summaryrefslogtreecommitdiff
path: root/eval.c
diff options
context:
space:
mode:
authormatz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2001-02-19 07:03:06 +0000
committermatz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2001-02-19 07:03:06 +0000
commit3ae4fd7258fe518327a0ceb69c292eddbabfb995 (patch)
tree35ca43544604467644f99ad0376fef8a4c4dc1e0 /eval.c
parentd63d8012f46d6a8ede9145db48be830cc114ad62 (diff)
* eval.c (secure_visibility): visibility check for untainted modules.
* signal.c (sigpipe): sighandler which does nothing. * signal.c (trap): set sigpipe function for SIGPIPE. * signal.c (Init_signal): default SIGPIPE handler should be sigpipe function. * array.c (rb_ary_subseq): wrong boundary check. * parse.y (cond0): integer literal in condition should not be compared to lineno ($.). git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1199 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'eval.c')
-rw-r--r--eval.c14
1 files changed, 14 insertions, 0 deletions
diff --git a/eval.c b/eval.c
index 0323c9f..fc46baa 100644
--- a/eval.c
+++ b/eval.c
@@ -5427,6 +5427,15 @@ rb_require(fname)
}
static void
+secure_visibility(self)
+ VALUE self;
+{
+ if (rb_safe_level() >= 4 && !OBJ_TAINTED(self)) {
+ rb_raise(rb_eSecurityError, "Insecure: can't change method visibility");
+ }
+}
+
+static void
set_method_visibility(self, argc, argv, ex)
VALUE self;
int argc;
@@ -5435,6 +5444,7 @@ set_method_visibility(self, argc, argv, ex)
{
int i;
+ secure_visibility(self);
for (i=0; i<argc; i++) {
rb_export_method(self, rb_to_id(argv[i]), ex);
}
@@ -5446,6 +5456,7 @@ rb_mod_public(argc, argv, module)
VALUE *argv;
VALUE module;
{
+ secure_visibility(module);
if (argc == 0) {
SCOPE_SET(SCOPE_PUBLIC);
}
@@ -5461,6 +5472,7 @@ rb_mod_protected(argc, argv, module)
VALUE *argv;
VALUE module;
{
+ secure_visibility(module);
if (argc == 0) {
SCOPE_SET(SCOPE_PROTECTED);
}
@@ -5476,6 +5488,7 @@ rb_mod_private(argc, argv, module)
VALUE *argv;
VALUE module;
{
+ secure_visibility(module);
if (argc == 0) {
SCOPE_SET(SCOPE_PRIVATE);
}
@@ -5535,6 +5548,7 @@ rb_mod_modfunc(argc, argv, module)
rb_raise(rb_eTypeError, "module_function must be called for modules");
}
+ secure_visibility(module);
if (argc == 0) {
SCOPE_SET(SCOPE_MODFUNC);
return module;