kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity
ruby--ruby/safe.c
ko1 c39bdb798d $SAFE as a process global state. [Feature #14250] 
* vm_core.h (rb_vm_t): move `rb_execution_context_t::safe_level` to
  `rb_vm_t::safe_level_` because `$SAFE` is a process (VM) global state.

* vm_core.h (rb_proc_t): remove `rb_proc_t::safe_level` because `Proc`
  objects don't need to keep `$SAFE` at the creation.
  Also make `is_from_method` and `is_lambda` as 1 bit fields.

* cont.c (cont_restore_thread): no need to keep `$SAFE` for Continuation.

* eval.c (ruby_cleanup): use `rb_set_safe_level_force()` instead of access
  `vm->safe_level_` directly.

* eval_jump.c: End procs `END{}` doesn't keep `$SAFE`.

* proc.c (proc_dup): removed and introduce `rb_proc_dup` in vm.c.

* safe.c (rb_set_safe_level): don't check `$SAFE` 1 -> 0 changes.

* safe.c (safe_setter): use `rb_set_safe_level()`.

* thread.c (rb_thread_safe_level): `Thread#safe_level` returns `$SAFE`.
  It should be obsolete.

* transcode.c (load_transcoder_entry): `rb_safe_level()` only returns
  0 or 1 so that this check is not needed.

* vm.c (vm_proc_create_from_captured): don't need to keep `$SAFE` for Proc.

* vm.c (rb_proc_create): renamed to `proc_create`.

* vm.c (rb_proc_dup): moved from proc.c.

* vm.c (vm_invoke_proc): do not need to set and restore `$SAFE`
  for `Proc#call`.

* vm_eval.c (rb_eval_cmd): rename a local variable to represent clearer
  meaning.

* lib/drb/drb.rb: restore `$SAFE`.

* lib/erb.rb: restore `$SAFE`, too.

* test/lib/leakchecker.rb: check `$SAFE == 0` at the end of tests.

* test/rubygems/test_gem.rb: do not set `$SAFE = 1`.

* bootstraptest/test_proc.rb: catch up this change.

* spec/ruby/optional/capi/string_spec.rb: ditto.

* test/bigdecimal/test_bigdecimal.rb: ditto.

* test/fiddle/test_func.rb: ditto.

* test/fiddle/test_handle.rb: ditto.

* test/net/imap/test_imap_response_parser.rb: ditto.

* test/pathname/test_pathname.rb: ditto.

* test/readline/test_readline.rb: ditto.

* test/ruby/test_file.rb: ditto.

* test/ruby/test_optimization.rb: ditto.

* test/ruby/test_proc.rb: ditto.

* test/ruby/test_require.rb: ditto.

* test/ruby/test_thread.rb: ditto.

* test/rubygems/test_gem_specification.rb: ditto.

* test/test_tempfile.rb: ditto.

* test/test_tmpdir.rb: ditto.

* test/win32ole/test_win32ole.rb: ditto.

* test/win32ole/test_win32ole_event.rb: ditto.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61510 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-12-28 20:09:24 +00:00

127 lines
2.2 KiB
C
Raw Blame History

/**********************************************************************
safe.c -
$Author$
created at: Tue Sep 23 09:44:32 JST 2008
Copyright (C) 2008 Yukihiro Matsumoto
**********************************************************************/
/* safe-level:
0 - strings from streams/environment/ARGV are tainted (default)
1 - no dangerous operation by tainted value
*/
#define SAFE_LEVEL_MAX RUBY_SAFE_LEVEL_MAX
#include "ruby/ruby.h"
#include "vm_core.h"
/* $SAFE accessor */
#undef rb_secure
#undef rb_set_safe_level
#undef ruby_safe_level_2_warning
int
ruby_safe_level_2_warning(void)
{
return 2;
}
int
rb_safe_level(void)
{
return GET_VM()->safe_level_;
}
void
rb_set_safe_level_force(int safe)
{
GET_VM()->safe_level_ = safe;
}
void
rb_set_safe_level(int level)
{
rb_vm_t *vm = GET_VM();
if (level > SAFE_LEVEL_MAX) {
rb_raise(rb_eArgError, "$SAFE=2 to 4 are obsolete");
}
else if (level < 0) {
rb_raise(rb_eArgError, "$SAFE should be >= 0");
}
else {
int line;
const char *path = rb_source_location_cstr(&line);
if (0) fprintf(stderr, "%s:%d $SAFE %d -> %d\n",
path ? path : "-", line, vm->safe_level_, level);
vm->safe_level_ = level;
}
}
static VALUE
safe_getter(void)
{
return INT2NUM(rb_safe_level());
}
static void
safe_setter(VALUE val)
{
int level = NUM2INT(val);
rb_set_safe_level(level);
}
void
rb_secure(int level)
{
if (level <= rb_safe_level()) {
ID caller_name = rb_frame_callee();
if (caller_name) {
rb_raise(rb_eSecurityError, "Insecure operation `%"PRIsVALUE"' at level %d",
rb_id2str(caller_name), rb_safe_level());
}
else {
rb_raise(rb_eSecurityError, "Insecure operation at level %d",
rb_safe_level());
}
}
}
void
rb_secure_update(VALUE obj)
{
}
void
rb_insecure_operation(void)
{
ID caller_name = rb_frame_callee();
if (caller_name) {
rb_raise(rb_eSecurityError, "Insecure operation - %"PRIsVALUE,
rb_id2str(caller_name));
}
else {
rb_raise(rb_eSecurityError, "Insecure operation: -r");
}
}
void
rb_check_safe_obj(VALUE x)
{
if (rb_safe_level() > 0 && OBJ_TAINTED(x)) {
rb_insecure_operation();
}
}
void
Init_safe(void)
{
rb_define_virtual_variable("$SAFE", safe_getter, safe_setter);
}
View git blame Copy permalink