kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

* file.c (path_check_1): should check directory sticky bits.

Browse source 
* process.c (security): need not to warn twice.

* marshal.c (r_object): complete restoration before calling
  r_regist().


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@2092 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
matz 2002-02-19 06:43:58 +00:00
parent 87bf8b1dc3
commit e60deb1555
4 changed files with 21 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
ChangeLog
View file

@ -1,3 +1,12 @@
Tue Feb 19 14:45:32 2002 Yukihiro Matsumoto <matz@ruby-lang.org>
* file.c (path_check_1): should check directory sticky bits.
* process.c (security): need not to warn twice.
* marshal.c (r_object): complete restoration before calling
r_regist().
Tue Feb 19 14:24:36 2002 Yukihiro Matsumoto <matz@ruby-lang.org> Tue Feb 19 14:24:36 2002 Yukihiro Matsumoto <matz@ruby-lang.org>
* parse.y (yylex): operators in the "op" rule should make * parse.y (yylex): operators in the "op" rule should make

9
file.c
View file

@ -2304,7 +2304,14 @@ path_check_1(path)
return path_check_1(newpath); return path_check_1(newpath);
} }
for (;;) { for (;;) {
if (stat(p0, &st) == 0 && (st.st_mode & 002)) { #ifndef S_IWOTH
# define S_IWOTH 002
#endif
if (stat(p0, &st) == 0 && S_ISDIR(st->st_mode) && (st.st_mode & S_IWOTH)
#ifdef S_ISVTX
&& !(st.st_mode & S_ISVTX)
#endif
) {
if (p) *p = '/'; if (p) *p = '/';
rb_warn("Unsecure world writeable dir %s , mode 0%o", p0, st.st_mode); rb_warn("Unsecure world writeable dir %s , mode 0%o", p0, st.st_mode);
return 0; return 0;

11
marshal.c
View file

@ -927,11 +927,10 @@ r_object(arg)
volatile long len = r_long(arg); /* gcc 2.7.2.3 -O2 bug?? */ volatile long len = r_long(arg); /* gcc 2.7.2.3 -O2 bug?? */
v = rb_ary_new2(len); v = rb_ary_new2(len);
r_regist(v, arg);
while (len--) { while (len--) {
rb_ary_push(v, r_object(arg)); rb_ary_push(v, r_object(arg));
} }
return v; return r_regist(v, arg);;
} }
case TYPE_HASH: case TYPE_HASH:
@ -940,7 +939,6 @@ r_object(arg)
long len = r_long(arg); long len = r_long(arg);
v = rb_hash_new(); v = rb_hash_new();
r_regist(v, arg);
while (len--) { while (len--) {
VALUE key = r_object(arg); VALUE key = r_object(arg);
VALUE value = r_object(arg); VALUE value = r_object(arg);
@ -949,7 +947,7 @@ r_object(arg)
if (type == TYPE_HASH_DEF) { if (type == TYPE_HASH_DEF) {
RHASH(v)->ifnone = r_object(arg); RHASH(v)->ifnone = r_object(arg);
} }
return v; return r_regist(v, arg);
} }
case TYPE_STRUCT: case TYPE_STRUCT:
@ -971,7 +969,6 @@ r_object(arg)
rb_ary_push(values, Qnil); rb_ary_push(values, Qnil);
} }
v = rb_struct_alloc(klass, values); v = rb_struct_alloc(klass, values);
r_regist(v, arg);
for (i=0; i<len; i++) { for (i=0; i<len; i++) {
slot = r_symbol(arg); slot = r_symbol(arg);
@ -983,6 +980,7 @@ r_object(arg)
} }
rb_struct_aset(v, INT2FIX(i), r_object(arg)); rb_struct_aset(v, INT2FIX(i), r_object(arg));
} }
r_regist(v, arg);
return v; return v;
} }
break; break;
@ -1010,9 +1008,8 @@ r_object(arg)
if (TYPE(v) != T_OBJECT) { if (TYPE(v) != T_OBJECT) {
rb_raise(rb_eArgError, "dump format error"); rb_raise(rb_eArgError, "dump format error");
} }
r_regist(v, arg);
r_ivar(v, arg); r_ivar(v, arg);
return v; return r_regist(v, arg);
} }
break; break;

3
process.c
View file

@ -431,9 +431,6 @@ security(str)
if (rb_safe_level() > 0) { if (rb_safe_level() > 0) {
rb_raise(rb_eSecurityError, "Insecure PATH - %s", str); rb_raise(rb_eSecurityError, "Insecure PATH - %s", str);
} }
else {
rb_warn("Insecure PATH - %s", str);
}
} }
} }