kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

* eval.c (rb_load, search_required, rb_require_safe, rb_require): use

Browse source 
frozen shared string to avoid outside modification.  [ruby-dev:24580]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@7106 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
nobu 2004-10-23 15:41:17 +00:00
parent 359ba4eb05
commit 3b6dac4e1d
3 changed files with 21 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
ChangeLog
View file

@ -1,3 +1,8 @@
Sun Oct 24 00:41:09 2004 Nobuyoshi Nakada <nobu@ruby-lang.org>
* eval.c (rb_load, search_required, rb_require_safe, rb_require): use
frozen shared string to avoid outside modification. [ruby-dev:24580]
Sat Oct 23 00:20:55 2004 Yukihiro Matsumoto <matz@ruby-lang.org>
* ext/zlib/zlib.c (zstream_run): always use zstream_append_input()
@ -10,7 +15,7 @@ Fri Oct 22 12:02:28 2004 Yukihiro Matsumoto <matz@ruby-lang.org>
Fri Oct 22 10:36:37 2004 GOTOU Yuuzou <gotoyuzo@notwork.org>
* lib/webrick/httprequest.rb (WEBrick::HTTPRequest#meta_vars):
* lib/webrick/httprequest.rb (WEBrick::HTTPRequest#meta_vars):
should check if path_info is not nil.
Fri Oct 22 00:22:31 2004 Yukihiro Matsumoto <matz@ruby-lang.org>

10
eval.c
View file

@ -6444,6 +6444,7 @@ rb_load(fname, wrap)
else {
SafeStringValue(fname);
}
fname = rb_str_new4(fname);
tmp = rb_find_file(fname);
if (!tmp) {
load_failed(fname);
@ -6696,7 +6697,7 @@ search_required(fname, featurep, path)
char *ext, *ftptr;
int type;
*featurep = fname = rb_str_new4(fname);
*featurep = fname;
*path = 0;
ext = strrchr(ftptr = RSTRING(fname)->ptr, '.');
if (ext && !strchr(ext, '/')) {
@ -6710,6 +6711,7 @@ search_required(fname, featurep, path)
tmp = rb_str_new(RSTRING(fname)->ptr, ext-RSTRING(fname)->ptr);
*featurep = tmp;
#ifdef DLEXT2
OBJ_FREEZE(tmp);
if (rb_find_file_ext(&tmp, loadable_ext+1)) {
*featurep = tmp;
*path = rb_find_file(tmp);
@ -6717,6 +6719,7 @@ search_required(fname, featurep, path)
}
#else
rb_str_cat2(tmp, DLEXT);
OBJ_FREEZE(tmp);
if (*path = rb_find_file(tmp)) {
return 's';
}
@ -6771,6 +6774,7 @@ rb_require_safe(fname, safe)
rb_check_safe_obj(fname);
}
StringValue(fname);
fname = rb_str_new4(fname);
saved.vmode = scope_vmode;
saved.node = ruby_current_node;
saved.func = ruby_frame->last_func;
@ -6841,7 +6845,9 @@ VALUE
rb_require(fname)
const char *fname;
{
return rb_require_safe(rb_str_new2(fname), ruby_safe_level);
VALUE fn = rb_str_new2(fname);
OBJ_FREEZE(fn);
return rb_require_safe(fn, ruby_safe_level);
}
static void

8
file.c
View file

@ -3936,6 +3936,7 @@ rb_find_file_ext(filep, ext)
if (rb_safe_level() >= 2 && OBJ_TAINTED(fname)) {
rb_raise(rb_eSecurityError, "loading from unsafe file %s", f);
}
OBJ_FREEZE(fname);
f = StringValueCStr(fname);
*filep = fname;
}
@ -3944,6 +3945,7 @@ rb_find_file_ext(filep, ext)
for (i=0; ext[i]; i++) {
fname = rb_str_dup(*filep);
rb_str_cat2(fname, ext[i]);
OBJ_FREEZE(fname);
if (file_load_ok(StringValueCStr(fname))) {
*filep = fname;
return i+1;
@ -3964,6 +3966,7 @@ rb_find_file_ext(filep, ext)
for (j=0; ext[j]; j++) {
fname = rb_str_dup(*filep);
rb_str_cat2(fname, ext[j]);
OBJ_FREEZE(fname);
found = dln_find_file(StringValueCStr(fname), path);
if (found && file_load_ok(found)) {
*filep = fname;
@ -3987,6 +3990,7 @@ rb_find_file(path)
if (rb_safe_level() >= 1 && OBJ_TAINTED(path)) {
rb_raise(rb_eSecurityError, "loading from unsafe path %s", f);
}
OBJ_FREEZE(path);
f = StringValueCStr(path);
}
@ -4045,7 +4049,9 @@ rb_find_file(path)
rb_raise(rb_eSecurityError, "loading from unsafe file %s", f);
}
if (file_load_ok(f)) {
return rb_str_new2(f);
tmp = rb_str_new2(f);
OBJ_FREEZE(tmp);
return tmp;
}
return 0;
}