mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* include/ruby/ruby.h: $SAFE=3 is now obsolete.
* ext/socket/init.c, ext/socket/socket.c, ext/socket/tcpsocket.c ext/socket/udpsocket.c, gc.c, object.c, re.c, safe.c: removed code for $SAFE=3 * bootstraptest/test_method.rb, test/erb/test_erb.rb, test/ruby/test_dir.rb test/ruby/test_file.rb, test/ruby/test_method.rb, test/ruby/test_regexp.rb test/ruby/test_thread.rb: remove tests for $SAFE=3 git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50932 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
hsbt
parent
3759dfa23e
commit
bbf440c90b
17 changed files with 23 additions and 100 deletions
12
ChangeLog
12
ChangeLog
|
|
@ -1,3 +1,15 @@
|
|||
Wed Jun 17 14:29:43 2015 SHIBATA Hiroshi <hsbt@ruby-lang.org>
|
||||
|
||||
* include/ruby/ruby.h: $SAFE=3 is now obsolete.
|
||||
|
||||
* ext/socket/init.c, ext/socket/socket.c, ext/socket/tcpsocket.c
|
||||
ext/socket/udpsocket.c, gc.c, object.c, re.c, safe.c: removed code
|
||||
for $SAFE=3
|
||||
|
||||
* bootstraptest/test_method.rb, test/erb/test_erb.rb, test/ruby/test_dir.rb
|
||||
test/ruby/test_file.rb, test/ruby/test_method.rb, test/ruby/test_regexp.rb
|
||||
test/ruby/test_thread.rb: remove tests for $SAFE=3
|
||||
|
||||
Wed Jun 17 12:13:33 2015 SHIBATA Hiroshi <hsbt@ruby-lang.org>
|
||||
|
||||
* ChangeLog: added contibutor name.
|
||||
|
|
|
|||
|
|
@ -921,22 +921,6 @@ assert_equal 'ok', %q{
|
|||
C.new.m
|
||||
}, '[ruby-core:11998]'
|
||||
|
||||
assert_equal 'ok', %q{
|
||||
proc{
|
||||
$SAFE = 3
|
||||
class C
|
||||
def m
|
||||
:ng
|
||||
end
|
||||
end
|
||||
}.call
|
||||
begin
|
||||
C.new.m
|
||||
rescue SecurityError
|
||||
:ok
|
||||
end
|
||||
}, '[ruby-core:11998]'
|
||||
|
||||
assert_equal 'ok', %q{
|
||||
class B
|
||||
def m() :fail end
|
||||
|
|
|
|||
|
|
@ -555,7 +555,6 @@ rsock_s_accept_nonblock(int argc, VALUE *argv, VALUE klass, rb_io_t *fptr,
|
|||
|
||||
rb_scan_args(argc, argv, "0:", &opts);
|
||||
|
||||
rb_secure(3);
|
||||
rb_io_set_nonblock(fptr);
|
||||
fd2 = cloexec_accept(fptr->fd, (struct sockaddr*)sockaddr, len, 1);
|
||||
if (fd2 < 0) {
|
||||
|
|
@ -598,7 +597,6 @@ rsock_s_accept(VALUE klass, int fd, struct sockaddr *sockaddr, socklen_t *len)
|
|||
int retry = 0;
|
||||
struct accept_arg arg;
|
||||
|
||||
rb_secure(3);
|
||||
arg.fd = fd;
|
||||
arg.sockaddr = sockaddr;
|
||||
arg.len = len;
|
||||
|
|
|
|||
|
|
@ -140,7 +140,6 @@ sock_initialize(int argc, VALUE *argv, VALUE sock)
|
|||
if (NIL_P(protocol))
|
||||
protocol = INT2FIX(0);
|
||||
|
||||
rb_secure(3);
|
||||
setup_domain_and_type(domain, &d, type, &t);
|
||||
fd = rsock_socket(d, t, NUM2INT(protocol));
|
||||
if (fd < 0) rb_sys_fail("socket(2)");
|
||||
|
|
@ -1059,7 +1058,6 @@ sock_gethostname(VALUE obj)
|
|||
|
||||
char buf[RUBY_MAX_HOST_NAME_LEN+1];
|
||||
|
||||
rb_secure(3);
|
||||
if (gethostname(buf, (int)sizeof buf - 1) < 0)
|
||||
rb_sys_fail("gethostname(3)");
|
||||
|
||||
|
|
@ -1076,7 +1074,6 @@ sock_gethostname(VALUE obj)
|
|||
{
|
||||
struct utsname un;
|
||||
|
||||
rb_secure(3);
|
||||
uname(&un);
|
||||
return rb_str_new2(un.nodename);
|
||||
}
|
||||
|
|
@ -1143,7 +1140,6 @@ sock_sockaddr(struct sockaddr *addr, socklen_t len)
|
|||
static VALUE
|
||||
sock_s_gethostbyname(VALUE obj, VALUE host)
|
||||
{
|
||||
rb_secure(3);
|
||||
return rsock_make_hostent(host, rsock_addrinfo(host, Qnil, SOCK_STREAM, AI_CANONNAME), sock_sockaddr);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -50,7 +50,6 @@ tcp_sockaddr(struct sockaddr *addr, socklen_t len)
|
|||
static VALUE
|
||||
tcp_s_gethostbyname(VALUE obj, VALUE host)
|
||||
{
|
||||
rb_secure(3);
|
||||
return rsock_make_hostent(host, rsock_addrinfo(host, Qnil, SOCK_STREAM, AI_CANONNAME),
|
||||
tcp_sockaddr);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,7 +30,6 @@ udp_init(int argc, VALUE *argv, VALUE sock)
|
|||
int family = AF_INET;
|
||||
int fd;
|
||||
|
||||
rb_secure(3);
|
||||
if (rb_scan_args(argc, argv, "01", &arg) == 1) {
|
||||
family = rsock_family_arg(arg);
|
||||
}
|
||||
|
|
@ -85,7 +84,6 @@ udp_connect(VALUE sock, VALUE host, VALUE port)
|
|||
struct udp_arg arg;
|
||||
VALUE ret;
|
||||
|
||||
rb_secure(3);
|
||||
arg.res = rsock_addrinfo(host, port, SOCK_DGRAM, 0);
|
||||
GetOpenFile(sock, fptr);
|
||||
arg.fd = fptr->fd;
|
||||
|
|
@ -114,7 +112,6 @@ udp_bind(VALUE sock, VALUE host, VALUE port)
|
|||
struct rb_addrinfo *res0;
|
||||
struct addrinfo *res;
|
||||
|
||||
rb_secure(3);
|
||||
res0 = rsock_addrinfo(host, port, SOCK_DGRAM, 0);
|
||||
GetOpenFile(sock, fptr);
|
||||
for (res = res0->ai; res; res = res->ai_next) {
|
||||
|
|
@ -267,4 +264,3 @@ rsock_init_udpsocket(void)
|
|||
rb_define_method(rb_cUDPSocket, "send", udp_send, -1);
|
||||
rb_define_method(rb_cUDPSocket, "recvfrom_nonblock", udp_recvfrom_nonblock, -1);
|
||||
}
|
||||
|
||||
|
|
|
|||
1
gc.c
1
gc.c
|
|
@ -1719,7 +1719,6 @@ newobj_of(VALUE klass, VALUE flags, VALUE v1, VALUE v2, VALUE v3)
|
|||
/* OBJSETUP */
|
||||
RBASIC(obj)->flags = flags & ~FL_WB_PROTECTED;
|
||||
RBASIC_SET_CLASS_RAW(obj, klass);
|
||||
if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT);
|
||||
RANY(obj)->as.values.v1 = v1;
|
||||
RANY(obj)->as.values.v2 = v2;
|
||||
RANY(obj)->as.values.v3 = v3;
|
||||
|
|
|
|||
|
|
@ -572,15 +572,15 @@ VALUE rb_get_path(VALUE);
|
|||
VALUE rb_get_path_no_checksafe(VALUE);
|
||||
#define FilePathStringValue(v) ((v) = rb_get_path_no_checksafe(v))
|
||||
|
||||
#define RUBY_SAFE_LEVEL_MAX 3
|
||||
#define RUBY_SAFE_LEVEL_MAX 2
|
||||
void rb_secure(int);
|
||||
int rb_safe_level(void);
|
||||
void rb_set_safe_level(int);
|
||||
#if defined(__GNUC__) && (__GNUC__ > 4 || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4))
|
||||
int ruby_safe_level_4_error(void) __attribute__((error("$SAFE=4 is obsolete")));
|
||||
int ruby_safe_level_4_warning(void) __attribute__((warning("$SAFE=4 is obsolete")));
|
||||
int ruby_safe_level_3_error(void) __attribute__((error("$SAFE=3 and 4 is obsolete")));
|
||||
int ruby_safe_level_3_warning(void) __attribute__((warning("$SAFE=3 and 4 is obsolete")));
|
||||
# ifdef RUBY_EXPORT
|
||||
# define ruby_safe_level_4_warning() ruby_safe_level_4_error()
|
||||
# define ruby_safe_level_3_warning() ruby_safe_level_3_error()
|
||||
# endif
|
||||
#if defined(HAVE_BUILTIN___BUILTIN_CHOOSE_EXPR_CONSTANT_P)
|
||||
# define RUBY_SAFE_LEVEL_INVALID_P(level) \
|
||||
|
|
@ -589,7 +589,7 @@ int ruby_safe_level_4_warning(void) __attribute__((warning("$SAFE=4 is obsolete"
|
|||
__builtin_constant_p(level), \
|
||||
((level) < 0 || RUBY_SAFE_LEVEL_MAX < (level)), 0))
|
||||
# define RUBY_SAFE_LEVEL_CHECK(level, type) \
|
||||
__extension__(__builtin_choose_expr(RUBY_SAFE_LEVEL_INVALID_P(level), ruby_safe_level_4_##type(), (level)))
|
||||
__extension__(__builtin_choose_expr(RUBY_SAFE_LEVEL_INVALID_P(level), ruby_safe_level_3_##type(), (level)))
|
||||
#else
|
||||
/* in gcc 4.8 or earlier, __builtin_choose_expr() does not consider
|
||||
* __builtin_constant_p(variable) a constant expression.
|
||||
|
|
@ -598,7 +598,7 @@ int ruby_safe_level_4_warning(void) __attribute__((warning("$SAFE=4 is obsolete"
|
|||
__extension__(__builtin_constant_p(level) && \
|
||||
((level) < 0 || RUBY_SAFE_LEVEL_MAX < (level)))
|
||||
# define RUBY_SAFE_LEVEL_CHECK(level, type) \
|
||||
(RUBY_SAFE_LEVEL_INVALID_P(level) ? ruby_safe_level_4_##type() : (level))
|
||||
(RUBY_SAFE_LEVEL_INVALID_P(level) ? ruby_safe_level_3_##type() : (level))
|
||||
#endif
|
||||
#define rb_secure(level) rb_secure(RUBY_SAFE_LEVEL_CHECK(level, warning))
|
||||
#define rb_set_safe_level(level) rb_set_safe_level(RUBY_SAFE_LEVEL_CHECK(level, error))
|
||||
|
|
|
|||
2
object.c
2
object.c
|
|
@ -70,7 +70,6 @@ rb_obj_setup(VALUE obj, VALUE klass, VALUE type)
|
|||
{
|
||||
RBASIC(obj)->flags = type;
|
||||
RBASIC_SET_CLASS(obj, klass);
|
||||
if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT);
|
||||
return obj;
|
||||
}
|
||||
|
||||
|
|
@ -982,7 +981,6 @@ rb_obj_taint(VALUE obj)
|
|||
VALUE
|
||||
rb_obj_untaint(VALUE obj)
|
||||
{
|
||||
rb_secure(3);
|
||||
if (OBJ_TAINTED(obj)) {
|
||||
rb_check_frozen(obj);
|
||||
FL_UNSET(obj, FL_TAINT);
|
||||
|
|
|
|||
3
re.c
3
re.c
|
|
@ -1489,9 +1489,6 @@ rb_reg_search0(VALUE re, VALUE str, long pos, int reverse, int set_backref_str)
|
|||
if (err) rb_memerror();
|
||||
}
|
||||
else {
|
||||
if (rb_safe_level() >= 3)
|
||||
OBJ_TAINT(match);
|
||||
else
|
||||
FL_UNSET(match, FL_TAINT);
|
||||
}
|
||||
|
||||
|
|
|
|||
6
safe.c
6
safe.c
|
|
@ -25,7 +25,7 @@
|
|||
|
||||
#undef rb_secure
|
||||
#undef rb_set_safe_level
|
||||
#undef ruby_safe_level_4_warning
|
||||
#undef ruby_safe_level_3_warning
|
||||
|
||||
int
|
||||
ruby_safe_level_4_warning(void)
|
||||
|
|
@ -52,7 +52,7 @@ rb_set_safe_level(int level)
|
|||
|
||||
if (level > th->safe_level) {
|
||||
if (level > SAFE_LEVEL_MAX) {
|
||||
rb_raise(rb_eArgError, "$SAFE=4 is obsolete");
|
||||
rb_raise(rb_eArgError, "$SAFE=3 and 4 is obsolete");
|
||||
}
|
||||
th->safe_level = level;
|
||||
}
|
||||
|
|
@ -79,7 +79,7 @@ safe_setter(VALUE val)
|
|||
rb_warning("$SAFE=3 does no sandboxing");
|
||||
}
|
||||
if (level > SAFE_LEVEL_MAX) {
|
||||
rb_raise(rb_eArgError, "$SAFE=4 is obsolete");
|
||||
rb_raise(rb_eArgError, "$SAFE=3 and 4 is obsolete");
|
||||
}
|
||||
th->safe_level = level;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -90,13 +90,6 @@ class TestERBCore < Test::Unit::TestCase
|
|||
_test_core(0)
|
||||
_test_core(1)
|
||||
_test_core(2)
|
||||
orig = $VERBOSE
|
||||
begin
|
||||
$VERBOSE = false
|
||||
_test_core(3)
|
||||
ensure
|
||||
$VERBOSE = orig
|
||||
end
|
||||
end
|
||||
|
||||
def _test_core(safe)
|
||||
|
|
|
|||
|
|
@ -325,21 +325,4 @@ class TestDir < Test::Unit::TestCase
|
|||
end
|
||||
}
|
||||
end
|
||||
|
||||
def test_insecure_chdir
|
||||
assert_raise(SecurityError) do
|
||||
proc do
|
||||
$SAFE=3
|
||||
Dir.chdir("/")
|
||||
end.call
|
||||
end
|
||||
m = "\u{79fb 52d5}"
|
||||
d = Class.new(Dir) {singleton_class.class_eval {alias_method m, :chdir}}
|
||||
assert_raise_with_message(SecurityError, /#{m}/) do
|
||||
proc do
|
||||
$SAFE=3
|
||||
d.__send__(m, "/")
|
||||
end.call
|
||||
end
|
||||
end
|
||||
end
|
||||
|
|
|
|||
|
|
@ -409,12 +409,6 @@ class TestFile < Test::Unit::TestCase
|
|||
(0..1).each do |level|
|
||||
assert_nothing_raised(SecurityError, bug5374) {in_safe[level]}
|
||||
end
|
||||
def (s = Object.new).to_path; "".taint; end
|
||||
m = "\u{691c 67fb}"
|
||||
(c = Class.new(File)).singleton_class.class_eval {alias_method m, :stat}
|
||||
assert_raise_with_message(SecurityError, /#{m}/) {
|
||||
proc {$SAFE = 3; c.__send__(m, s)}.call
|
||||
}
|
||||
end
|
||||
|
||||
if /(bcc|ms|cyg)win|mingw|emx/ =~ RUBY_PLATFORM
|
||||
|
|
|
|||
|
|
@ -879,19 +879,6 @@ class TestMethod < Test::Unit::TestCase
|
|||
assert_equal n , rest_parameter(*(1..n)).size, '[Feature #10440]'
|
||||
end
|
||||
|
||||
def test_insecure_method
|
||||
m = "\u{5371 967a}"
|
||||
c = Class.new do
|
||||
proc {$SAFE=3;def foo;end}.call
|
||||
alias_method m, "foo"
|
||||
eval "def bar; #{m}; end"
|
||||
end
|
||||
obj = c.new
|
||||
assert_raise_with_message(SecurityError, /#{m}/) do
|
||||
obj.bar
|
||||
end
|
||||
end
|
||||
|
||||
class C
|
||||
D = "Const_D"
|
||||
def foo
|
||||
|
|
|
|||
|
|
@ -585,19 +585,6 @@ class TestRegexp < Test::Unit::TestCase
|
|||
assert_equal(3, "foobarbaz\u3042".rindex(/b../n, 5))
|
||||
end
|
||||
|
||||
def test_taint
|
||||
m = Thread.new do
|
||||
"foo"[/foo/]
|
||||
$SAFE = 3
|
||||
/foo/.match("foo")
|
||||
end.value
|
||||
assert_predicate(m, :tainted?)
|
||||
assert_nothing_raised('[ruby-core:26137]') {
|
||||
m = proc {$SAFE = 3; %r"#{ }"o}.call
|
||||
}
|
||||
assert_predicate(m, :tainted?)
|
||||
end
|
||||
|
||||
def assert_regexp(re, ss, fs = [], msg = nil)
|
||||
re = Regexp.new(re) unless re.is_a?(Regexp)
|
||||
ss = [ss] unless ss.is_a?(Array)
|
||||
|
|
|
|||
|
|
@ -389,14 +389,14 @@ class TestThread < Test::Unit::TestCase
|
|||
ok = false
|
||||
t = Thread.new do
|
||||
EnvUtil.suppress_warning do
|
||||
$SAFE = 3
|
||||
$SAFE = 1
|
||||
end
|
||||
ok = true
|
||||
sleep
|
||||
end
|
||||
Thread.pass until ok
|
||||
assert_equal(0, Thread.current.safe_level)
|
||||
assert_equal(3, t.safe_level)
|
||||
assert_equal(1, t.safe_level)
|
||||
|
||||
ensure
|
||||
t.kill if t
|
||||
|
|
|
|||
Loading…
Reference in a new issue