mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
* file.c (path_check_1): should check directory sticky bits.
* process.c (security): need not to warn twice. * marshal.c (r_object): complete restoration before calling r_regist(). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@2092 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
87bf8b1dc3
commit
e60deb1555
4 changed files with 21 additions and 11 deletions
|
@ -1,3 +1,12 @@
|
|||
Tue Feb 19 14:45:32 2002 Yukihiro Matsumoto <matz@ruby-lang.org>
|
||||
|
||||
* file.c (path_check_1): should check directory sticky bits.
|
||||
|
||||
* process.c (security): need not to warn twice.
|
||||
|
||||
* marshal.c (r_object): complete restoration before calling
|
||||
r_regist().
|
||||
|
||||
Tue Feb 19 14:24:36 2002 Yukihiro Matsumoto <matz@ruby-lang.org>
|
||||
|
||||
* parse.y (yylex): operators in the "op" rule should make
|
||||
|
|
9
file.c
9
file.c
|
@ -2304,7 +2304,14 @@ path_check_1(path)
|
|||
return path_check_1(newpath);
|
||||
}
|
||||
for (;;) {
|
||||
if (stat(p0, &st) == 0 && (st.st_mode & 002)) {
|
||||
#ifndef S_IWOTH
|
||||
# define S_IWOTH 002
|
||||
#endif
|
||||
if (stat(p0, &st) == 0 && S_ISDIR(st->st_mode) && (st.st_mode & S_IWOTH)
|
||||
#ifdef S_ISVTX
|
||||
&& !(st.st_mode & S_ISVTX)
|
||||
#endif
|
||||
) {
|
||||
if (p) *p = '/';
|
||||
rb_warn("Unsecure world writeable dir %s , mode 0%o", p0, st.st_mode);
|
||||
return 0;
|
||||
|
|
11
marshal.c
11
marshal.c
|
@ -927,11 +927,10 @@ r_object(arg)
|
|||
volatile long len = r_long(arg); /* gcc 2.7.2.3 -O2 bug?? */
|
||||
|
||||
v = rb_ary_new2(len);
|
||||
r_regist(v, arg);
|
||||
while (len--) {
|
||||
rb_ary_push(v, r_object(arg));
|
||||
}
|
||||
return v;
|
||||
return r_regist(v, arg);;
|
||||
}
|
||||
|
||||
case TYPE_HASH:
|
||||
|
@ -940,7 +939,6 @@ r_object(arg)
|
|||
long len = r_long(arg);
|
||||
|
||||
v = rb_hash_new();
|
||||
r_regist(v, arg);
|
||||
while (len--) {
|
||||
VALUE key = r_object(arg);
|
||||
VALUE value = r_object(arg);
|
||||
|
@ -949,7 +947,7 @@ r_object(arg)
|
|||
if (type == TYPE_HASH_DEF) {
|
||||
RHASH(v)->ifnone = r_object(arg);
|
||||
}
|
||||
return v;
|
||||
return r_regist(v, arg);
|
||||
}
|
||||
|
||||
case TYPE_STRUCT:
|
||||
|
@ -971,7 +969,6 @@ r_object(arg)
|
|||
rb_ary_push(values, Qnil);
|
||||
}
|
||||
v = rb_struct_alloc(klass, values);
|
||||
r_regist(v, arg);
|
||||
for (i=0; i<len; i++) {
|
||||
slot = r_symbol(arg);
|
||||
|
||||
|
@ -983,6 +980,7 @@ r_object(arg)
|
|||
}
|
||||
rb_struct_aset(v, INT2FIX(i), r_object(arg));
|
||||
}
|
||||
r_regist(v, arg);
|
||||
return v;
|
||||
}
|
||||
break;
|
||||
|
@ -1010,9 +1008,8 @@ r_object(arg)
|
|||
if (TYPE(v) != T_OBJECT) {
|
||||
rb_raise(rb_eArgError, "dump format error");
|
||||
}
|
||||
r_regist(v, arg);
|
||||
r_ivar(v, arg);
|
||||
return v;
|
||||
return r_regist(v, arg);
|
||||
}
|
||||
break;
|
||||
|
||||
|
|
|
@ -431,9 +431,6 @@ security(str)
|
|||
if (rb_safe_level() > 0) {
|
||||
rb_raise(rb_eSecurityError, "Insecure PATH - %s", str);
|
||||
}
|
||||
else {
|
||||
rb_warn("Insecure PATH - %s", str);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in a new issue