diff options
author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2000-11-10 07:16:52 +0000 |
---|---|---|
committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2000-11-10 07:16:52 +0000 |
commit | 087c83d7ceed6893afff93066937fb570ae4a115 (patch) | |
tree | b138eb4084c1c032e6eb11d78300976dbc0f6f72 | |
parent | 13f2744b2e8ac8cc3e727051b2d200fa225a733a (diff) |
matz
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1033 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 12 | ||||
-rw-r--r-- | io.c | 9 | ||||
-rw-r--r-- | parse.y | 4 | ||||
-rw-r--r-- | regex.c | 1 | ||||
-rw-r--r-- | rubyio.h | 4 | ||||
-rw-r--r-- | version.h | 4 |
6 files changed, 29 insertions, 5 deletions
@@ -1,3 +1,15 @@ +Fri Nov 10 16:15:53 2000 Yukihiro Matsumoto <matz@ruby-lang.org> + + * parse.y (yylex): eval("^") caused infinite loop. + +Thu Nov 9 14:22:13 2000 Yukihiro Matsumoto <matz@ruby-lang.org> + + * io.c (rb_io_taint_check): should check IO taintness; no + operation for untainted IO should be allowed in the sandbox. + + * rubyio.h (GetOpenFile): check IO taintness inside using + rb_io_taint_check(). + Wed Nov 8 03:08:53 2000 Yukihiro Matsumoto <matz@ruby-lang.org> * io.c (io_fflush): ensure fflush(3) would not block by calling @@ -143,6 +143,15 @@ rb_eof_error() rb_raise(rb_eEOFError, "End of file reached"); } +VALUE +rb_io_taint_check(io) + VALUE io; +{ + if (!OBJ_TAINTED(io) && rb_safe_level() >= 4) + rb_raise(rb_eSecurityError, "Insecure: operation on untainted IO"); + return io; +} + void rb_io_check_closed(fptr) OpenFile *fptr; @@ -3280,12 +3280,12 @@ yylex() case '^': lex_state = EXPR_BEG; - if (nextc() == '=') { + if ((c = nextc()) == '=') { yylval.id = '^'; return tOP_ASGN; } pushback(c); - return c; + return '^'; case ',': case ';': @@ -3766,6 +3766,7 @@ re_match(bufp, string_arg, size, pos, regs) case start_nowidth: PUSH_FAILURE_POINT(0, d); + printf("%d > %d\n", stackp - stackb, RE_DUP_MAX); if (stackp - stackb > RE_DUP_MAX) { FREE_AND_RETURN(stackb,(-2)); } @@ -32,7 +32,7 @@ typedef struct OpenFile { #define FMODE_BINMODE 4 #define FMODE_SYNC 8 -#define GetOpenFile(obj,fp) rb_io_check_closed((fp) = RFILE(obj)->fptr) +#define GetOpenFile(obj,fp) rb_io_check_closed((fp) = RFILE(rb_io_taint_check(obj))->fptr) #define MakeOpenFile(obj, fp) do {\ fp = 0;\ @@ -57,6 +57,8 @@ void rb_io_check_readable _((OpenFile*)); void rb_io_fptr_finalize _((OpenFile*)); void rb_io_synchronized _((OpenFile*)); void rb_io_check_closed _((OpenFile*)); + +VALUE rb_io_taint_check _((VALUE)); void rb_eof_error _((void)); void rb_read_check _((FILE*)); @@ -1,4 +1,4 @@ #define RUBY_VERSION "1.6.2" -#define RUBY_RELEASE_DATE "2000-11-08" +#define RUBY_RELEASE_DATE "2000-11-10" #define RUBY_VERSION_CODE 162 -#define RUBY_RELEASE_CODE 20001108 +#define RUBY_RELEASE_CODE 20001110 |