* st.c: primes should be primes.

* eval.c (is_defined): method defined? check should honor protected too. * eval.c (block_pass): should not pass tainted block, if $SAFE > 0. * variable.c (rb_mod_remove_cvar): should pass the char*. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1996 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2022-11-09 12:17:21 -05:00 · 2002-01-16 09:25:59 +00:00 · 2002-01-16 09:25:59 +00:00 · c0a636b6f9
commit c0a636b6f9
parent 17e1cfef8c
7 changed files with 76 additions and 29 deletions
--- a/17
+++ b/17
@ -1,3 +1,7 @@
+Wed Jan 16 18:25:08 2002  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* st.c: primes should be primes.
+
 Wed Jan 16 12:29:14 2002  Tanaka Akira  <akr@m17n.org>

 	* lib/timeout.rb (timeout): new optional argument to specify an
@ -15,6 +19,19 @@ Wed Jan 16 11:12:30 2002  Nobuyoshi Nakada  <nobu.nakada@nifty.ne.jp>
 	* class.c (rb_class_inherited): should use Object when no super
 	  class.

+Tue Jan 15 01:11:44 2002  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* eval.c (is_defined): method defined? check should honor
+	  protected too.
+
+Mon Jan 14 13:06:02 2002  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* eval.c (block_pass): should not pass tainted block, if $SAFE > 0.
+
+Sun Jan 13 09:31:41 2002  Koji Arai  <jca02266@nifty.ne.jp>
+
+	* variable.c (rb_mod_remove_cvar): should pass the char*.
+
 Fri Jan 11 05:06:25 2002  Nobuyoshi Nakada  <nobu.nakada@nifty.ne.jp>

 	* class.c (rb_make_metaclass): [new]
--- a/eval.c
+++ b/eval.c
@ -1801,7 +1801,23 @@ is_defined(self, node, buf)
 	    return 0;
 	}
      check_bound:
-	if (rb_method_boundp(val, node->nd_mid, nd_type(node)== NODE_CALL)) {
+	{
+	    int call = nd_type(node)== NODE_CALL;
+	    if (call) {
+		int noex;
+		ID id = node->nd_mid;
+
+		if (!rb_get_method_body(&val, &id, &noex))
+		    break;
+		if ((noex & NOEX_PRIVATE))
+		    break;
+		if ((noex & NOEX_PROTECTED) &&
+		    !rb_obj_is_kind_of(self, rb_class_real(val)))
+		    break;
+		}
+	    }
+	    else if (!rb_method_boundp(val, node->nd_mid, call))
+		break;
 	    return arg_defined(self, node->nd_args, buf, "method");
 	}
 	break;
@ -4634,10 +4650,7 @@ rb_call(klass, recv, mid, argc, argv, scope)

 	/* self must be kind of a specified form for private method */
 	if ((noex & NOEX_PROTECTED)) {
-	    VALUE defined_class = klass;
-	    while (TYPE(defined_class) == T_ICLASS)
-		defined_class = RBASIC(defined_class)->klass;
-	    if (!rb_obj_is_kind_of(ruby_frame->self, defined_class))
+	    if (!rb_obj_is_kind_of(ruby_frame->self, rb_class_real(klass)))
 		return rb_undefined(recv, mid, argc, argv, CSTAT_PROT);
 	}
    }
@ -6564,6 +6577,10 @@ block_pass(self, node)
 		 rb_class2name(CLASS_OF(block)));
    }

+    if (rb_safe_level() >= 1 && OBJ_TAINTED(block)) {
+	rb_raise(rb_eSecurityError, "Insecure: tainted block value");
+    }
+
    Data_Get_Struct(block, struct BLOCK, data);
    orphan = blk_orphan(data);

--- a/ext/digest/defs.h
+++ b/ext/digest/defs.h
@ -10,7 +10,8 @@

 #if defined(HAVE_SYS_CDEFS_H)
 # include <sys/cdefs.h>
-#else
+#endif
+#if !defined(__BEGIN_DECLS)
 # define __BEGIN_DECLS
 # define __END_DECLS
 #endif
--- a/parse.y
+++ b/parse.y
@ -4278,9 +4278,7 @@ gettable(id)
 	return NEW_FALSE();
    }
    else if (id == k__FILE__) {
-	VALUE f = rb_str_new2(ruby_sourcefile);
-	OBJ_FREEZE(f);
-	return NEW_LIT(f);
+	return NEW_STR(rb_str_new2(ruby_sourcefile));
    }
    else if (id == k__LINE__) {
 	return NEW_LIT(INT2FIX(ruby_sourceline));
--- a/sample/test.rb
+++ b/sample/test.rb
@ -1313,17 +1313,31 @@ test_ok(defined?($x) == 'global-variable')# returns description
 foo=5
 test_ok(defined?(foo))		# local variable

-test_ok(defined?(Array))		# constant
+test_ok(defined?(Array))	# constant
 test_ok(defined?(Object.new))	# method
-test_ok(!defined?(Object.print))	# private method
-test_ok(defined?(1 == 2))		# operator expression
+test_ok(!defined?(Object.print))# private method
+test_ok(defined?(1 == 2))	# operator expression
+
+class Foo
+  def foo
+    p :foo
+  end
+  protected :foo
+  def bar(f)
+    test_ok(defined?(self.foo))
+    test_ok(defined?(f.foo))
+  end
+end
+f = Foo.new
+test_ok(defined?(f.foo) == nil)
+f.bar(f)

 def defined_test
  return !defined?(yield)
 end

 test_ok(defined_test)		# not iterator
-test_ok(!defined_test{})		# called as iterator
+test_ok(!defined_test{})	# called as iterator

 test_check "alias"
 class Alias0
--- a/st.c
+++ b/st.c
@ -86,25 +86,25 @@ static long primes[] = {
 	512 + 9,
 	1024 + 9,
 	2048 + 5,
-	4096 + 83,
+	4096 + 3,
 	8192 + 27,
 	16384 + 43,
 	32768 + 3,
 	65536 + 45,
-	131072 + 9,
-	262144 + 39,
-	524288 + 39,
-	1048576 + 9,
-	2097152 + 5,
-	4194304 + 3,
-	8388608 + 33,
-	16777216 + 27,
-	33554432 + 9,
-	67108864 + 71,
-	134217728 + 39,
-	268435456 + 9,
-	536870912 + 5,
-	1073741824 + 83,
+	131072 + 29,
+	262144 + 3,
+	524288 + 21,
+	1048576 + 7,
+	2097152 + 17,
+	4194304 + 15,
+	8388608 + 9,
+	16777216 + 43,
+	33554432 + 35,
+	67108864 + 15,
+	134217728 + 29,
+	268435456 + 3,
+	536870912 + 11,
+	1073741824 + 85,
 	0
 };

--- a/variable.c
+++ b/variable.c
@ -1631,7 +1631,7 @@ rb_mod_remove_cvar(mod, name)
    VALUE val;

    if (!rb_is_class_id(id)) {
-	rb_name_error(id, "wrong class variable name %s", name);
+	rb_name_error(id, "wrong class variable name %s", rb_id2name(id));
    }
    if (!OBJ_TAINTED(mod) && rb_safe_level() >= 4)
 	rb_raise(rb_eSecurityError, "Insecure: can't remove class variable");