb_eSignal);
--- a/eval.c
+++ b/eval.c
@ -5426,6 +5426,15 @@ rb_require(fname)
    return rb_f_require(Qnil, rb_str_new2(fname));
 }

+static void
+secure_visibility(self)
+    VALUE self;
+{
+    if (rb_safe_level() >= 4 && !OBJ_TAINTED(self)) {
+	rb_raise(rb_eSecurityError, "Insecure: can't change method visibility");
+    }
+}
+
 static void
 set_method_visibility(self, argc, argv, ex)
    VALUE self;
@ -5435,6 +5444,7 @@ set_method_visibility(self, argc, argv, ex)
 {
    int i;

+    secure_visibility(self);
    for (i=0; i<argc; i++) {
 	rb_export_method(self, rb_to_id(argv[i]), ex);
    }
@ -5446,6 +5456,7 @@ rb_mod_public(argc, argv, module)
    VALUE *argv;
    VALUE module;
 {
+    secure_visibility(module);
    if (argc == 0) {
 	SCOPE_SET(SCOPE_PUBLIC);
    }
@ -5461,6 +5472,7 @@ rb_mod_protected(argc, argv, module)
    VALUE *argv;
    VALUE module;
 {
+    secure_visibility(module);
    if (argc == 0) {
 	SCOPE_SET(SCOPE_PROTECTED);
    }
@ -5476,6 +5488,7 @@ rb_mod_private(argc, argv, module)
    VALUE *argv;
    VALUE module;
 {
+    secure_visibility(module);
    if (argc == 0) {
 	SCOPE_SET(SCOPE_PRIVATE);
    }
@ -5535,6 +5548,7 @@ rb_mod_modfunc(argc, argv, module)
 	rb_raise(rb_eTypeError, "module_function must be called for modules");
    }

+    secure_visibility(module);
    if (argc == 0) {
 	SCOPE_SET(SCOPE_MODFUNC);
 	return module;
--- a/parse.y
+++ b/parse.y
@ -4469,6 +4469,28 @@ warning_unless_e_option(str)
    if (e_option_supplied()) rb_warning(str);
 }

+static NODE *cond0();
+
+static NODE*
+cond2(node, logop)
+    NODE *node;
+    int logop;
+{
+    enum node_type type;
+
+    if (logop) return node;
+    if (!e_option_supplied()) return node;
+
+    warn_unless_e_option("integer literal in condition");
+    node = cond0(node);
+    type = nd_type(node);
+    if (type == NODE_NEWLINE) node = node->nd_next;
+    if (type == NODE_LIT && FIXNUM_P(node->nd_lit)) {
+	return call_op(node,tEQ,1,NEW_GVAR(rb_intern("$.")));
+    }
+    return node;
+}
+
 static NODE*
 cond0(node, logop)
    NODE *node;
@ -4494,8 +4516,8 @@ cond0(node, logop)

      case NODE_DOT2:
      case NODE_DOT3:
-	node->nd_beg = cond0(node->nd_beg, logop);
-	node->nd_end = cond0(node->nd_end, logop);
+	node->nd_beg = cond2(node->nd_beg, logop);
+	node->nd_end = cond2(node->nd_end, logop);
 	if (type == NODE_DOT2) nd_set_type(node,NODE_FLIP2);
 	else if (type == NODE_DOT3) nd_set_type(node, NODE_FLIP3);
 	node->nd_cnt = local_append(0);
@ -4509,20 +4531,12 @@ cond0(node, logop)
 	goto regexp;

      case NODE_LIT:
-	switch (TYPE(node->nd_lit)) {
-	  case T_REGEXP:
+	if (TYPE(node->nd_lit) == T_REGEXP) {
 	    warning_unless_e_option("regex literal in condition");
 	  regexp:
 	    nd_set_type(node, NODE_MATCH);
 	    local_cnt('_');
 	    local_cnt('~');
-	    break;
-
-	  case T_FIXNUM:
-	    if (logop) break;
-	    if (!e_option_supplied()) break;
-	    warn_unless_e_option("integer literal in condition");
-	    return call_op(node,tEQ,1,NEW_GVAR(rb_intern("$.")));
 	}
    }
    return node;
--- a/process.c
+++ b/process.c
@ -299,12 +299,12 @@ struct waitall_data {
    int pid;
    int status;
    VALUE ary;
-}
+};

 static int
 waitall_each(key, value, data)
    int key, value;
-    struct wait_data *data;
+    struct waitall_data *data;
 {
    VALUE pid_status_member;

@ -563,6 +563,10 @@ rb_proc_exec(str)
    char **argv, **a;

    security(str);
+
+    while (*str && ISSPACE(*str))
+	str++;
+
    for (s=str; *s; s++) {
 	if (*s != ' ' && !ISALPHA(*s) && strchr("*?{}[]<>()~&|\\$;'`\"\n",*s)) {
 #if defined(MSDOS)
--- a/signal.c
+++ b/signal.c
@ -386,6 +386,16 @@ sigsegv(sig)
 }
 #endif

+#ifdef SIGPIPE
+static RETSIGTYPE sigsegv _((int));
+static RETSIGTYPE
+sigpipe(sig)
+    int sig;
+{
+    /* do nothing */
+}
+#endif
+
 void
 rb_trap_exit()
 {
@ -546,7 +556,7 @@ trap(arg)
 #endif
 #ifdef SIGPIPE
 	  case SIGPIPE:
-	    func = SIG_IGN;
+	    func = sigpipe;
 	    break;
 #endif
 	}
@ -659,7 +669,7 @@ Init_signal()
    ruby_signal(SIGSEGV, sigsegv);
 #endif
 #ifdef SIGPIPE
-    ruby_signal(SIGPIPE, SIG_IGN);
+    ruby_signal(SIGPIPE, sigpipe);
 #endif
 #endif /* MACOS_UNUSE_SIGNAL */
 }