summaryrefslogtreecommitdiff
path: root/file.c
diff options
context:
space:
mode:
authormatz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2001-06-19 04:35:17 +0000
committermatz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2001-06-19 04:35:17 +0000
commit9d51cf8a6a5d651c1c4dd363dbf3f4905e3f307d (patch)
tree98247086ea05415f034f0b5a0e6cc97163f47be2 /file.c
parent6aa71d4c800d11d9735007cf3b063e5ea2fc5941 (diff)
* eval.c (rb_f_require): searches ".rb" and ".so" at the same
time. previous behavior (search ".rb", then ".so") has a security risk (ruby-bugs#PR140). * array.c (rb_ary_to_ary): new function to replace internal rb_Array(), which never calls to_a, but to_ary (rb_Array() might call both). [new] * regex.c (PUSH_FAILURE_POINT): push option status again. * regex.c (re_compile_pattern): avoid pushing unnecessary option_set. * eval.c (rb_load): tainted string is OK if wrapped *and* $SAFE >= 4. * eval.c (rb_thread_start_0): should not nail down higher blocks before preserving original context (i.e. should not alter original context). * eval.c (proc_yield): new method equivalent to Proc#call but no check for number of arguments. [new] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1526 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'file.c')
-rw-r--r--file.c100
1 files changed, 74 insertions, 26 deletions
diff --git a/file.c b/file.c
index 1cff477..66f82bc 100644
--- a/file.c
+++ b/file.c
@@ -2202,48 +2202,99 @@ is_macos_native_path(path)
}
#endif
+static char*
+file_load_ok(file)
+ char *file;
+{
+ FILE *f;
+
+ f = fopen(file, "r");
+ if (f == NULL) return 0;
+ fclose(f);
+ return file;
+}
+
+extern VALUE rb_load_path;
+
+int
+rb_find_file_noext(file)
+ char *file;
+{
+ char *path, *e, *found;
+ char *fend = file + strlen(file);
+ VALUE fname;
+ int i, j;
+
+ static char *ext[] = {
+ ".rb", DLEXT,
+#ifdef DLEXT2
+ DLEXT2,
+#endif
+ 0
+ };
+
+ if (file[0] == '~') {
+ fname = rb_str_new2(file);
+ fname = rb_file_s_expand_path(1, &fname);
+ file = StringValuePtr(fname);
+ }
+
+ if (is_absolute_path(file)) {
+ for (i=0; ext[i]; i++) {
+ strcpy(fend, ext[i]);
+ if (file_load_ok(file)) return i+1;
+ }
+ return 0;
+ }
+
+ if (!rb_load_path) return 0;
+
+ Check_Type(rb_load_path, T_ARRAY);
+ for (i=0;i<RARRAY(rb_load_path)->len;i++) {
+ VALUE str = RARRAY(rb_load_path)->ptr[i];
+
+ SafeStringValue(str);
+ path = RSTRING(str)->ptr;
+ for (j=0; ext[j]; j++) {
+ strcpy(fend, ext[j]);
+ found = dln_find_file(file, path);
+ if (found && file_load_ok(found)) return j+1;
+ }
+ }
+ return 0;
+}
+
char*
rb_find_file(file)
char *file;
{
- extern VALUE rb_load_path;
VALUE vpath, fname;
char *path;
struct stat st;
+ if (file[0] == '~') {
+ fname = rb_str_new2(file);
+ fname = rb_file_s_expand_path(1, &fname);
+ if (rb_safe_level() >= 2 && OBJ_TAINTED(fname)) {
+ rb_raise(rb_eSecurityError, "loading from unsafe file %s", file);
+ }
+ file = StringValuePtr(fname);
+ }
+
#if defined(__MACOS__) || defined(riscos)
if (is_macos_native_path(file)) {
- FILE *f;
-
if (rb_safe_level() >= 2 && !rb_path_check(file)) {
rb_raise(rb_eSecurityError, "loading from unsafe file %s", file);
}
- f= fopen(file, "r");
- if (f == NULL) return 0;
- fclose(f);
- return file;
+ return file_load_ok(file);
}
#endif
if (is_absolute_path(file)) {
- FILE *f;
-
if (rb_safe_level() >= 2 && !rb_path_check(file)) {
rb_raise(rb_eSecurityError, "loading from unsafe file %s", file);
}
- f = fopen(file, "r");
- if (f == NULL) return 0;
- fclose(f);
- return file;
- }
-
- if (file[0] == '~') {
- fname = rb_str_new2(file);
- fname = rb_file_s_expand_path(1, &fname);
- if (rb_safe_level() >= 2 && OBJ_TAINTED(fname)) {
- rb_raise(rb_eSecurityError, "loading from unsafe file %s", file);
- }
- file = StringValuePtr(fname);
+ return file_load_ok(file);
}
if (rb_load_path) {
@@ -2269,10 +2320,7 @@ rb_find_file(file)
}
path = dln_find_file(file, path);
- if (path && stat(path, &st) == 0) {
- return path;
- }
- return 0;
+ return file_load_ok(path);
}
static void