mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* eval.c (rb_load, search_required, rb_require_safe, rb_require): use
frozen shared string to avoid outside modification. [ruby-dev:24580] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@7106 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
9c65d88c0e
commit
d0c2e3c7c9
3 changed files with 20 additions and 3 deletions
|
@ -1,3 +1,8 @@
|
||||||
|
Sun Oct 24 00:40:50 2004 Nobuyoshi Nakada <nobu@ruby-lang.org>
|
||||||
|
|
||||||
|
* eval.c (rb_load, search_required, rb_require_safe, rb_require): use
|
||||||
|
frozen shared string to avoid outside modification. [ruby-dev:24580]
|
||||||
|
|
||||||
Sat Oct 23 00:20:55 2004 Yukihiro Matsumoto <matz@ruby-lang.org>
|
Sat Oct 23 00:20:55 2004 Yukihiro Matsumoto <matz@ruby-lang.org>
|
||||||
|
|
||||||
* ext/zlib/zlib.c (zstream_append_input): clear klass for z->input
|
* ext/zlib/zlib.c (zstream_append_input): clear klass for z->input
|
||||||
|
|
10
eval.c
10
eval.c
|
@ -6438,6 +6438,7 @@ rb_load(fname, wrap)
|
||||||
|
|
||||||
if (!wrap) rb_secure(4);
|
if (!wrap) rb_secure(4);
|
||||||
FilePathValue(fname);
|
FilePathValue(fname);
|
||||||
|
fname = rb_str_new4(fname);
|
||||||
tmp = rb_find_file(fname);
|
tmp = rb_find_file(fname);
|
||||||
if (!tmp) {
|
if (!tmp) {
|
||||||
load_failed(fname);
|
load_failed(fname);
|
||||||
|
@ -6691,7 +6692,7 @@ search_required(fname, featurep, path)
|
||||||
char *ext, *ftptr;
|
char *ext, *ftptr;
|
||||||
int type;
|
int type;
|
||||||
|
|
||||||
*featurep = fname = rb_str_new4(fname);
|
*featurep = fname;
|
||||||
*path = 0;
|
*path = 0;
|
||||||
ext = strrchr(ftptr = RSTRING(fname)->ptr, '.');
|
ext = strrchr(ftptr = RSTRING(fname)->ptr, '.');
|
||||||
if (ext && !strchr(ext, '/')) {
|
if (ext && !strchr(ext, '/')) {
|
||||||
|
@ -6705,6 +6706,7 @@ search_required(fname, featurep, path)
|
||||||
tmp = rb_str_new(RSTRING(fname)->ptr, ext-RSTRING(fname)->ptr);
|
tmp = rb_str_new(RSTRING(fname)->ptr, ext-RSTRING(fname)->ptr);
|
||||||
*featurep = tmp;
|
*featurep = tmp;
|
||||||
#ifdef DLEXT2
|
#ifdef DLEXT2
|
||||||
|
OBJ_FREEZE(tmp);
|
||||||
if (rb_find_file_ext(&tmp, loadable_ext+1)) {
|
if (rb_find_file_ext(&tmp, loadable_ext+1)) {
|
||||||
*featurep = tmp;
|
*featurep = tmp;
|
||||||
*path = rb_find_file(tmp);
|
*path = rb_find_file(tmp);
|
||||||
|
@ -6712,6 +6714,7 @@ search_required(fname, featurep, path)
|
||||||
}
|
}
|
||||||
#else
|
#else
|
||||||
rb_str_cat2(tmp, DLEXT);
|
rb_str_cat2(tmp, DLEXT);
|
||||||
|
OBJ_FREEZE(tmp);
|
||||||
if (*path = rb_find_file(tmp)) {
|
if (*path = rb_find_file(tmp)) {
|
||||||
return 's';
|
return 's';
|
||||||
}
|
}
|
||||||
|
@ -6763,6 +6766,7 @@ rb_require_safe(fname, safe)
|
||||||
char *volatile ftptr = 0;
|
char *volatile ftptr = 0;
|
||||||
|
|
||||||
FilePathValue(fname);
|
FilePathValue(fname);
|
||||||
|
fname = rb_str_new4(fname);
|
||||||
saved.vmode = scope_vmode;
|
saved.vmode = scope_vmode;
|
||||||
saved.node = ruby_current_node;
|
saved.node = ruby_current_node;
|
||||||
saved.func = ruby_frame->last_func;
|
saved.func = ruby_frame->last_func;
|
||||||
|
@ -6832,7 +6836,9 @@ VALUE
|
||||||
rb_require(fname)
|
rb_require(fname)
|
||||||
const char *fname;
|
const char *fname;
|
||||||
{
|
{
|
||||||
return rb_require_safe(rb_str_new2(fname), ruby_safe_level);
|
VALUE fn = rb_str_new2(fname);
|
||||||
|
OBJ_FREEZE(fn);
|
||||||
|
return rb_require_safe(fn, ruby_safe_level);
|
||||||
}
|
}
|
||||||
|
|
||||||
static void
|
static void
|
||||||
|
|
8
file.c
8
file.c
|
@ -4104,6 +4104,7 @@ rb_find_file_ext(filep, ext)
|
||||||
if (rb_safe_level() >= 2 && OBJ_TAINTED(fname)) {
|
if (rb_safe_level() >= 2 && OBJ_TAINTED(fname)) {
|
||||||
rb_raise(rb_eSecurityError, "loading from unsafe file %s", f);
|
rb_raise(rb_eSecurityError, "loading from unsafe file %s", f);
|
||||||
}
|
}
|
||||||
|
OBJ_FREEZE(fname);
|
||||||
f = StringValueCStr(fname);
|
f = StringValueCStr(fname);
|
||||||
*filep = fname;
|
*filep = fname;
|
||||||
}
|
}
|
||||||
|
@ -4112,6 +4113,7 @@ rb_find_file_ext(filep, ext)
|
||||||
for (i=0; ext[i]; i++) {
|
for (i=0; ext[i]; i++) {
|
||||||
fname = rb_str_dup(*filep);
|
fname = rb_str_dup(*filep);
|
||||||
rb_str_cat2(fname, ext[i]);
|
rb_str_cat2(fname, ext[i]);
|
||||||
|
OBJ_FREEZE(fname);
|
||||||
if (file_load_ok(StringValueCStr(fname))) {
|
if (file_load_ok(StringValueCStr(fname))) {
|
||||||
*filep = fname;
|
*filep = fname;
|
||||||
return i+1;
|
return i+1;
|
||||||
|
@ -4132,6 +4134,7 @@ rb_find_file_ext(filep, ext)
|
||||||
for (j=0; ext[j]; j++) {
|
for (j=0; ext[j]; j++) {
|
||||||
fname = rb_str_dup(*filep);
|
fname = rb_str_dup(*filep);
|
||||||
rb_str_cat2(fname, ext[j]);
|
rb_str_cat2(fname, ext[j]);
|
||||||
|
OBJ_FREEZE(fname);
|
||||||
found = dln_find_file(StringValueCStr(fname), path);
|
found = dln_find_file(StringValueCStr(fname), path);
|
||||||
if (found && file_load_ok(found)) {
|
if (found && file_load_ok(found)) {
|
||||||
*filep = fname;
|
*filep = fname;
|
||||||
|
@ -4155,6 +4158,7 @@ rb_find_file(path)
|
||||||
if (rb_safe_level() >= 1 && OBJ_TAINTED(path)) {
|
if (rb_safe_level() >= 1 && OBJ_TAINTED(path)) {
|
||||||
rb_raise(rb_eSecurityError, "loading from unsafe path %s", f);
|
rb_raise(rb_eSecurityError, "loading from unsafe path %s", f);
|
||||||
}
|
}
|
||||||
|
OBJ_FREEZE(path);
|
||||||
f = StringValueCStr(path);
|
f = StringValueCStr(path);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -4213,7 +4217,9 @@ rb_find_file(path)
|
||||||
rb_raise(rb_eSecurityError, "loading from unsafe file %s", f);
|
rb_raise(rb_eSecurityError, "loading from unsafe file %s", f);
|
||||||
}
|
}
|
||||||
if (file_load_ok(f)) {
|
if (file_load_ok(f)) {
|
||||||
return rb_str_new2(f);
|
tmp = rb_str_new2(f);
|
||||||
|
OBJ_FREEZE(tmp);
|
||||||
|
return tmp;
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue