* eval.c (rb_add_method): preserve safe level in the environment

where a method is defined . * eval.c (rb_call0): restore preserved safe level in the method execution. * parse.y (lambda): need separate block variable stack manipulation and lpar_beg maintenance. based on a patch found in [ruby-core:05551] from Mauricio Fernandez <mfp@acm.org>. * parse.y (parser_yylex): adjust lpar_beg after tLAMBEG and kDO_LAMBDA. [ruby-core:05551] * parse.y (yycompile): remove unreachable code. [yarv-dev:570] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@8994 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2005-08-16 15:24:15 +0000
committer: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2005-08-16 15:24:15 +0000
commit: 17957e0dfca25957556bdccd3590be9b9dee5923 (patch)
tree: b85cb6965607683d81965135886dbff708911b3c /eval.c
parent: e6a104131a39fd051c1a5ab7111dc67b266a1851 (diff)
1 files changed, 21 insertions, 24 deletions
diff --git a/eval.c b/eval.c
index 1bfed955b7..3197412bca 100644
--- a/eval.c
+++ b/eval.c
@@ -377,6 +377,9 @@ static ID init, eqq, each, aref, aset, match, missing;
 static ID added, singleton_added;
 static ID __id__, __send__, respond_to;
 
+#define NOEX_WITH_SAFE(n) ((n) | ruby_safe_level << 4)
+#define NOEX_SAFE(n) ((n) >> 4)
+
 void
 rb_add_method(klass, mid, node, noex)
     VALUE klass;
@@ -403,7 +406,7 @@ rb_add_method(klass, mid, node, noex)
     }
     if (OBJ_FROZEN(klass)) rb_error_frozen("class/module");
     rb_clear_cache_by_id(mid);
-    body = NEW_METHOD(node, noex);
+    body = NEW_METHOD(node, NOEX_WITH_SAFE(noex));
     st_insert(RCLASS(klass)->m_tbl, mid, (st_data_t)body);
     if (node && mid != ID_ALLOCATOR && ruby_running) {
 	if (FL_TEST(klass, FL_SINGLETON)) {
@@ -5796,20 +5799,21 @@ formal_assign(recv, node, argc, argv, local_vars)
 }
 
 static VALUE
-rb_call0(klass, recv, id, oid, argc, argv, body, nosuper)
+rb_call0(klass, recv, id, oid, argc, argv, body, flags)
     VALUE klass, recv;
     ID    id;
     ID    oid;
     int argc;			/* OK */
     VALUE *argv;		/* OK */
     NODE * volatile body;
-    int nosuper;
+    int flags;
 {
     NODE *b2;		/* OK */
     volatile VALUE result = Qnil;
     int itr;
     static int tick;
     volatile VALUE args;
+    volatile int safe = -1;
     TMP_PROTECT;
 
     switch (ruby_iter->iter) {
@@ -5838,7 +5842,7 @@ rb_call0(klass, recv, id, oid, argc, argv, body, nosuper)
     PUSH_FRAME();
     ruby_frame->callee = id;
     ruby_frame->this_func = oid;
-    ruby_frame->this_class = nosuper?0:klass;
+    ruby_frame->this_class = (flags & NOEX_NOSUPER)?0:klass;
     ruby_frame->self = recv;
     ruby_frame->argc = argc;
 
@@ -5902,7 +5906,6 @@ rb_call0(klass, recv, id, oid, argc, argv, body, nosuper)
 	    NODE *saved_cref = 0;
 
 	    PUSH_SCOPE();
-
 	    if (body->nd_rval) {
 		saved_cref = ruby_cref;
 		ruby_cref = (NODE*)body->nd_rval;
@@ -5923,7 +5926,10 @@ rb_call0(klass, recv, id, oid, argc, argv, body, nosuper)
 
 	    PUSH_VARS();
 	    PUSH_TAG(PROT_FUNC);
-
+	    if (NOEX_SAFE(flags) > ruby_safe_level) {
+		safe = ruby_safe_level;
+		ruby_safe_level = NOEX_SAFE(flags);
+	    }
 	    if ((state = EXEC_TAG()) == 0) {
 		NODE *node = 0;
 
@@ -5953,6 +5959,7 @@ rb_call0(klass, recv, id, oid, argc, argv, body, nosuper)
 	    POP_CLASS();
 	    POP_SCOPE();
 	    ruby_cref = saved_cref;
+	    if (safe > 0) ruby_safe_level = safe;
 	    if (event_hooks) {
 		EXEC_EVENT_HOOK(RUBY_EVENT_RETURN, body, recv, id, klass);
 	    }
@@ -6035,7 +6042,7 @@ rb_call(klass, recv, mid, argc, argv, scope)
 	}
     }
 
-    return rb_call0(klass, recv, mid, id, argc, argv, body, noex & NOEX_NOSUPER);
+    return rb_call0(klass, recv, mid, id, argc, argv, body, noex);
 }
 
 VALUE
@@ -8825,10 +8832,9 @@ rb_block_pass(func, arg, proc)
 	proc = b;
     }
 
-    if (ruby_safe_level >= 1 && OBJ_TAINTED(proc)) {
-	if (ruby_safe_level > proc_get_safe_level(proc)) {
-	    rb_raise(rb_eSecurityError, "Insecure: tainted block value");
-	}
+    if (ruby_safe_level >= 1 && OBJ_TAINTED(proc) &&
+	ruby_safe_level > proc_get_safe_level(proc)) {
+	rb_raise(rb_eSecurityError, "Insecure: tainted block value");
     }
 
     if (ruby_block && ruby_block->block_obj == proc) {
@@ -8914,6 +8920,7 @@ struct METHOD {
     VALUE klass, rklass;
     VALUE recv;
     ID id, oid;
+    int safe_level;
     NODE *body;
 };
 
@@ -8961,6 +8968,7 @@ mnew(klass, obj, id, mklass)
     data->body = body;
     data->rklass = rklass;
     data->oid = oid;
+    data->safe_level = NOEX_WITH_SAFE(0);
     OBJ_INFECT(method, klass);
 
     return method;
@@ -9189,26 +9197,15 @@ rb_method_call(argc, argv, method)
 {
     VALUE result = Qnil;	/* OK */
     struct METHOD *data;
-    int state;
-    volatile int safe = -1;
 
     Data_Get_Struct(method, struct METHOD, data);
     if (data->recv == Qundef) {
 	rb_raise(rb_eTypeError, "can't call unbound method; bind first");
     }
     PUSH_ITER(rb_block_given_p()?ITER_PRE:ITER_NOT);
-    PUSH_TAG(PROT_NONE);
-    if (OBJ_TAINTED(method)) {
-	safe = ruby_safe_level;
-	if (ruby_safe_level < 4) ruby_safe_level = 4;
-    }
-    if ((state = EXEC_TAG()) == 0) {
-	result = rb_call0(data->klass,data->recv,data->id,data->oid,argc,argv,data->body,0);
-    }
-    POP_TAG();
+    result = rb_call0(data->klass,data->recv,data->id,data->oid,argc,argv,data->body,
+		      data->safe_level);
     POP_ITER();
-    if (safe >= 0) ruby_safe_level = safe;
-    if (state) JUMP_TAG(state);
     return result;
 }
author	matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2005-08-16 15:24:15 +0000
committer	matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2005-08-16 15:24:15 +0000
commit	17957e0dfca25957556bdccd3590be9b9dee5923 (patch)
tree	b85cb6965607683d81965135886dbff708911b3c /eval.c
parent	e6a104131a39fd051c1a5ab7111dc67b266a1851 (diff)