diff options
author | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-09-07 05:28:26 +0000 |
---|---|---|
committer | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2007-09-07 05:28:26 +0000 |
commit | 2a7539afe7a6ab50697ed6fa24e3d70fb452f08f (patch) | |
tree | 92d6a217ff2bd95f059fb6e219db4ce86c656539 | |
parent | a209dd2f60e641d1dc78997dfc47852685e22cc3 (diff) |
* eval.c (mnew): should preserve noex as safe_level.
* eval.c (rb_call0): tighten security check condition..
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13369 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | eval.c | 4 | ||||
-rw-r--r-- | version.h | 2 |
3 files changed, 9 insertions, 3 deletions
@@ -1,3 +1,9 @@ +Fri Sep 7 14:27:33 2007 Yukihiro Matsumoto <matz@ruby-lang.org> + + * eval.c (mnew): should preserve noex as safe_level. + + * eval.c (rb_call0): tighten security check condition.. + Fri Sep 7 14:19:16 2007 Nobuyoshi Nakada <nobu@ruby-lang.org> * configure.in (group_member): check if presents. @@ -5743,7 +5743,7 @@ rb_call0(klass, recv, id, oid, argc, argv, body, flags) volatile int safe = -1; if (NOEX_SAFE(flags) > ruby_safe_level && - !(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) { + ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) { rb_raise(rb_eSecurityError, "calling insecure method: %s", rb_id2name(id)); } @@ -8912,7 +8912,7 @@ mnew(klass, obj, id, mklass) data->body = body; data->rklass = rklass; data->oid = oid; - data->safe_level = NOEX_WITH_SAFE(0); + data->safe_level = NOEX_WITH_SAFE(noex); OBJ_INFECT(method, klass); return method; @@ -2,7 +2,7 @@ #define RUBY_RELEASE_DATE "2007-09-07" #define RUBY_VERSION_CODE 185 #define RUBY_RELEASE_CODE 20070907 -#define RUBY_PATCHLEVEL 104 +#define RUBY_PATCHLEVEL 105 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 8 |