summaryrefslogtreecommitdiff
path: root/test
diff options
context:
space:
mode:
authorshugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2013-06-12 14:20:51 +0000
committershugo <shugo@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2013-06-12 14:20:51 +0000
commit1f828497d1e8df2b7b68ac2a093ab4439585d88a (patch)
tree6cf1bd0f1cc7921226608ccc133930aae49e7c82 /test
parentb53a183c009b3cb72b5964cf5652763b4cebf0f6 (diff)
* safe.c (rb_set_safe_level, safe_setter): raise an ArgumentError
when $SAFE is set to 4. $SAFE=4 is now obsolete. [ruby-core:55222] [Feature #8468] * object.c (rb_obj_untrusted, rb_obj_untrust, rb_obj_trust): Kernel#untrusted?, untrust, and trust are now deprecated. Their behavior is same as tainted?, taint, and untaint, respectively. * include/ruby/ruby.h (OBJ_UNTRUSTED, OBJ_UNTRUST): OBJ_UNTRUSTED() and OBJ_UNTRUST() are aliases of OBJ_TAINTED() and OBJ_TAINT(), respectively. * array.c, class.c, debug.c, dir.c, encoding.c, error.c, eval.c, ext/curses/curses.c, ext/dbm/dbm.c, ext/dl/cfunc.c, ext/dl/cptr.c, ext/dl/dl.c, ext/etc/etc.c, ext/fiddle/fiddle.c, ext/fiddle/pointer.c, ext/gdbm/gdbm.c, ext/readline/readline.c, ext/sdbm/init.c, ext/socket/ancdata.c, ext/socket/basicsocket.c, ext/socket/socket.c, ext/socket/udpsocket.c, ext/stringio/stringio.c, ext/syslog/syslog.c, ext/tk/tcltklib.c, ext/win32ole/win32ole.c, file.c, gc.c, hash.c, io.c, iseq.c, load.c, marshal.c, object.c, proc.c, process.c, random.c, re.c, safe.c, string.c, thread.c, transcode.c, variable.c, vm_insnhelper.c, vm_method.c, vm_trace.c: remove code for $SAFE=4. * test/dl/test_dl2.rb, test/erb/test_erb.rb, test/readline/test_readline.rb, test/readline/test_readline_history.rb, test/ruby/test_alias.rb, test/ruby/test_array.rb, test/ruby/test_dir.rb, test/ruby/test_encoding.rb, test/ruby/test_env.rb, test/ruby/test_eval.rb, test/ruby/test_exception.rb, test/ruby/test_file_exhaustive.rb, test/ruby/test_hash.rb, test/ruby/test_io.rb, test/ruby/test_method.rb, test/ruby/test_module.rb, test/ruby/test_object.rb, test/ruby/test_pack.rb, test/ruby/test_rand.rb, test/ruby/test_regexp.rb, test/ruby/test_settracefunc.rb, test/ruby/test_struct.rb, test/ruby/test_thread.rb, test/ruby/test_time.rb: remove tests for $SAFE=4. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41259 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test')
-rw-r--r--test/dl/test_dl2.rb27
-rw-r--r--test/erb/test_erb.rb5
-rw-r--r--test/readline/test_readline.rb55
-rw-r--r--test/readline/test_readline_history.rb35
-rw-r--r--test/ruby/test_alias.rb10
-rw-r--r--test/ruby/test_array.rb13
-rw-r--r--test/ruby/test_dir.rb15
-rw-r--r--test/ruby/test_encoding.rb5
-rw-r--r--test/ruby/test_env.rb6
-rw-r--r--test/ruby/test_eval.rb10
-rw-r--r--test/ruby/test_exception.rb47
-rw-r--r--test/ruby/test_file_exhaustive.rb9
-rw-r--r--test/ruby/test_hash.rb10
-rw-r--r--test/ruby/test_io.rb44
-rw-r--r--test/ruby/test_method.rb9
-rw-r--r--test/ruby/test_module.rb38
-rw-r--r--test/ruby/test_object.rb154
-rw-r--r--test/ruby/test_pack.rb10
-rw-r--r--test/ruby/test_rand.rb12
-rw-r--r--test/ruby/test_regexp.rb12
-rw-r--r--test/ruby/test_settracefunc.rb54
-rw-r--r--test/ruby/test_struct.rb24
-rw-r--r--test/ruby/test_thread.rb20
-rw-r--r--test/ruby/test_time.rb24
24 files changed, 15 insertions, 633 deletions
diff --git a/test/dl/test_dl2.rb b/test/dl/test_dl2.rb
index 88ef086..955ac1d 100644
--- a/test/dl/test_dl2.rb
+++ b/test/dl/test_dl2.rb
@@ -11,15 +11,6 @@ class TestDL < TestBase
# TODO: refactor test repetition
- def test_free_secure
- assert_raises(SecurityError) do
- Thread.new do
- $SAFE = 4
- DL.free(0)
- end.join
- end
- end
-
def test_realloc
str = "abc"
ptr_id = DL.realloc(0, 4)
@@ -33,15 +24,6 @@ class TestDL < TestBase
DL.free ptr_id
end
- def test_realloc_secure
- assert_raises(SecurityError) do
- Thread.new do
- $SAFE = 4
- DL.realloc(0, 4)
- end.join
- end
- end
-
def test_malloc
str = "abc"
@@ -56,15 +38,6 @@ class TestDL < TestBase
DL.free ptr_id
end
- def test_malloc_security
- assert_raises(SecurityError) do
- Thread.new do
- $SAFE = 4
- DL.malloc(4)
- end.join
- end
- end
-
def test_call_int()
cfunc = CFunc.new(@libc['atoi'], TYPE_INT, 'atoi')
x = cfunc.call(["100"].pack("p").unpack("l!*"))
diff --git a/test/erb/test_erb.rb b/test/erb/test_erb.rb
index 89fdbff..65efd39 100644
--- a/test/erb/test_erb.rb
+++ b/test/erb/test_erb.rb
@@ -185,11 +185,6 @@ EOS
assert_equal(ans, erb.result)
end
- def test_safe_04
- erb = @erb.new('<%=$SAFE%>', 4)
- assert_equal('4', erb.result(TOPLEVEL_BINDING.taint))
- end
-
class Foo; end
def test_def_class
diff --git a/test/readline/test_readline.rb b/test/readline/test_readline.rb
index a4c8e58..17e54ef 100644
--- a/test/readline/test_readline.rb
+++ b/test/readline/test_readline.rb
@@ -18,55 +18,6 @@ class TestReadline < Test::Unit::TestCase
Readline.instance_variable_set("@completion_proc", nil)
end
- def test_safe_level_4
- method_args =
- [
- ["readline"],
- ["input=", $stdin],
- ["output=", $stdout],
- ["completion_proc=", proc {}],
- ["completion_proc"],
- ["completion_case_fold=", true],
- ["completion_case_fold"],
- ["vi_editing_mode"],
- ["vi_editing_mode?"],
- ["emacs_editing_mode"],
- ["emacs_editing_mode?"],
- ["completion_append_character=", "s"],
- ["completion_append_character"],
- ["basic_word_break_characters=", "s"],
- ["basic_word_break_characters"],
- ["completer_word_break_characters=", "s"],
- ["completer_word_break_characters"],
- ["basic_quote_characters=", "\\"],
- ["basic_quote_characters"],
- ["completer_quote_characters=", "\\"],
- ["completer_quote_characters"],
- ["filename_quote_characters=", "\\"],
- ["filename_quote_characters"],
- ["line_buffer"],
- ["point"],
- ["set_screen_size", 1, 1],
- ["get_screen_size"],
- ["pre_input_hook=", proc {}],
- ["pre_input_hook"],
- ["insert_text", ""],
- ["redisplay"],
- ["special_prefixes=", "$"],
- ["special_prefixes"],
- ]
- method_args.each do |method_name, *args|
- assert_raise(SecurityError, NotImplementedError,
- "method=<#{method_name}>") do
- Thread.start {
- $SAFE = 4
- Readline.send(method_name.to_sym, *args)
- assert(true)
- }.join
- end
- end
- end
-
if !/EditLine/n.match(Readline::VERSION)
def test_readline
with_temp_stdio do |stdin, stdout|
@@ -90,12 +41,6 @@ class TestReadline < Test::Unit::TestCase
end
}.join
end
- assert_raise(SecurityError) do
- Thread.start {
- $SAFE = 4
- replace_stdio(stdin.path, stdout.path) { Readline.readline("> ") }
- }.join
- end
end
end
diff --git a/test/readline/test_readline_history.rb b/test/readline/test_readline_history.rb
index e21d170..4bcd7b3 100644
--- a/test/readline/test_readline_history.rb
+++ b/test/readline/test_readline_history.rb
@@ -39,41 +39,6 @@ class Readline::TestHistory < Test::Unit::TestCase
HISTORY.clear
end
- def test_safe_level_4
- method_args =
- [
- ["[]", [0]],
- ["[]=", [0, "s"]],
- ["\<\<", ["s"]],
- ["push", ["s"]],
- ["pop", []],
- ["shift", []],
- ["length", []],
- ["delete_at", [0]],
- ["clear", []],
- ]
- method_args.each do |method_name, args|
- assert_raise(SecurityError, NotImplementedError,
- "method=<#{method_name}>") do
- Thread.start {
- $SAFE = 4
- HISTORY.send(method_name.to_sym, *args)
- assert(true)
- }.join
- end
- end
-
- assert_raise(SecurityError, NotImplementedError,
- "method=<each>") do
- Thread.start {
- $SAFE = 4
- HISTORY.each { |s|
- assert(true)
- }
- }.join
- end
- end
-
def test_to_s
expected = "HISTORY"
assert_equal(expected, HISTORY.to_s)
diff --git a/test/ruby/test_alias.rb b/test/ruby/test_alias.rb
index e154982..0fd8d5f 100644
--- a/test/ruby/test_alias.rb
+++ b/test/ruby/test_alias.rb
@@ -52,16 +52,6 @@ class TestAlias < Test::Unit::TestCase
end
end
- def test_JVN_83768862
- d = lambda {
- $SAFE = 4
- dclass = Class.new(C)
- dclass.send(:alias_method, :mm, :m)
- dclass.new
- }.call
- assert_raise(SecurityError) { d.mm }
- end
-
def test_nonexistmethod
assert_raise(NameError){
Class.new{
diff --git a/test/ruby/test_array.rb b/test/ruby/test_array.rb
index 6807598..63db980 100644
--- a/test/ruby/test_array.rb
+++ b/test/ruby/test_array.rb
@@ -1732,19 +1732,6 @@ class TestArray < Test::Unit::TestCase
assert_equal([3,4,5,0], [1,2,3,4,5,0].drop_while {|i| i < 3 })
end
- def test_modify_check
- a = []
- a.freeze
- assert_raise(RuntimeError) { a.shift }
- a = [1, 2]
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- a.shift
- end.value
- end
- end
-
LONGP = [127, 63, 31, 15, 7].map {|x| 2**x-1 }.find do |x|
begin
[].first(x)
diff --git a/test/ruby/test_dir.rb b/test/ruby/test_dir.rb
index 1c8f73e..d8f6868 100644
--- a/test/ruby/test_dir.rb
+++ b/test/ruby/test_dir.rb
@@ -43,15 +43,6 @@ class TestDir < Test::Unit::TestCase
end
end
- def test_JVN_13947696
- b = lambda {
- d = Dir.open('.')
- $SAFE = 4
- d.close
- }
- assert_raise(SecurityError) { b.call }
- end
-
def test_nodir
assert_raise(Errno::ENOENT) { Dir.open(@nodir) }
end
@@ -90,12 +81,6 @@ class TestDir < Test::Unit::TestCase
d.rewind
b = (0..5).map { d.read }
assert_equal(a, b)
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- d.rewind
- end.join
- end
ensure
d.close
end
diff --git a/test/ruby/test_encoding.rb b/test/ruby/test_encoding.rb
index ef2dc39..c1ded6c 100644
--- a/test/ruby/test_encoding.rb
+++ b/test/ruby/test_encoding.rb
@@ -100,11 +100,6 @@ class TestEncoding < Test::Unit::TestCase
assert_equal(str, str2, '[ruby-dev:38596]')
end
- def test_unsafe
- bug5279 = '[ruby-dev:44469]'
- assert_ruby_status([], '$SAFE=4; "a".encode("utf-16be")', bug5279)
- end
-
def test_compatible_p
ua = "abc".force_encoding(Encoding::UTF_8)
assert_equal(Encoding::UTF_8, Encoding.compatible?(ua, :abc))
diff --git a/test/ruby/test_env.rb b/test/ruby/test_env.rb
index 618be37..b4c2d1f 100644
--- a/test/ruby/test_env.rb
+++ b/test/ruby/test_env.rb
@@ -114,12 +114,6 @@ class TestEnv < Test::Unit::TestCase
end
def test_aset
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- ENV["test"] = "foo"
- end.join
- end
assert_nothing_raised { ENV["test"] = nil }
assert_equal(nil, ENV["test"])
assert_raise(ArgumentError) { ENV["foo\0bar"] = "test" }
diff --git a/test/ruby/test_eval.rb b/test/ruby/test_eval.rb
index a97b982..790e288 100644
--- a/test/ruby/test_eval.rb
+++ b/test/ruby/test_eval.rb
@@ -440,16 +440,6 @@ class TestEval < Test::Unit::TestCase
assert_raise(RuntimeError) { eval("raise ''") }
end
- def test_eval_using_untainted_binding_under_safe4
- assert_raise(SecurityError) do
- Thread.new do
- b = binding
- $SAFE = 4
- eval("", b)
- end.join
- end
- end
-
def test_eval_with_toplevel_binding # [ruby-dev:37142]
ruby("-e", "x = 0; eval('p x', TOPLEVEL_BINDING)") do |f|
f.close_write
diff --git a/test/ruby/test_exception.rb b/test/ruby/test_exception.rb
index c829a17..4a0edc3 100644
--- a/test/ruby/test_exception.rb
+++ b/test/ruby/test_exception.rb
@@ -255,25 +255,6 @@ class TestException < Test::Unit::TestCase
INPUT
end
- def test_safe4
- cmd = proc{raise SystemExit}
- safe0_p = proc{|*args| args}
-
- test_proc = proc {
- $SAFE = 4
- begin
- cmd.call
- rescue SystemExit => e
- safe0_p["SystemExit: #{e.inspect}"]
- raise e
- rescue Exception => e
- safe0_p["Exception (NOT SystemExit): #{e.inspect}"]
- raise e
- end
- }
- assert_raise(SystemExit, '[ruby-dev:38760]') {test_proc.call}
- end
-
def test_thread_signal_location
_, stderr, _ = EnvUtil.invoke_ruby("--disable-gems -d", <<-RUBY, false, true)
Thread.start do
@@ -475,32 +456,4 @@ end.join
s = e.to_s
assert_equal(false, s.tainted?)
end
-
- def test_exception_to_s_should_not_propagate_untrustedness
- favorite_lang = "Ruby"
-
- for exc in [Exception, NameError]
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- exc.new(favorite_lang).to_s
- favorite_lang.replace("Python")
- }.call
- end
- end
-
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- o = Object.new
- o.singleton_class.send(:define_method, :to_str) {
- favorite_lang
- }
- NameError.new(o).to_s
- favorite_lang.replace("Python")
- }.call
- end
-
- assert_equal("Ruby", favorite_lang)
- end
end
diff --git a/test/ruby/test_file_exhaustive.rb b/test/ruby/test_file_exhaustive.rb
index 8a33258..3394d12 100644
--- a/test/ruby/test_file_exhaustive.rb
+++ b/test/ruby/test_file_exhaustive.rb
@@ -1109,15 +1109,6 @@ class TestFileExhaustive < Test::Unit::TestCase
assert_nothing_raised { ENV["PATH"] }
end
- def test_find_file
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- load(@file)
- end.join
- end
- end
-
def test_size
assert_equal(3, File.open(@file) {|f| f.size })
File.open(@file, "a") do |f|
diff --git a/test/ruby/test_hash.rb b/test/ruby/test_hash.rb
index dbc3ed2..3168760 100644
--- a/test/ruby/test_hash.rb
+++ b/test/ruby/test_hash.rb
@@ -722,16 +722,6 @@ class TestHash < Test::Unit::TestCase
assert_equal([], expected - vals)
end
- def test_security_check
- h = {}
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- h[1] = 1
- end.join
- end
- end
-
def test_intialize_wrong_arguments
assert_raise(ArgumentError) do
Hash.new(0) { }
diff --git a/test/ruby/test_io.rb b/test/ruby/test_io.rb
index 959982f..e42ace1 100644
--- a/test/ruby/test_io.rb
+++ b/test/ruby/test_io.rb
@@ -918,17 +918,6 @@ class TestIO < Test::Unit::TestCase
}
end
- def safe_4
- t = Thread.new do
- $SAFE = 4
- yield
- end
- unless t.join(10)
- t.kill
- flunk("timeout in safe_4")
- end
- end
-
def ruby(*args)
args = ['-e', '$>.write($<.read)'] if args.empty?
ruby = EnvUtil.rubybin
@@ -1001,9 +990,6 @@ class TestIO < Test::Unit::TestCase
def test_inspect
with_pipe do |r, w|
assert_match(/^#<IO:fd \d+>$/, r.inspect)
- assert_raise(SecurityError) do
- safe_4 { r.inspect }
- end
end
end
@@ -1179,14 +1165,6 @@ class TestIO < Test::Unit::TestCase
end
end
- def test_close_read_security_error
- with_pipe do |r, w|
- assert_raise(SecurityError) do
- safe_4 { r.close_read }
- end
- end
- end
-
def test_close_read_non_readable
with_pipe do |r, w|
assert_raise(IOError) do
@@ -1203,14 +1181,6 @@ class TestIO < Test::Unit::TestCase
end
end
- def test_close_write_security_error
- with_pipe do |r, w|
- assert_raise(SecurityError) do
- safe_4 { r.close_write }
- end
- end
- end
-
def test_close_write_non_readable
with_pipe do |r, w|
assert_raise(IOError) do
@@ -1441,14 +1411,6 @@ class TestIO < Test::Unit::TestCase
end
end
- def test_close_security_error
- with_pipe do |r, w|
- assert_raise(SecurityError) do
- safe_4 { r.close }
- end
- end
- end
-
def test_pos
make_tempfile {|t|
@@ -1710,12 +1672,6 @@ class TestIO < Test::Unit::TestCase
def test_reopen
make_tempfile {|t|
- with_pipe do |r, w|
- assert_raise(SecurityError) do
- safe_4 { r.reopen(t.path) }
- end
- end
-
open(__FILE__) do |f|
f.gets
assert_nothing_raised {
diff --git a/test/ruby/test_method.rb b/test/ruby/test_method.rb
index ca790df..b46d67c 100644
--- a/test/ruby/test_method.rb
+++ b/test/ruby/test_method.rb
@@ -325,15 +325,6 @@ class TestMethod < Test::Unit::TestCase
assert_equal(:bar, m.clone.bar)
end
- def test_call
- o = Object.new
- def o.foo; p 1; end
- def o.bar(x); x; end
- m = o.method(:foo)
- m.taint
- assert_raise(SecurityError) { m.call }
- end
-
def test_inspect
o = Object.new
def o.foo; end
diff --git a/test/ruby/test_module.rb b/test/ruby/test_module.rb
index 816e5dc..5574bf0 100644
--- a/test/ruby/test_module.rb
+++ b/test/ruby/test_module.rb
@@ -760,13 +760,6 @@ class TestModule < Test::Unit::TestCase
end
def test_undef
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- Class.instance_eval { undef_method(:foo) }
- end.join
- end
-
c = Class.new
assert_raise(NameError) do
c.instance_eval { undef_method(:foo) }
@@ -861,19 +854,6 @@ class TestModule < Test::Unit::TestCase
assert_equal(true, c.private_method_defined?(:baz))
end
- def test_change_visibility_under_safe4
- c = Class.new
- c.class_eval do
- def foo; end
- end
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- c.class_eval { private :foo }
- end.join
- end
- end
-
def test_top_public_private
assert_in_out_err([], <<-INPUT, %w([:foo] [:bar]), [])
private
@@ -970,24 +950,6 @@ class TestModule < Test::Unit::TestCase
assert_equal(false, m.include?(m))
end
- def test_include_under_safe4
- m = Module.new
- c1 = Class.new
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- c1.instance_eval { include(m) }
- }.call
- end
- assert_nothing_raised do
- lambda {
- $SAFE = 4
- c2 = Class.new
- c2.instance_eval { include(m) }
- }.call
- end
- end
-
def test_send
a = AClass.new
assert_equal(:aClass, a.__send__(:aClass))
diff --git a/test/ruby/test_object.rb b/test/ruby/test_object.rb
index 1da7f25..7b660ce 100644
--- a/test/ruby/test_object.rb
+++ b/test/ruby/test_object.rb
@@ -52,16 +52,6 @@ class TestObject < Test::Unit::TestCase
assert_raise(RuntimeError) { o.untaint }
end
- def test_freeze_under_safe_4
- o = Object.new
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- o.freeze
- end.join
- end
- end
-
def test_freeze_immediate
assert_equal(true, 1.frozen?)
1.freeze
@@ -282,17 +272,6 @@ class TestObject < Test::Unit::TestCase
assert_equal(1+3+5+7+9, n)
end
- def test_add_method_under_safe4
- o = Object.new
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- def o.foo
- end
- end.join
- end
- end
-
def test_redefine_method_under_verbose
assert_in_out_err([], <<-INPUT, %w(2), /warning: method redefined; discarding old foo$/)
$VERBOSE = true
@@ -316,20 +295,6 @@ class TestObject < Test::Unit::TestCase
end
def test_remove_method
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- Object.instance_eval { remove_method(:foo) }
- end.join
- end
-
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- Class.instance_eval { remove_method(:foo) }
- end.join
- end
-
c = Class.new
c.freeze
assert_raise(RuntimeError) do
@@ -687,72 +652,21 @@ class TestObject < Test::Unit::TestCase
end
def test_untrusted
- obj = lambda {
- $SAFE = 4
- x = Object.new
- x.instance_eval { @foo = 1 }
- x
- }.call
+ obj = Object.new
+ assert_equal(false, obj.untrusted?)
+ assert_equal(false, obj.tainted?)
+ obj.untrust
assert_equal(true, obj.untrusted?)
assert_equal(true, obj.tainted?)
-
- x = Object.new
- assert_equal(false, x.untrusted?)
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- x.instance_eval { @foo = 1 }
- }.call
- end
-
- x = Object.new
- x.taint
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- x.instance_eval { @foo = 1 }
- }.call
- end
-
- x.untrust
- assert_equal(true, x.untrusted?)
- assert_nothing_raised do
- lambda {
- $SAFE = 4
- x.instance_eval { @foo = 1 }
- }.call
- end
-
- x.trust
- assert_equal(false, x.untrusted?)
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- x.instance_eval { @foo = 1 }
- }.call
- end
-
- a = Object.new
- a.untrust
- assert_equal(true, a.untrusted?)
- b = a.dup
- assert_equal(true, b.untrusted?)
- c = a.clone
- assert_equal(true, c.untrusted?)
-
- a = Object.new
- b = lambda {
- $SAFE = 4
- a.dup
- }.call
- assert_equal(true, b.untrusted?)
-
- a = Object.new
- b = lambda {
- $SAFE = 4
- a.clone
- }.call
- assert_equal(true, b.untrusted?)
+ obj.trust
+ assert_equal(false, obj.untrusted?)
+ assert_equal(false, obj.tainted?)
+ obj.taint
+ assert_equal(true, obj.untrusted?)
+ assert_equal(true, obj.tainted?)
+ obj.untaint
+ assert_equal(false, obj.untrusted?)
+ assert_equal(false, obj.tainted?)
end
def test_to_s
@@ -813,42 +727,6 @@ class TestObject < Test::Unit::TestCase
assert_match(/\bInspect\u{3042}:.* @\u{3044}=42\b/, x)
end
- def test_exec_recursive
- Thread.current[:__recursive_key__] = nil
- a = [[]]
- a.inspect
-
- assert_nothing_raised do
- -> do
- $SAFE = 4
- begin
- a.hash
- rescue ArgumentError
- end
- end.call
- end
-
- -> do
- assert_nothing_raised do
- $SAFE = 4
- a.inspect
- end
- end.call
-
- -> do
- o = Object.new
- def o.to_ary(x); end
- def o.==(x); $SAFE = 4; false; end
- a = [[o]]
- b = []
- b << b
-
- assert_nothing_raised do
- b == a
- end
- end.call
- end
-
def test_singleton_class
x = Object.new
xs = class << x; self; end
@@ -895,12 +773,6 @@ class TestObject < Test::Unit::TestCase
c = a.dup.freeze
assert_raise(RuntimeError, "frozen") {c.instance_eval {initialize_copy(b)}}
d = a.dup.trust
- assert_raise(SecurityError, "untrust") do
- proc {
- $SAFE = 4
- d.instance_eval {initialize_copy(b)}
- }.call
- end
[a, b, c, d]
end
diff --git a/test/ruby/test_pack.rb b/test/ruby/test_pack.rb
index 9dbb0b0..7848eb5 100644
--- a/test/ruby/test_pack.rb
+++ b/test/ruby/test_pack.rb
@@ -644,16 +644,6 @@ EXPECTED
assert_equal([0x100000000], "\220\200\200\200\000".unpack("w"), [0x100000000])
end
- def test_modify_under_safe4
- s = "foo"
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- s.clear
- end.join
- end
- end
-
def test_length_too_big
assert_raise(RangeError) { [].pack("C100000000000000000000") }
end
diff --git a/test/ruby/test_rand.rb b/test/ruby/test_rand.rb
index 611e9f5..98615f8 100644
--- a/test/ruby/test_rand.rb
+++ b/test/ruby/test_rand.rb
@@ -504,18 +504,6 @@ END
end
end
- def test_marshal_load_insecure
- r = Random.new(0)
- d = r.__send__(:marshal_dump)
- l = proc do
- $SAFE = 4
- r.__send__(:marshal_load, d)
- end
- assert_raise(SecurityError, '[Bug #6540]') do
- l.call
- end
- end
-
def test_random_ulong_limited
def (gen = Object.new).rand(*) 1 end
assert_equal([2], (1..100).map {[1,2,3].sample(random: gen)}.uniq)
diff --git a/test/ruby/test_regexp.rb b/test/ruby/test_regexp.rb
index 9ad9afe..a91ae8b 100644
--- a/test/ruby/test_regexp.rb
+++ b/test/ruby/test_regexp.rb
@@ -340,14 +340,6 @@ class TestRegexp < Test::Unit::TestCase
def test_initialize
assert_raise(ArgumentError) { Regexp.new }
assert_equal(/foo/, Regexp.new(/foo/, Regexp::IGNORECASE))
- re = /foo/
- assert_raise(SecurityError) do
- Thread.new { $SAFE = 4; re.instance_eval { initialize(re) } }.join
- end
- re.taint
- assert_raise(SecurityError) do
- Thread.new { $SAFE = 4; re.instance_eval { initialize(re) } }.join
- end
assert_equal(Encoding.find("US-ASCII"), Regexp.new("b..", nil, "n").encoding)
assert_equal("bar", "foobarbaz"[Regexp.new("b..", nil, "n")])
@@ -545,12 +537,12 @@ class TestRegexp < Test::Unit::TestCase
def test_taint
m = Thread.new do
"foo"[/foo/]
- $SAFE = 4
+ $SAFE = 3
/foo/.match("foo")
end.value
assert(m.tainted?)
assert_nothing_raised('[ruby-core:26137]') {
- m = proc {$SAFE = 4; %r"#{ }"o}.call
+ m = proc {$SAFE = 3; %r"#{ }"o}.call
}
assert(m.tainted?)
end
diff --git a/test/ruby/test_settracefunc.rb b/test/ruby/test_settracefunc.rb
index b010846..ab1a37f 100644
--- a/test/ruby/test_settracefunc.rb
+++ b/test/ruby/test_settracefunc.rb
@@ -397,42 +397,6 @@ class TestSetTraceFunc < Test::Unit::TestCase
assert_equal(self, ok, bug3921)
end
- def assert_security_error_safe4(block)
- assert_raise(SecurityError) do
- block.call
- end
- end
-
- def test_set_safe4
- func = proc do
- $SAFE = 4
- set_trace_func(lambda {|*|})
- end
- assert_security_error_safe4(func)
- end
-
- def test_thread_set_safe4
- th = Thread.start {sleep}
- func = proc do
- $SAFE = 4
- th.set_trace_func(lambda {|*|})
- end
- assert_security_error_safe4(func)
- ensure
- th.kill
- end
-
- def test_thread_add_safe4
- th = Thread.start {sleep}
- func = proc do
- $SAFE = 4
- th.add_trace_func(lambda {|*|})
- end
- assert_security_error_safe4(func)
- ensure
- th.kill
- end
-
class << self
define_method(:method_added, Module.method(:method_added))
end
@@ -924,24 +888,6 @@ class TestSetTraceFunc < Test::Unit::TestCase
end
end
- def test_trace_point_enable_safe4
- tp = TracePoint.new {}
- func = proc do
- $SAFE = 4
- tp.enable
- end
- assert_security_error_safe4(func)
- end
-
- def test_trace_point_disable_safe4
- tp = TracePoint.new {}
- func = proc do
- $SAFE = 4
- tp.disable
- end
- assert_security_error_safe4(func)
- end
-
def m1_for_test_trace_point_binding_in_ifunc(arg)
arg + nil
rescue
diff --git a/test/ruby/test_struct.rb b/test/ruby/test_struct.rb
index 1c10877..c5ac2eb 100644
--- a/test/ruby/test_struct.rb
+++ b/test/ruby/test_struct.rb
@@ -74,17 +74,6 @@ class TestStruct < Test::Unit::TestCase
assert_raise(NameError) { o[:b] }
end
- def test_modify
- klass = Struct.new(:a)
- o = klass.new(1)
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- o.a = 2
- end.value
- end
- end
-
def test_set
klass = Struct.new(:a)
o = klass.new(1)
@@ -263,19 +252,6 @@ class TestStruct < Test::Unit::TestCase
}
end
- def test_struct_subclass
- bug5036 = '[ruby-dev:44122]'
- st = Class.new(Struct)
- s = st.new("S", :m).new
- error = assert_raise(SecurityError) do
- proc do
- $SAFE = 4
- s.m = 1
- end.call
- end
- assert_equal("Insecure: can't modify #{st}::S", error.message, bug5036)
- end
-
def test_to_h
klass = Struct.new(:a, :b, :c, :d, :e, :f)
o = klass.new(1, 2, 3, 4, 5, 6)
diff --git a/test/ruby/test_thread.rb b/test/ruby/test_thread.rb
index d9b8afc..46831f3 100644
--- a/test/ruby/test_thread.rb
+++ b/test/ruby/test_thread.rb
@@ -88,18 +88,6 @@ class TestThread < Test::Unit::TestCase
end
end
- def test_thread_variable_security
- t = Thread.new { sleep }
-
- assert_raises(SecurityError) do
- Thread.new { $SAFE = 4; t.thread_variable_get(:foo) }.join
- end
-
- assert_raises(SecurityError) do
- Thread.new { $SAFE = 4; t.thread_variable_set(:foo, :baz) }.join
- end
- end
-
def test_mutex_synchronize
m = Mutex.new
r = 0
@@ -396,14 +384,6 @@ class TestThread < Test::Unit::TestCase
def test_thread_local_security
t = Thread.new { sleep }
- assert_raise(SecurityError) do
- Thread.new { $SAFE = 4; t[:foo] }.join
- end
-
- assert_raise(SecurityError) do
- Thread.new { $SAFE = 4; t[:foo] = :baz }.join
- end
-
assert_raise(RuntimeError) do
Thread.new do
Thread.current[:foo] = :bar
diff --git a/test/ruby/test_time.rb b/test/ruby/test_time.rb
index 22df270..2a56836 100644
--- a/test/ruby/test_time.rb
+++ b/test/ruby/test_time.rb
@@ -312,16 +312,6 @@ class TestTime < Test::Unit::TestCase
"[ruby-dev:44827] [Bug #5586]")
end
- def test_security_error
- assert_raise(SecurityError) do
- Thread.new do
- t = Time.gm(2000)
- $SAFE = 4
- t.localtime
- end.join
- end
- end
-
def test_at3
t2000 = get_t2000
assert_equal(t2000, Time.at(t2000))
@@ -884,20 +874,6 @@ class TestTime < Test::Unit::TestCase
assert_raise(NoMethodError, bug5012) { t1.m }
end
- def test_time_subclass
- bug5036 = '[ruby-dev:44122]'
- tc = Class.new(Time)
- tc.inspect
- t = tc.now
- error = assert_raise(SecurityError) do
- proc do
- $SAFE = 4
- t.gmtime
- end.call
- end
- assert_equal("Insecure: can't modify #{tc}", error.message, bug5036)
- end
-
def test_sec_str
bug6193 = '[ruby-core:43569]'
t = nil