summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog42
-rw-r--r--array.c10
-rw-r--r--class.c12
-rw-r--r--debug.c1
-rw-r--r--dir.c6
-rw-r--r--encoding.c2
-rw-r--r--error.c4
-rw-r--r--eval.c1
-rw-r--r--ext/curses/curses.c3
-rw-r--r--ext/dbm/dbm.c1
-rw-r--r--ext/dl/cfunc.c3
-rw-r--r--ext/dl/cptr.c3
-rw-r--r--ext/dl/dl.c4
-rw-r--r--ext/etc/etc.c8
-rw-r--r--ext/fiddle/fiddle.c4
-rw-r--r--ext/fiddle/pointer.c3
-rw-r--r--ext/gdbm/gdbm.c1
-rw-r--r--ext/readline/readline.c46
-rw-r--r--ext/sdbm/init.c1
-rw-r--r--ext/socket/ancdata.c2
-rw-r--r--ext/socket/basicsocket.c3
-rw-r--r--ext/socket/socket.c1
-rw-r--r--ext/socket/udpsocket.c1
-rw-r--r--ext/stringio/stringio.c1
-rw-r--r--ext/syslog/syslog.c3
-rw-r--r--ext/tk/tcltklib.c16
-rw-r--r--ext/win32ole/win32ole.c8
-rw-r--r--file.c4
-rw-r--r--gc.c4
-rw-r--r--hash.c38
-rw-r--r--include/ruby/intern.h7
-rw-r--r--include/ruby/ruby.h11
-rw-r--r--io.c22
-rw-r--r--iseq.c1
-rw-r--r--load.c1
-rw-r--r--marshal.c4
-rw-r--r--object.c53
-rw-r--r--proc.c1
-rw-r--r--process.c3
-rw-r--r--random.c1
-rw-r--r--re.c2
-rw-r--r--safe.c12
-rw-r--r--string.c8
-rw-r--r--test/dl/test_dl2.rb27
-rw-r--r--test/erb/test_erb.rb5
-rw-r--r--test/readline/test_readline.rb55
-rw-r--r--test/readline/test_readline_history.rb35
-rw-r--r--test/ruby/test_alias.rb10
-rw-r--r--test/ruby/test_array.rb13
-rw-r--r--test/ruby/test_dir.rb15
-rw-r--r--test/ruby/test_encoding.rb5
-rw-r--r--test/ruby/test_env.rb6
-rw-r--r--test/ruby/test_eval.rb10
-rw-r--r--test/ruby/test_exception.rb47
-rw-r--r--test/ruby/test_file_exhaustive.rb9
-rw-r--r--test/ruby/test_hash.rb10
-rw-r--r--test/ruby/test_io.rb44
-rw-r--r--test/ruby/test_method.rb9
-rw-r--r--test/ruby/test_module.rb38
-rw-r--r--test/ruby/test_object.rb154
-rw-r--r--test/ruby/test_pack.rb10
-rw-r--r--test/ruby/test_rand.rb12
-rw-r--r--test/ruby/test_regexp.rb12
-rw-r--r--test/ruby/test_settracefunc.rb54
-rw-r--r--test/ruby/test_struct.rb24
-rw-r--r--test/ruby/test_thread.rb20
-rw-r--r--test/ruby/test_time.rb24
-rw-r--r--thread.c8
-rw-r--r--transcode.c2
-rw-r--r--variable.c18
-rw-r--r--vm_insnhelper.c4
-rw-r--r--vm_method.c26
-rw-r--r--vm_trace.c5
73 files changed, 95 insertions, 978 deletions
diff --git a/ChangeLog b/ChangeLog
index 70d6939..310c527 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,45 @@
+Wed Jun 12 22:58:48 2013 Shugo Maeda <shugo@ruby-lang.org>
+
+ * safe.c (rb_set_safe_level, safe_setter): raise an ArgumentError
+ when $SAFE is set to 4. $SAFE=4 is now obsolete.
+ [ruby-core:55222] [Feature #8468]
+
+ * object.c (rb_obj_untrusted, rb_obj_untrust, rb_obj_trust):
+ Kernel#untrusted?, untrust, and trust are now deprecated.
+ Their behavior is same as tainted?, taint, and untaint,
+ respectively.
+
+ * include/ruby/ruby.h (OBJ_UNTRUSTED, OBJ_UNTRUST): OBJ_UNTRUSTED()
+ and OBJ_UNTRUST() are aliases of OBJ_TAINTED() and OBJ_TAINT(),
+ respectively.
+
+ * array.c, class.c, debug.c, dir.c, encoding.c, error.c, eval.c,
+ ext/curses/curses.c, ext/dbm/dbm.c, ext/dl/cfunc.c,
+ ext/dl/cptr.c, ext/dl/dl.c, ext/etc/etc.c, ext/fiddle/fiddle.c,
+ ext/fiddle/pointer.c, ext/gdbm/gdbm.c, ext/readline/readline.c,
+ ext/sdbm/init.c, ext/socket/ancdata.c, ext/socket/basicsocket.c,
+ ext/socket/socket.c, ext/socket/udpsocket.c,
+ ext/stringio/stringio.c, ext/syslog/syslog.c, ext/tk/tcltklib.c,
+ ext/win32ole/win32ole.c, file.c, gc.c, hash.c, io.c, iseq.c,
+ load.c, marshal.c, object.c, proc.c, process.c, random.c, re.c,
+ safe.c, string.c, thread.c, transcode.c, variable.c,
+ vm_insnhelper.c, vm_method.c, vm_trace.c: remove code for
+ $SAFE=4.
+
+ * test/dl/test_dl2.rb, test/erb/test_erb.rb,
+ test/readline/test_readline.rb,
+ test/readline/test_readline_history.rb, test/ruby/test_alias.rb,
+ test/ruby/test_array.rb, test/ruby/test_dir.rb,
+ test/ruby/test_encoding.rb, test/ruby/test_env.rb,
+ test/ruby/test_eval.rb, test/ruby/test_exception.rb,
+ test/ruby/test_file_exhaustive.rb, test/ruby/test_hash.rb,
+ test/ruby/test_io.rb, test/ruby/test_method.rb,
+ test/ruby/test_module.rb, test/ruby/test_object.rb,
+ test/ruby/test_pack.rb, test/ruby/test_rand.rb,
+ test/ruby/test_regexp.rb, test/ruby/test_settracefunc.rb,
+ test/ruby/test_struct.rb, test/ruby/test_thread.rb,
+ test/ruby/test_time.rb: remove tests for $SAFE=4.
+
Wed Jun 12 22:18:23 2013 Tanaka Akira <akr@fsij.org>
* bignum.c (integer_unpack_num_bdigits_generic): Rewritten without
diff --git a/array.c b/array.c
index da22b4c..7ab56b4 100644
--- a/array.c
+++ b/array.c
@@ -257,8 +257,6 @@ static inline void
rb_ary_modify_check(VALUE ary)
{
rb_check_frozen(ary);
- if (!OBJ_UNTRUSTED(ary) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: can't modify array");
}
void
@@ -1843,7 +1841,6 @@ ary_join_0(VALUE ary, VALUE sep, long max, VALUE result)
rb_str_buf_append(result, sep);
rb_str_buf_append(result, val);
if (OBJ_TAINTED(val)) OBJ_TAINT(result);
- if (OBJ_UNTRUSTED(val)) OBJ_TAINT(result);
}
}
@@ -1905,12 +1902,10 @@ rb_ary_join(VALUE ary, VALUE sep)
{
long len = 1, i;
int taint = FALSE;
- int untrust = FALSE;
VALUE val, tmp, result;
if (RARRAY_LEN(ary) == 0) return rb_usascii_str_new(0, 0);
if (OBJ_TAINTED(ary)) taint = TRUE;
- if (OBJ_UNTRUSTED(ary)) untrust = TRUE;
if (!NIL_P(sep)) {
StringValue(sep);
@@ -1925,7 +1920,6 @@ rb_ary_join(VALUE ary, VALUE sep)
result = rb_str_buf_new(len + (RARRAY_LEN(ary)-i)*10);
rb_enc_associate(result, rb_usascii_encoding());
if (taint) OBJ_TAINT(result);
- if (untrust) OBJ_UNTRUST(result);
ary_join_0(ary, sep, i, result);
first = i == 0;
ary_join_1(ary, ary, sep, i, result, &first);
@@ -1937,7 +1931,6 @@ rb_ary_join(VALUE ary, VALUE sep)
result = rb_str_buf_new(len);
if (taint) OBJ_TAINT(result);
- if (untrust) OBJ_UNTRUST(result);
ary_join_0(ary, sep, RARRAY_LEN(ary), result);
return result;
@@ -1971,7 +1964,6 @@ static VALUE
inspect_ary(VALUE ary, VALUE dummy, int recur)
{
int tainted = OBJ_TAINTED(ary);
- int untrust = OBJ_UNTRUSTED(ary);
long i;
VALUE s, str;
@@ -1980,14 +1972,12 @@ inspect_ary(VALUE ary, VALUE dummy, int recur)
for (i=0; i<RARRAY_LEN(ary); i++) {
s = rb_inspect(RARRAY_AREF(ary, i));
if (OBJ_TAINTED(s)) tainted = TRUE;
- if (OBJ_UNTRUSTED(s)) untrust = TRUE;
if (i > 0) rb_str_buf_cat2(str, ", ");
else rb_enc_copy(str, s);
rb_str_buf_append(str, s);
}
rb_str_buf_cat2(str, "]");
if (tainted) OBJ_TAINT(str);
- if (untrust) OBJ_UNTRUST(str);
return str;
}
diff --git a/class.c b/class.c
index e9b53df..8ab8d05 100644
--- a/class.c
+++ b/class.c
@@ -696,9 +696,6 @@ rb_include_module(VALUE klass, VALUE module)
int changed = 0;
rb_frozen_class_p(klass);
- if (!OBJ_UNTRUSTED(klass)) {
- rb_secure(4);
- }
if (!RB_TYPE_P(module, T_MODULE)) {
Check_Type(module, T_MODULE);
@@ -804,9 +801,6 @@ rb_prepend_module(VALUE klass, VALUE module)
int changed = 0;
rb_frozen_class_p(klass);
- if (!OBJ_UNTRUSTED(klass)) {
- rb_secure(4);
- }
Check_Type(module, T_MODULE);
@@ -1440,12 +1434,6 @@ singleton_class_of(VALUE obj)
else {
FL_UNSET(klass, FL_TAINT);
}
- if (OBJ_UNTRUSTED(obj)) {
- OBJ_UNTRUST(klass);
- }
- else {
- FL_UNSET(klass, FL_UNTRUSTED);
- }
if (OBJ_FROZEN(obj)) OBJ_FREEZE(klass);
return klass;
diff --git a/debug.c b/debug.c
index e7dc6fc..7cd1664 100644
--- a/debug.c
+++ b/debug.c
@@ -36,7 +36,6 @@ const union {
RUBY_FL_OLDGEN = FL_OLDGEN,
RUBY_FL_FINALIZE = FL_FINALIZE,
RUBY_FL_TAINT = FL_TAINT,
- RUBY_FL_UNTRUSTED = FL_UNTRUSTED,
RUBY_FL_EXIVAR = FL_EXIVAR,
RUBY_FL_FREEZE = FL_FREEZE,
RUBY_FL_SINGLETON = FL_SINGLETON,
diff --git a/dir.c b/dir.c
index 4b01035..4781175 100644
--- a/dir.c
+++ b/dir.c
@@ -507,8 +507,6 @@ static struct dir_data *
dir_check(VALUE dir)
{
struct dir_data *dirp;
- if (!OBJ_UNTRUSTED(dir) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: operation on trusted Dir");
rb_check_frozen(dir);
dirp = rb_check_typeddata(dir, &dir_data_type);
if (!dirp->dir) dir_closed();
@@ -746,9 +744,6 @@ dir_rewind(VALUE dir)
{
struct dir_data *dirp;
- if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(dir)) {
- rb_raise(rb_eSecurityError, "Insecure: can't close");
- }
GetDIR(dir, dirp);
rewinddir(dirp->dir);
return dir;
@@ -896,7 +891,6 @@ rb_dir_getwd(void)
char *path;
VALUE cwd;
- rb_secure(4);
path = my_getcwd();
cwd = rb_tainted_str_new2(path);
rb_enc_associate(cwd, rb_filesystem_encoding());
diff --git a/encoding.c b/encoding.c
index 6fb14a5..ad7e4bc 100644
--- a/encoding.c
+++ b/encoding.c
@@ -591,7 +591,7 @@ load_encoding(const char *name)
else if (ISUPPER(*s)) *s = (char)TOLOWER(*s);
++s;
}
- FL_UNSET(enclib, FL_TAINT|FL_UNTRUSTED);
+ FL_UNSET(enclib, FL_TAINT);
OBJ_FREEZE(enclib);
ruby_verbose = Qfalse;
ruby_debug = Qfalse;
diff --git a/error.c b/error.c
index b886a57..e65e04f 100644
--- a/error.c
+++ b/error.c
@@ -2039,7 +2039,6 @@ rb_error_untrusted(VALUE obj)
void
rb_check_trusted(VALUE obj)
{
- rb_check_trusted_internal(obj);
}
void
@@ -2047,9 +2046,8 @@ rb_check_copyable(VALUE obj, VALUE orig)
{
if (!FL_ABLE(obj)) return;
rb_check_frozen_internal(obj);
- rb_check_trusted_internal(obj);
if (!FL_ABLE(orig)) return;
- if ((~RBASIC(obj)->flags & RBASIC(orig)->flags) & (FL_UNTRUSTED|FL_TAINT)) {
+ if ((~RBASIC(obj)->flags & RBASIC(orig)->flags) & FL_TAINT) {
if (rb_safe_level() > 0) {
rb_raise(rb_eSecurityError, "Insecure: can't modify %"PRIsVALUE,
RBASIC(obj)->klass);
diff --git a/eval.c b/eval.c
index 87c96f0..c0d64e8 100644
--- a/eval.c
+++ b/eval.c
@@ -1331,7 +1331,6 @@ top_include(int argc, VALUE *argv, VALUE self)
{
rb_thread_t *th = GET_THREAD();
- rb_secure(4);
if (th->top_wrapper) {
rb_warning("main.include in the wrapped load is effective only in wrapper module");
return rb_mod_include(argc, argv, th->top_wrapper);
diff --git a/ext/curses/curses.c b/ext/curses/curses.c
index 113b2bf..49704cb 100644
--- a/ext/curses/curses.c
+++ b/ext/curses/curses.c
@@ -145,7 +145,6 @@ prep_window(VALUE class, WINDOW *window)
static VALUE
curses_init_screen(void)
{
- rb_secure(4);
if (rb_stdscr) return rb_stdscr;
initscr();
if (stdscr == 0) {
@@ -1491,7 +1490,6 @@ window_initialize(VALUE obj, VALUE h, VALUE w, VALUE top, VALUE left)
struct windata *winp;
WINDOW *window;
- rb_secure(4);
curses_init_screen();
TypedData_Get_Struct(obj, struct windata, &windata_type, winp);
if (winp->window) delwin(winp->window);
@@ -2511,7 +2509,6 @@ pad_initialize(VALUE obj, VALUE h, VALUE w)
struct windata *padp;
WINDOW *window;
- rb_secure(4);
curses_init_screen();
TypedData_Get_Struct(obj, struct windata, &windata_type, padp);
if (padp->window) delwin(padp->window);
diff --git a/ext/dbm/dbm.c b/ext/dbm/dbm.c
index 27ade01..157cada 100644
--- a/ext/dbm/dbm.c
+++ b/ext/dbm/dbm.c
@@ -392,7 +392,6 @@ fdbm_values_at(int argc, VALUE *argv, VALUE obj)
static void
fdbm_modify(VALUE obj)
{
- rb_secure(4);
if (OBJ_FROZEN(obj)) rb_error_frozen("DBM");
}
diff --git a/ext/dl/cfunc.c b/ext/dl/cfunc.c
index b68129f..70be456 100644
--- a/ext/dl/cfunc.c
+++ b/ext/dl/cfunc.c
@@ -86,7 +86,6 @@ rb_dlcfunc_new(void (*func)(), int type, const char *name, ID calltype)
VALUE val;
struct cfunc_data *data;
- rb_secure(4);
if( func ){
val = TypedData_Make_Struct(rb_cDLCFunc, struct cfunc_data, &dlcfunc_data_type, data);
data->ptr = (void *)(VALUE)func;
@@ -346,8 +345,6 @@ rb_dlcfunc_call(VALUE self, VALUE ary)
DLSTACK_TYPE stack[DLSTACK_SIZE];
VALUE result = Qnil;
- rb_secure_update(self);
-
memset(stack, 0, sizeof(DLSTACK_TYPE) * DLSTACK_SIZE);
Check_Type(ary, T_ARRAY);
diff --git a/ext/dl/cptr.c b/ext/dl/cptr.c
index 636099d..9e59139 100644
--- a/ext/dl/cptr.c
+++ b/ext/dl/cptr.c
@@ -69,7 +69,6 @@ rb_dlptr_new2(VALUE klass, void *ptr, long size, freefunc_t func)
struct ptr_data *data;
VALUE val;
- rb_secure(4);
val = TypedData_Make_Struct(klass, struct ptr_data, &dlptr_data_type, data);
data->ptr = ptr;
data->free = func;
@@ -90,7 +89,6 @@ rb_dlptr_malloc(long size, freefunc_t func)
{
void *ptr;
- rb_secure(4);
ptr = ruby_xmalloc((size_t)size);
memset(ptr,0,(size_t)size);
return rb_dlptr_new(ptr, size, func);
@@ -122,7 +120,6 @@ rb_dlptr_s_allocate(VALUE klass)
VALUE obj;
struct ptr_data *data;
- rb_secure(4);
obj = TypedData_Make_Struct(klass, struct ptr_data, &dlptr_data_type, data);
data->ptr = 0;
data->size = 0;
diff --git a/ext/dl/dl.c b/ext/dl/dl.c
index 691eecd..23f5d7f 100644
--- a/ext/dl/dl.c
+++ b/ext/dl/dl.c
@@ -81,7 +81,6 @@ rb_dl_malloc(VALUE self, VALUE size)
{
void *ptr;
- rb_secure(4);
ptr = (void*)ruby_xmalloc(NUM2INT(size));
return PTR2NUM(ptr);
}
@@ -98,7 +97,6 @@ rb_dl_realloc(VALUE self, VALUE addr, VALUE size)
{
void *ptr = NUM2PTR(addr);
- rb_secure(4);
ptr = (void*)ruby_xrealloc(ptr, NUM2INT(size));
return PTR2NUM(ptr);
}
@@ -113,7 +111,6 @@ rb_dl_free(VALUE self, VALUE addr)
{
void *ptr = NUM2PTR(addr);
- rb_secure(4);
ruby_xfree(ptr);
return Qnil;
}
@@ -137,7 +134,6 @@ rb_dl_free(VALUE self, VALUE addr)
VALUE
rb_dl_ptr2value(VALUE self, VALUE addr)
{
- rb_secure(4);
return (VALUE)NUM2PTR(addr);
}
diff --git a/ext/etc/etc.c b/ext/etc/etc.c
index c1cfead..74a1fed 100644
--- a/ext/etc/etc.c
+++ b/ext/etc/etc.c
@@ -60,7 +60,6 @@ etc_getlogin(VALUE obj)
{
char *login;
- rb_secure(4);
#ifdef HAVE_GETLOGIN
login = getlogin();
if (!login) login = getenv("USER");
@@ -147,7 +146,6 @@ etc_getpwuid(int argc, VALUE *argv, VALUE obj)
rb_uid_t uid;
struct passwd *pwd;
- rb_secure(4);
if (rb_scan_args(argc, argv, "01", &id) == 1) {
uid = NUM2UIDT(id);
}
@@ -251,7 +249,6 @@ etc_passwd(VALUE obj)
#ifdef HAVE_GETPWENT
struct passwd *pw;
- rb_secure(4);
if (rb_block_given_p()) {
each_passwd();
}
@@ -391,7 +388,6 @@ etc_getgrgid(int argc, VALUE *argv, VALUE obj)
gid_t gid;
struct group *grp;
- rb_secure(4);
if (rb_scan_args(argc, argv, "01", &id) == 1) {
gid = NUM2GIDT(id);
}
@@ -428,7 +424,6 @@ etc_getgrnam(VALUE obj, VALUE nam)
#ifdef HAVE_GETGRENT
struct group *grp;
- rb_secure(4);
SafeStringValue(nam);
grp = getgrnam(RSTRING_PTR(nam));
if (grp == 0) rb_raise(rb_eArgError, "can't find group for %s", RSTRING_PTR(nam));
@@ -494,7 +489,6 @@ etc_group(VALUE obj)
#ifdef HAVE_GETGRENT
struct group *grp;
- rb_secure(4);
if (rb_block_given_p()) {
each_group();
}
@@ -624,7 +618,7 @@ etc_systmpdir(void)
#else
tmpdir = rb_filesystem_str_new_cstr("/tmp");
#endif
- FL_UNSET(tmpdir, FL_TAINT|FL_UNTRUSTED);
+ FL_UNSET(tmpdir, FL_TAINT);
return tmpdir;
}
diff --git a/ext/fiddle/fiddle.c b/ext/fiddle/fiddle.c
index 803a5a9..7a7c708 100644
--- a/ext/fiddle/fiddle.c
+++ b/ext/fiddle/fiddle.c
@@ -48,7 +48,6 @@ rb_fiddle_malloc(VALUE self, VALUE size)
{
void *ptr;
- rb_secure(4);
ptr = (void*)ruby_xmalloc(NUM2INT(size));
return PTR2NUM(ptr);
}
@@ -65,7 +64,6 @@ rb_fiddle_realloc(VALUE self, VALUE addr, VALUE size)
{
void *ptr = NUM2PTR(addr);
- rb_secure(4);
ptr = (void*)ruby_xrealloc(ptr, NUM2INT(size));
return PTR2NUM(ptr);
}
@@ -80,7 +78,6 @@ rb_fiddle_free(VALUE self, VALUE addr)
{
void *ptr = NUM2PTR(addr);
- rb_secure(4);
ruby_xfree(ptr);
return Qnil;
}
@@ -104,7 +101,6 @@ rb_fiddle_free(VALUE self, VALUE addr)
VALUE
rb_fiddle_ptr2value(VALUE self, VALUE addr)
{
- rb_secure(4);
return (VALUE)NUM2PTR(addr);
}
diff --git a/ext/fiddle/pointer.c b/ext/fiddle/pointer.c
index fb9b310..4f4842f 100644
--- a/ext/fiddle/pointer.c
+++ b/ext/fiddle/pointer.c
@@ -76,7 +76,6 @@ rb_fiddle_ptr_new2(VALUE klass, void *ptr, long size, freefunc_t func)
struct ptr_data *data;
VALUE val;
- rb_secure(4);
val = TypedData_Make_Struct(klass, struct ptr_data, &fiddle_ptr_data_type, data);
data->ptr = ptr;
data->free = func;
@@ -97,7 +96,6 @@ rb_fiddle_ptr_malloc(long size, freefunc_t func)
{
void *ptr;
- rb_secure(4);
ptr = ruby_xmalloc((size_t)size);
memset(ptr,0,(size_t)size);
return rb_fiddle_ptr_new(ptr, size, func);
@@ -129,7 +127,6 @@ rb_fiddle_ptr_s_allocate(VALUE klass)
VALUE obj;
struct ptr_data *data;
- rb_secure(4);
obj = TypedData_Make_Struct(klass, struct ptr_data, &fiddle_ptr_data_type, data);
data->ptr = 0;
data->size = 0;
diff --git a/ext/gdbm/gdbm.c b/ext/gdbm/gdbm.c
index 45ed959..ff0a652 100644
--- a/ext/gdbm/gdbm.c
+++ b/ext/gdbm/gdbm.c
@@ -506,7 +506,6 @@ fgdbm_values_at(int argc, VALUE *argv, VALUE obj)
static void
rb_gdbm_modify(VALUE obj)
{
- rb_secure(4);
if (OBJ_FROZEN(obj)) rb_error_frozen("GDBM");
}
diff --git a/ext/readline/readline.c b/ext/readline/readline.c
index 388f5e4..0af8722 100644
--- a/ext/readline/readline.c
+++ b/ext/readline/readline.c
@@ -382,7 +382,6 @@ readline_readline(int argc, VALUE *argv, VALUE self)
char *buff;
int status;
- rb_secure(4);
if (rb_scan_args(argc, argv, "02", &tmp, &add_hist) > 0) {
OutputStringValue(tmp);
#if USE_INSERT_IGNORE_ESCAPE
@@ -454,7 +453,6 @@ readline_s_set_input(VALUE self, VALUE input)
{
rb_io_t *ifp;
- rb_secure(4);
Check_Type(input, T_FILE);
GetOpenFile(input, ifp);
rl_instream = rb_io_stdio_file(ifp);
@@ -478,7 +476,6 @@ readline_s_set_output(VALUE self, VALUE output)
{
rb_io_t *ofp;
- rb_secure(4);
Check_Type(output, T_FILE);
GetOpenFile(output, ofp);
rl_outstream = rb_io_stdio_file(ofp);
@@ -503,7 +500,6 @@ readline_s_set_output(VALUE self, VALUE output)
static VALUE
readline_s_set_pre_input_hook(VALUE self, VALUE proc)
{
- rb_secure(4);
if (!NIL_P(proc) && !rb_respond_to(proc, rb_intern("call")))
rb_raise(rb_eArgError, "argument must respond to `call'");
return rb_ivar_set(mReadline, id_pre_input_hook, proc);
@@ -522,7 +518,6 @@ readline_s_set_pre_input_hook(VALUE self, VALUE proc)
static VALUE
readline_s_get_pre_input_hook(VALUE self)
{
- rb_secure(4);
return rb_attr_get(mReadline, id_pre_input_hook);
}
@@ -555,7 +550,6 @@ readline_pre_input_hook(void)
static VALUE
readline_s_insert_text(VALUE self, VALUE str)
{
- rb_secure(4);
OutputStringValue(str);
rl_insert_text(RSTRING_PTR(str));
return self;
@@ -579,7 +573,6 @@ readline_s_insert_text(VALUE self, VALUE str)
static VALUE
readline_s_redisplay(VALUE self)
{
- rb_secure(4);
rl_redisplay();
return self;
}
@@ -660,7 +653,6 @@ readline_s_redisplay(VALUE self)
static VALUE
readline_s_set_completion_proc(VALUE self, VALUE proc)
{
- rb_secure(4);
if (!NIL_P(proc) && !rb_respond_to(proc, rb_intern("call")))
rb_raise(rb_eArgError, "argument must respond to `call'");
return rb_ivar_set(mReadline, completion_proc, proc);
@@ -677,7 +669,6 @@ readline_s_set_completion_proc(VALUE self, VALUE proc)
static VALUE
readline_s_get_completion_proc(VALUE self)
{
- rb_secure(4);
return rb_attr_get(mReadline, completion_proc);
}
@@ -692,7 +683,6 @@ readline_s_get_completion_proc(VALUE self)
static VALUE
readline_s_set_completion_case_fold(VALUE self, VALUE val)
{
- rb_secure(4);
return rb_ivar_set(mReadline, completion_case_fold, val);
}
@@ -715,7 +705,6 @@ readline_s_set_completion_case_fold(VALUE self, VALUE val)
static VALUE
readline_s_get_completion_case_fold(VALUE self)
{
- rb_secure(4);
return rb_attr_get(mReadline, completion_case_fold);
}
@@ -734,7 +723,6 @@ readline_s_get_completion_case_fold(VALUE self)
static VALUE
readline_s_get_line_buffer(VALUE self)
{
- rb_secure(4);
if (rl_line_buffer == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_line_buffer);
@@ -760,7 +748,6 @@ readline_s_get_line_buffer(VALUE self)
static VALUE
readline_s_get_point(VALUE self)
{
- rb_secure(4);
return INT2NUM(rl_point);
}
#else
@@ -857,7 +844,6 @@ readline_attempted_completion_function(const char *text, int start, int end)
static VALUE
readline_s_set_screen_size(VALUE self, VALUE rows, VALUE columns)
{
- rb_secure(4);
rl_set_screen_size(NUM2INT(rows), NUM2INT(columns));
return self;
}
@@ -884,7 +870,6 @@ readline_s_get_screen_size(VALUE self)
int rows, columns;
VALUE res;
- rb_secure(4);
rl_get_screen_size(&rows, &columns);
res = rb_ary_new();
rb_ary_push(res, INT2NUM(rows));
@@ -910,7 +895,6 @@ readline_s_get_screen_size(VALUE self)
static VALUE
readline_s_vi_editing_mode(VALUE self)
{
- rb_secure(4);
rl_vi_editing_mode(1,0);
return Qnil;
}
@@ -932,7 +916,6 @@ readline_s_vi_editing_mode(VALUE self)
static VALUE
readline_s_vi_editing_mode_p(VALUE self)
{
- rb_secure(4);
return rl_editing_mode == 0 ? Qtrue : Qfalse;
}
#else
@@ -954,7 +937,6 @@ readline_s_vi_editing_mode_p(VALUE self)
static VALUE
readline_s_emacs_editing_mode(VALUE self)
{
- rb_secure(4);
rl_emacs_editing_mode(1,0);
return Qnil;
}
@@ -976,7 +958,6 @@ readline_s_emacs_editing_mode(VALUE self)
static VALUE
readline_s_emacs_editing_mode_p(VALUE self)
{
- rb_secure(4);
return rl_editing_mode == 1 ? Qtrue : Qfalse;
}
#else
@@ -1025,7 +1006,6 @@ readline_s_emacs_editing_mode_p(VALUE self)
static VALUE
readline_s_set_completion_append_character(VALUE self, VALUE str)
{
- rb_secure(4);
if (NIL_P(str)) {
rl_completion_append_character = '\0';
}
@@ -1060,7 +1040,6 @@ readline_s_get_completion_append_character(VALUE self)
{
char buf[1];
- rb_secure(4);
if (rl_completion_append_character == '\0')
return Qnil;
@@ -1089,7 +1068,6 @@ readline_s_set_basic_word_break_characters(VALUE self, VALUE str)
{
static char *basic_word_break_characters = NULL;
- rb_secure(4);
OutputStringValue(str);
if (basic_word_break_characters == NULL) {
basic_word_break_characters =
@@ -1123,7 +1101,6 @@ readline_s_set_basic_word_break_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_basic_word_break_characters(VALUE self, VALUE str)
{
- rb_secure(4);
if (rl_basic_word_break_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_basic_word_break_characters);
@@ -1150,7 +1127,6 @@ readline_s_set_completer_word_break_characters(VALUE self, VALUE str)
{
static char *completer_word_break_characters = NULL;
- rb_secure(4);
OutputStringValue(str);
if (completer_word_break_characters == NULL) {
completer_word_break_characters =
@@ -1184,7 +1160,6 @@ readline_s_set_completer_word_break_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_completer_word_break_characters(VALUE self, VALUE str)
{
- rb_secure(4);
if (rl_completer_word_break_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_completer_word_break_characters);
@@ -1213,7 +1188,6 @@ readline_s_get_completer_word_break_characters(VALUE self, VALUE str)
static VALUE
readline_s_set_special_prefixes(VALUE self, VALUE str)
{
- rb_secure(4);
if (!NIL_P(str)) {
OutputStringValue(str);
str = rb_str_dup_frozen(str);
@@ -1247,7 +1221,6 @@ static VALUE
readline_s_get_special_prefixes(VALUE self)
{
VALUE str;
- rb_secure(4);
if (rl_special_prefixes == NULL) return Qnil;
str = rb_ivar_get(mReadline, id_special_prefixes);
if (!NIL_P(str)) {
@@ -1277,7 +1250,6 @@ readline_s_set_basic_quote_characters(VALUE self, VALUE str)
{
static char *basic_quote_characters = NULL;
- rb_secure(4);
OutputStringValue(str);
if (basic_quote_characters == NULL) {
basic_quote_characters =
@@ -1311,7 +1283,6 @@ readline_s_set_basic_quote_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_basic_quote_characters(VALUE self, VALUE str)
{
- rb_secure(4);
if (rl_basic_quote_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_basic_quote_characters);
@@ -1339,7 +1310,6 @@ readline_s_set_completer_quote_characters(VALUE self, VALUE str)
{
static char *completer_quote_characters = NULL;
- rb_secure(4);
OutputStringValue(str);
if (completer_quote_characters == NULL) {
completer_quote_characters =
@@ -1373,7 +1343,6 @@ readline_s_set_completer_quote_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_completer_quote_characters(VALUE self, VALUE str)
{
- rb_secure(4);
if (rl_completer_quote_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_completer_quote_characters);
@@ -1399,7 +1368,6 @@ readline_s_set_filename_quote_characters(VALUE self, VALUE str)
{
static char *filename_quote_characters = NULL;
- rb_secure(4);
OutputStringValue(str);
if (filename_quote_characters == NULL) {
filename_quote_characters =
@@ -1433,7 +1401,6 @@ readline_s_set_filename_quote_characters(VALUE self, VALUE str)
static VALUE
readline_s_get_filename_quote_characters(VALUE self, VALUE str)
{
- rb_secure(4);
if (rl_filename_quote_characters == NULL)
return Qnil;
return rb_locale_str_new_cstr(rl_filename_quote_characters);
@@ -1454,7 +1421,6 @@ readline_s_get_filename_quote_characters(VALUE self, VALUE str)
static VALUE
readline_s_refresh_line(VALUE self)
{
- rb_secure(4);
rl_refresh_line(0, 0);
return Qnil;
}
@@ -1486,7 +1452,6 @@ hist_get(VALUE self, VALUE index)
HIST_ENTRY *entry = NULL;
int i;
- rb_secure(4);
i = NUM2INT(index);
if (i < 0) {
i += history_length;
@@ -1507,7 +1472,6 @@ hist_set(VALUE self, VALUE index, VALUE str)
HIST_ENTRY *entry = NULL;
int i;
- rb_secure(4);
i = NUM2INT(index);
OutputStringValue(str);
if (i < 0) {
@@ -1528,7 +1492,6 @@ hist_set(VALUE self, VALUE index, VALUE str)
static VALUE
hist_push(VALUE self, VALUE str)
{
- rb_secure(4);
OutputStringValue(str);
add_history(RSTRING_PTR(str));
return self;
@@ -1539,7 +1502,6 @@ hist_push_method(int argc, VALUE *argv, VALUE self)
{
VALUE str;
- rb_secure(4);
while (argc--) {
str = *argv++;
OutputStringValue(str);
@@ -1555,7 +1517,6 @@ rb_remove_history(int index)
HIST_ENTRY *entry;
VALUE val;
- rb_secure(4);
entry = remove_history(index);
if (entry) {
val = rb_locale_str_new_cstr(entry->line);
@@ -1574,7 +1535,6 @@ rb_remove_history(int index)
static VALUE
hist_pop(VALUE self)
{
- rb_secure(4);
if (history_length > 0) {
return rb_remove_history(history_length - 1);
} else {
@@ -1585,7 +1545,6 @@ hist_pop(VALUE self)
static VALUE
hist_shift(VALUE self)
{
- rb_secure(4);
if (history_length > 0) {
return rb_remove_history(0);
} else {
@@ -1601,7 +1560,6 @@ hist_each(VALUE self)
RETURN_ENUMERATOR(self, 0, 0);
- rb_secure(4);
for (i = 0; i < history_length; i++) {
entry = history_get(history_get_offset_func(i));
if (entry == NULL)
@@ -1614,14 +1572,12 @@ hist_each(VALUE self)
static VALUE
hist_length(VALUE self)
{
- rb_secure(4);
return INT2NUM(history_length);
}
static VALUE
hist_empty_p(VALUE self)
{
- rb_secure(4);
return history_length == 0 ? Qtrue : Qfalse;
}
@@ -1630,7 +1586,6 @@ hist_delete_at(VALUE self, VALUE index)
{
int i;
- rb_secure(4);
i = NUM2INT(index);
if (i < 0)
i += history_length;
@@ -1644,7 +1599,6 @@ hist_delete_at(VALUE self, VALUE index)
static VALUE
hist_clear(VALUE self)
{
- rb_secure(4);
clear_history();
return self;
}
diff --git a/ext/sdbm/init.c b/ext/sdbm/init.c
index 4eee215..78add53 100644
--- a/ext/sdbm/init.c
+++ b/ext/sdbm/init.c
@@ -396,7 +396,6 @@ fsdbm_values_at(int argc, VALUE *argv, VALUE obj)
static void
fdbm_modify(VALUE obj)
{
- rb_secure(4);
if (OBJ_FROZEN(obj)) rb_error_frozen("SDBM");
}
diff --git a/ext/socket/ancdata.c b/ext/socket/ancdata.c
index 7fe9659..144c2bf 100644
--- a/ext/socket/ancdata.c
+++ b/ext/socket/ancdata.c
@@ -1140,7 +1140,6 @@ bsock_sendmsg_internal(int argc, VALUE *argv, VALUE sock, int nonblock)
int flags;
ssize_t ss;
- rb_secure(4);
GetOpenFile(sock, fptr);
#if defined(HAVE_STRUCT_MSGHDR_MSG_CONTROL)
family = rsock_getfamily(fptr->fd);
@@ -1504,7 +1503,6 @@ bsock_recvmsg_internal(int argc, VALUE *argv, VALUE sock, int nonblock)
int gc_done = 0;
#endif
- rb_secure(4);
rb_scan_args(argc, argv, "03:", &vmaxdatlen, &vflags, &vmaxctllen, &vopts);
diff --git a/ext/socket/basicsocket.c b/ext/socket/basicsocket.c
index 19dc2f5..bce085b 100644
--- a/ext/socket/basicsocket.c
+++ b/ext/socket/basicsocket.c
@@ -547,7 +547,6 @@ rsock_bsock_send(int argc, VALUE *argv, VALUE sock)
int n;
rb_blocking_function_t *func;
- rb_secure(4);
rb_scan_args(argc, argv, "21", &arg.mesg, &flags, &to);
StringValue(arg.mesg);
@@ -613,7 +612,6 @@ bsock_do_not_reverse_lookup_set(VALUE sock, VALUE state)
{
rb_io_t *fptr;
- rb_secure(4);
GetOpenFile(sock, fptr);
if (RTEST(state)) {
fptr->mode |= FMODE_NOREVLOOKUP;
@@ -733,7 +731,6 @@ bsock_do_not_rev_lookup(void)
static VALUE
bsock_do_not_rev_lookup_set(VALUE self, VALUE val)
{
- rb_secure(4);
rsock_do_not_reverse_lookup = RTEST(val);
return val;
}
diff --git a/ext/socket/socket.c b/ext/socket/socket.c
index 8c5ffed..cbde0ed 100644
--- a/ext/socket/socket.c
+++ b/ext/socket/socket.c
@@ -629,7 +629,6 @@ rsock_sock_listen(VALUE sock, VALUE log)
rb_io_t *fptr;
int backlog;
- rb_secure(4);
backlog = NUM2INT(log);
GetOpenFile(sock, fptr);
if (listen(fptr->fd, backlog) < 0)
diff --git a/ext/socket/udpsocket.c b/ext/socket/udpsocket.c
index 4ea9db6..de334fc 100644
--- a/ext/socket/udpsocket.c
+++ b/ext/socket/udpsocket.c
@@ -166,7 +166,6 @@ udp_send(int argc, VALUE *argv, VALUE sock)
if (argc == 2 || argc == 3) {
return rsock_bsock_send(argc, argv, sock);
}
- rb_secure(4);
rb_scan_args(argc, argv, "4", &arg.mesg, &flags, &host, &port);
StringValue(arg.mesg);
diff --git a/ext/stringio/stringio.c b/ext/stringio/stringio.c
index bdc46af..d15db8b 100644
--- a/ext/stringio/stringio.c
+++ b/ext/stringio/stringio.c
@@ -136,7 +136,6 @@ writable(VALUE strio)
rb_raise(rb_eIOError, "not opened for writing");
}
if (!OBJ_TAINTED(ptr->string)) {
- rb_secure(4);
}
return ptr;
}
diff --git a/ext/syslog/syslog.c b/ext/syslog/syslog.c
index 347fd4b..17c5ef8 100644
--- a/ext/syslog/syslog.c
+++ b/ext/syslog/syslog.c
@@ -37,7 +37,6 @@ static void syslog_write(int pri, int argc, VALUE *argv)
{
VALUE str;
- rb_secure(4);
if (argc < 1) {
rb_raise(rb_eArgError, "no log message supplied");
}
@@ -56,7 +55,6 @@ static void syslog_write(int pri, int argc, VALUE *argv)
*/
static VALUE mSyslog_close(VALUE self)
{
- rb_secure(4);
if (!syslog_opened) {
rb_raise(rb_eRuntimeError, "syslog not opened");
}
@@ -263,7 +261,6 @@ static VALUE mSyslog_get_mask(VALUE self)
*/
static VALUE mSyslog_set_mask(VALUE self, VALUE mask)
{
- rb_secure(4);
if (!syslog_opened) {
rb_raise(rb_eRuntimeError, "must open syslog before setting log mask");
}
diff --git a/ext/tk/tcltklib.c b/ext/tk/tcltklib.c
index a8cc122..d269f9c 100644
--- a/ext/tk/tcltklib.c
+++ b/ext/tk/tcltklib.c
@@ -1668,7 +1668,6 @@ set_eventloop_window_mode(self, mode)
VALUE self;
VALUE mode;
{
- rb_secure(4);
if (RTEST(mode)) {
window_event_mode = ~0;
@@ -1698,7 +1697,6 @@ set_eventloop_tick(self, tick)
int ttick = NUM2INT(tick);
int thr_crit_bup;
- rb_secure(4);
if (ttick < 0) {
rb_raise(rb_eArgError,
@@ -1765,7 +1763,6 @@ set_no_event_wait(self, wait)
{
int t_wait = NUM2INT(wait);
- rb_secure(4);
if (t_wait <= 0) {
rb_raise(rb_eArgError,
@@ -1819,7 +1816,6 @@ set_eventloop_weight(self, loop_max, no_event)
int lpmax = NUM2INT(loop_max);
int no_ev = NUM2INT(no_event);
- rb_secure(4);
if (lpmax <= 0 || no_ev <= 0) {
rb_raise(rb_eArgError, "weight parameters must be positive numbers");
@@ -1938,7 +1934,6 @@ static VALUE
lib_evloop_abort_on_exc_set(self, val)
VALUE self, val;
{
- rb_secure(4);
if (RTEST(val)) {
event_loop_abort_on_exc = 1;
} else if (NIL_P(val)) {
@@ -1955,7 +1950,6 @@ ip_evloop_abort_on_exc_set(self, val)
{
struct tcltkip *ptr = get_ip(self);
- rb_secure(4);
/* ip is deleted? */
if (deleted_ip(ptr)) {
@@ -6403,7 +6397,6 @@ ip_create_slave_core(interp, argc, argv)
safe = 1;
} else if (safemode == Qfalse || NIL_P(safemode)) {
safe = 0;
- /* rb_secure(4); */ /* already checked */
} else {
safe = 1;
}
@@ -6510,7 +6503,6 @@ ip_create_slave(argc, argv, self)
}
if (Tcl_IsSafe(master->ip) != 1
&& (safemode == Qfalse || NIL_P(safemode))) {
- rb_secure(4);
}
StringValue(name);
@@ -6717,7 +6709,6 @@ ip_allow_ruby_exit_set(self, val)
struct tcltkip *ptr = get_ip(self);
Tk_Window mainWin;
- rb_secure(4);
/* ip is deleted? */
if (deleted_ip(ptr)) {
@@ -7821,7 +7812,6 @@ lib_restart_core(interp, argc, argv)
struct tcltkip *ptr = get_ip(interp);
int thr_crit_bup;
- /* rb_secure(4); */ /* already checked */
/* tcl_stubs_check(); */ /* already checked */
@@ -7879,7 +7869,6 @@ lib_restart(self)
{
struct tcltkip *ptr = get_ip(self);
- rb_secure(4);
tcl_stubs_check();
@@ -7898,7 +7887,6 @@ ip_restart(self)
{
struct tcltkip *ptr = get_ip(self);
- rb_secure(4);
tcl_stubs_check();
@@ -9257,7 +9245,6 @@ ip_invoke_immediate(argc, argv, obj)
VALUE obj;
{
/* POTENTIALY INSECURE : can create infinite loop */
- rb_secure(4);
return ip_invoke_with_position(argc, argv, obj, TCL_QUEUE_HEAD);
}
@@ -10061,7 +10048,6 @@ create_dummy_encoding_for_tk_core(interp, name, error_mode)
{
get_ip(interp);
- rb_secure(4);
StringValue(name);
@@ -10519,7 +10505,6 @@ create_encoding_table_core(arg, interp)
Tcl_Obj **objv;
Tcl_Obj *enc_list;
- rb_secure(4);
/* set 'binary' encoding */
rb_hash_aset(table, ENCODING_NAME_BINARY, ENCODING_NAME_BINARY);
@@ -10555,7 +10540,6 @@ create_encoding_table_core(arg, interp)
VALUE interp;
{
volatile VALUE table = rb_hash_new();
- rb_secure(4);
rb_ivar_set(interp, ID_encoding_table, table);
return table;
}
diff --git a/ext/win32ole/win32ole.c b/ext/win32ole/win32ole.c
index 8c243f8..e353d78 100644
--- a/ext/win32ole/win32ole.c
+++ b/ext/win32ole/win32ole.c
@@ -2725,7 +2725,6 @@ fole_s_connect(int argc, VALUE *argv, VALUE self)
void *p;
IUnknown *pUnknown;
- rb_secure(4);
/* initialize to use OLE */
ole_initialize();
@@ -2809,7 +2808,6 @@ fole_s_const_load(int argc, VALUE *argv, VALUE self)
VALUE file;
LCID lcid = cWIN32OLE_lcid;
- rb_secure(4);
rb_scan_args(argc, argv, "11", &ole, &klass);
if (TYPE(klass) != T_CLASS &&
TYPE(klass) != T_MODULE &&
@@ -2872,7 +2870,6 @@ ole_types_from_typelib(ITypeLib *pTypeLib, VALUE classes)
ITypeInfo *pTypeInfo;
VALUE type;
- rb_secure(4);
count = pTypeLib->lpVtbl->GetTypeInfoCount(pTypeLib);
for (i = 0; i < count; i++) {
hr = pTypeLib->lpVtbl->GetDocumentation(pTypeLib, i,
@@ -3236,7 +3233,6 @@ fole_initialize(int argc, VALUE *argv, VALUE self)
OLECHAR *pBuf;
IDispatch *pDispatch;
void *p;
- rb_secure(4);
rb_call_super(0, 0);
rb_scan_args(argc, argv, "11*", &svr_name, &host, &others);
@@ -3964,7 +3960,6 @@ static VALUE
fole_free(VALUE self)
{
struct oledata *pole;
- rb_secure(4);
OLEData_Get_Struct(self, pole);
OLE_FREE(pole->pDispatch);
pole->pDispatch = NULL;
@@ -4527,7 +4522,6 @@ fole_respond_to(VALUE self, VALUE method)
BSTR wcmdname;
DISPID DispID;
HRESULT hr;
- rb_secure(4);
if(TYPE(method) != T_STRING && TYPE(method) != T_SYMBOL) {
rb_raise(rb_eTypeError, "wrong argument type (expected String or Symbol)");
}
@@ -8299,7 +8293,6 @@ ev_advise(int argc, VALUE *argv, VALUE self)
struct oleeventdata *poleev;
void *p;
- rb_secure(4);
rb_scan_args(argc, argv, "11", &ole, &itf);
if (!rb_obj_is_kind_of(ole, cWIN32OLE)) {
@@ -8507,7 +8500,6 @@ fev_off_event(int argc, VALUE *argv, VALUE self)
VALUE event = Qnil;
VALUE events;
- rb_secure(4);
rb_scan_args(argc, argv, "01", &event);
if(!NIL_P(event)) {
if(TYPE(event) != T_STRING && TYPE(event) != T_SYMBOL) {
diff --git a/file.c b/file.c
index 18c9df8..9eeacc6 100644
--- a/file.c
+++ b/file.c
@@ -249,7 +249,6 @@ apply2files(void (*func)(const char *, VALUE, void *), VALUE vargs, void *arg)
long i;
volatile VALUE path;
- rb_secure(4);
for (i=0; i<RARRAY_LEN(vargs); i++) {
const char *s;
path = rb_get_path(RARRAY_AREF(vargs, i));
@@ -915,7 +914,6 @@ rb_file_s_stat(VALUE klass, VALUE fname)
{
struct stat st;
- rb_secure(4);
FilePathValue(fname);
if (rb_stat(fname, &st) < 0) {
rb_sys_fail_path(fname);
@@ -5376,7 +5374,7 @@ rb_find_file_ext_safe(VALUE *filep, const char *const *ext, int safe_level)
*filep = copy_path_class(tmp, *filep);
return (int)(j+1);
}
- FL_UNSET(tmp, FL_TAINT | FL_UNTRUSTED);
+ FL_UNSET(tmp, FL_TAINT);
}
rb_str_set_len(fname, fnlen);
}
diff --git a/gc.c b/gc.c
index bfdf66b..5903be4 100644
--- a/gc.c
+++ b/gc.c
@@ -899,7 +899,7 @@ newobj_of(VALUE klass, VALUE flags, VALUE v1, VALUE v2, VALUE v3)
/* OBJSETUP */
RBASIC(obj)->flags = flags;
RBASIC_SET_CLASS(obj, klass);
- if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT | FL_UNTRUSTED);
+ if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT);
RANY(obj)->as.values.v1 = v1;
RANY(obj)->as.values.v2 = v2;
RANY(obj)->as.values.v3 = v3;
@@ -1485,7 +1485,6 @@ os_each_obj(int argc, VALUE *argv, VALUE os)
{
VALUE of;
- rb_secure(4);
if (argc == 0) {
of = 0;
}
@@ -1879,7 +1878,6 @@ id2ref(VALUE obj, VALUE objid)
VALUE ptr;
void *p0;
- rb_secure(4);
ptr = NUM2PTR(objid);
p0 = (void *)ptr;
diff --git a/hash.c b/hash.c
index a67335f..924edb3 100644
--- a/hash.c
+++ b/hash.c
@@ -267,7 +267,7 @@ rb_hash_dup(VALUE hash)
{
NEWOBJ_OF(ret, struct RHash,
rb_obj_class(hash),
- (RBASIC(hash)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT|FL_UNTRUSTED));
+ (RBASIC(hash)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT));
if (FL_TEST((hash), FL_EXIVAR))
rb_copy_generic_ivar((VALUE)(ret),(VALUE)(hash));
@@ -284,8 +284,6 @@ static void
rb_hash_modify_check(VALUE hash)
{
rb_check_frozen(hash);
- if (!OBJ_UNTRUSTED(hash) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: can't modify hash");
}
static struct st_table *
@@ -2263,7 +2261,6 @@ env_delete(VALUE obj, VALUE name)
{
char *nam, *val;
- rb_secure(4);
SafeStringValue(name);
nam = RSTRING_PTR(name);
if (memchr(nam, '\0', RSTRING_LEN(name))) {
@@ -2315,7 +2312,6 @@ rb_f_getenv(VALUE obj, VALUE name)
{
char *nam, *env;
- rb_secure(4);
SafeStringValue(name);
nam = RSTRING_PTR(name);
if (memchr(nam, '\0', RSTRING_LEN(name))) {
@@ -2359,7 +2355,6 @@ env_fetch(int argc, VALUE *argv)
long block_given;
char *nam, *env;
- rb_secure(4);
rb_scan_args(argc, argv, "11", &key, &if_none);
block_given = rb_block_given_p();
if (block_given && argc == 2) {
@@ -2629,7 +2624,6 @@ env_keys(void)
char **env;
VALUE ary;
- rb_secure(4);
ary = rb_ary_new();
env = GET_ENVIRON(environ);
while (*env) {
@@ -2649,8 +2643,6 @@ rb_env_size(VALUE ehash)
char **env;
long cnt = 0;
- rb_secure(4);
-
env = GET_ENVIRON(environ);
for (; *env ; ++env) {
if (strchr(*env, '=')) {
@@ -2677,7 +2669,7 @@ env_each_key(VALUE ehash)
long i;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
- keys = env_keys(); /* rb_secure(4); */
+ keys = env_keys();
for (i=0; i<RARRAY_LEN(keys); i++) {
rb_yield(RARRAY_AREF(keys, i));
}
@@ -2696,7 +2688,6 @@ env_values(void)
VALUE ary;
char **env;
- rb_secure(4);
ary = rb_ary_new();
env = GET_ENVIRON(environ);
while (*env) {
@@ -2726,7 +2717,7 @@ env_each_value(VALUE ehash)
long i;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
- values = env_values(); /* rb_secure(4); */
+ values = env_values();
for (i=0; i<RARRAY_LEN(values); i++) {
rb_yield(RARRAY_AREF(values, i));
}
@@ -2753,7 +2744,6 @@ env_each_pair(VALUE ehash)
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
- rb_secure(4);
ary = rb_ary_new();
env = GET_ENVIRON(environ);
while (*env) {
@@ -2789,7 +2779,7 @@ env_reject_bang(VALUE ehash)
int del = 0;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
- keys = env_keys(); /* rb_secure(4); */
+ keys = env_keys();
RBASIC_CLEAR_CLASS(keys);
for (i=0; i<RARRAY_LEN(keys); i++) {
VALUE val = rb_f_getenv(Qnil, RARRAY_AREF(keys, i));
@@ -2835,7 +2825,6 @@ env_values_at(int argc, VALUE *argv)
VALUE result;
long i;
- rb_secure(4);
result = rb_ary_new();
for (i=0; i<argc; i++) {
rb_ary_push(result, rb_f_getenv(Qnil, argv[i]));
@@ -2859,7 +2848,6 @@ env_select(VALUE ehash)
char **env;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
- rb_secure(4);
result = rb_hash_new();
env = GET_ENVIRON(environ);
while (*env) {
@@ -2893,7 +2881,7 @@ env_select_bang(VALUE ehash)
int del = 0;
RETURN_SIZED_ENUMERATOR(ehash, 0, 0, rb_env_size);
- keys = env_keys(); /* rb_secure(4); */
+ keys = env_keys();
RBASIC_CLEAR_CLASS(keys);
for (i=0; i<RARRAY_LEN(keys); i++) {
VALUE val = rb_f_getenv(Qnil, RARRAY_AREF(keys, i));
@@ -2938,7 +2926,7 @@ rb_env_clear(void)
volatile VALUE keys;
long i;
- keys = env_keys(); /* rb_secure(4); */
+ keys = env_keys();
for (i=0; i<RARRAY_LEN(keys); i++) {
VALUE val = rb_f_getenv(Qnil, RARRAY_AREF(keys, i));
if (!NIL_P(val)) {
@@ -2972,7 +2960,6 @@ env_inspect(void)
char **env;
VALUE str, i;
- rb_secure(4);
str = rb_str_buf_new2("{");
env = GET_ENVIRON(environ);
while (*env) {
@@ -3012,7 +2999,6 @@ env_to_a(void)
char **env;
VALUE ary;
- rb_secure(4);
ary = rb_ary_new();
env = GET_ENVIRON(environ);
while (*env) {
@@ -3053,7 +3039,6 @@ env_size(void)
int i;
char **env;
- rb_secure(4);
env = GET_ENVIRON(environ);
for (i=0; env[i]; i++)
;
@@ -3072,7 +3057,6 @@ env_empty_p(void)
{
char **env;
- rb_secure(4);
env = GET_ENVIRON(environ);
if (env[0] == 0) {
FREE_ENVIRON(environ);
@@ -3096,7 +3080,6 @@ env_has_key(VALUE env, VALUE key)
{
char *s;
- rb_secure(4);
s = StringValuePtr(key);
if (memchr(s, '\0', RSTRING_LEN(key)))
rb_raise(rb_eArgError, "bad environment variable name");
@@ -3116,7 +3099,6 @@ env_assoc(VALUE env, VALUE key)
{
char *s, *e;
- rb_secure(4);
s = StringValuePtr(key);
if (memchr(s, '\0', RSTRING_LEN(key)))
rb_raise(rb_eArgError, "bad environment variable name");
@@ -3137,7 +3119,6 @@ env_has_value(VALUE dmy, VALUE obj)
{
char **env;
- rb_secure(4);
obj = rb_check_string_type(obj);
if (NIL_P(obj)) return Qnil;
env = GET_ENVIRON(environ);
@@ -3168,7 +3149,6 @@ env_rassoc(VALUE dmy, VALUE obj)
{
char **env;
- rb_secure(4);
obj = rb_check_string_type(obj);
if (NIL_P(obj)) return Qnil;
env = GET_ENVIRON(environ);
@@ -3201,7 +3181,6 @@ env_key(VALUE dmy, VALUE value)
char **env;
VALUE str;
- rb_secure(4);
StringValue(value);
env = GET_ENVIRON(environ);
while (*env) {
@@ -3247,7 +3226,6 @@ env_to_hash(void)
char **env;
VALUE hash;
- rb_secure(4);
hash = rb_hash_new();
env = GET_ENVIRON(environ);
while (*env) {
@@ -3288,7 +3266,6 @@ env_shift(void)
{
char **env;
- rb_secure(4);
env = GET_ENVIRON(environ);
if (*env) {
char *s = strchr(*env, '=');
@@ -3339,7 +3316,7 @@ env_replace(VALUE env, VALUE hash)
volatile VALUE keys;
long i;
- keys = env_keys(); /* rb_secure(4); */
+ keys = env_keys();
if (env == hash) return env;
hash = to_hash(hash);
rb_hash_foreach(hash, env_replace_i, keys);
@@ -3373,7 +3350,6 @@ env_update_i(VALUE key, VALUE val)
static VALUE
env_update(VALUE env, VALUE hash)
{
- rb_secure(4);
if (env == hash) return env;
hash = to_hash(hash);
rb_hash_foreach(hash, env_update_i, 0);
diff --git a/include/ruby/intern.h b/include/ruby/intern.h
index 5d78d0d..fb989ef 100644
--- a/include/ruby/intern.h
+++ b/include/ruby/intern.h
@@ -229,12 +229,7 @@ void rb_check_trusted(VALUE);
rb_error_frozen(rb_obj_classname(frozen_obj)); \
} \
} while (0)
-#define rb_check_trusted_internal(obj) do { \
- VALUE untrusted_obj = (obj); \
- if (!OBJ_UNTRUSTED(untrusted_obj)) { \
- rb_error_untrusted(untrusted_obj); \
- } \
- } while (0)
+#define rb_check_trusted_internal(obj) ((void) 0)
#ifdef __GNUC__
#define rb_check_frozen(obj) __extension__({rb_check_frozen_internal(obj);})
#define rb_check_trusted(obj) __extension__({rb_check_trusted_internal(obj);})
diff --git a/include/ruby/ruby.h b/include/ruby/ruby.h
index 7ce16ee..18539e8 100644
--- a/include/ruby/ruby.h
+++ b/include/ruby/ruby.h
@@ -678,7 +678,7 @@ VALUE rb_obj_setup(VALUE obj, VALUE klass, VALUE type);
if (FL_TEST((obj), FL_EXIVAR)) rb_copy_generic_ivar((VALUE)(clone),(VALUE)(obj));\
} while (0)
#define DUPSETUP(dup,obj) do {\
- OBJSETUP((dup),rb_obj_class(obj), (RBASIC(obj)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT|FL_UNTRUSTED)); \
+ OBJSETUP((dup),rb_obj_class(obj), (RBASIC(obj)->flags)&(T_MASK|FL_EXIVAR|FL_TAINT)); \
if (FL_TEST((obj), FL_EXIVAR)) rb_copy_generic_ivar((VALUE)(dup),(VALUE)(obj));\
} while (0)
@@ -1163,7 +1163,7 @@ struct RBignum {
#define FL_OLDGEN (((VALUE)1)<<6)
#define FL_FINALIZE (((VALUE)1)<<7)
#define FL_TAINT (((VALUE)1)<<8)
-#define FL_UNTRUSTED (((VALUE)1)<<9)
+#define FL_UNTRUSTED FL_TAINT
#define FL_EXIVAR (((VALUE)1)<<10)
#define FL_FREEZE (((VALUE)1)<<11)
@@ -1203,12 +1203,11 @@ struct RBignum {
#define OBJ_TAINTED(x) (!!FL_TEST((x), FL_TAINT))
#define OBJ_TAINT(x) FL_SET((x), FL_TAINT)
-#define OBJ_UNTRUSTED(x) (!!FL_TEST((x), FL_UNTRUSTED))
-#define OBJ_UNTRUST(x) FL_SET((x), FL_UNTRUSTED)
+#define OBJ_UNTRUSTED(x) OBJ_TAINTED(x)
+#define OBJ_UNTRUST(x) OBJ_TAINT(x)
#define OBJ_INFECT(x,s) do { \
if (FL_ABLE(x) && FL_ABLE(s)) \
- RBASIC(x)->flags |= RBASIC(s)->flags & \
- (FL_TAINT | FL_UNTRUSTED); \
+ RBASIC(x)->flags |= RBASIC(s)->flags & FL_TAINT; \
} while (0)
#define OBJ_FROZEN(x) (!!(FL_ABLE(x)?(RBASIC(x)->flags&(FL_FREEZE)):(FIXNUM_P(x)||FLONUM_P(x))))
diff --git a/io.c b/io.c
index aef5ab2..650ee14 100644
--- a/io.c
+++ b/io.c
@@ -597,8 +597,6 @@ rb_eof_error(void)
VALUE
rb_io_taint_check(VALUE io)
{
- if (!OBJ_UNTRUSTED(io) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: operation on trusted IO");
rb_check_frozen(io);
return io;
}
@@ -1376,7 +1374,6 @@ io_write(VALUE io, VALUE str, int nosync)
long n;
VALUE tmp;
- rb_secure(4);
io = GetWriteIO(io);
str = rb_obj_as_string(str);
tmp = rb_io_check_io(io);
@@ -2610,7 +2607,6 @@ rb_io_write_nonblock(VALUE io, VALUE str)
rb_io_t *fptr;
long n;
- rb_secure(4);
if (!RB_TYPE_P(str, T_STRING))
str = rb_obj_as_string(str);
@@ -4256,9 +4252,6 @@ rb_io_close(VALUE io)
static VALUE
rb_io_close_m(VALUE io)
{
- if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(io)) {
- rb_raise(rb_eSecurityError, "Insecure: can't close");
- }
rb_io_check_closed(RFILE(io)->fptr);
rb_io_close(io);
return Qnil;
@@ -4339,9 +4332,6 @@ rb_io_close_read(VALUE io)
rb_io_t *fptr;
VALUE write_io;
- if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(io)) {
- rb_raise(rb_eSecurityError, "Insecure: can't close");
- }
GetOpenFile(io, fptr);
if (is_socket(fptr->fd, fptr->pathv)) {
#ifndef SHUT_RD
@@ -4397,9 +4387,6 @@ rb_io_close_write(VALUE io)
rb_io_t *fptr;
VALUE write_io;
- if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(io)) {
- rb_raise(rb_eSecurityError, "Insecure: can't close");
- }
write_io = GetWriteIO(io);
GetOpenFile(write_io, fptr);
if (is_socket(fptr->fd, fptr->pathv)) {
@@ -4486,7 +4473,6 @@ rb_io_syswrite(VALUE io, VALUE str)
rb_io_t *fptr;
long n;
- rb_secure(4);
if (!RB_TYPE_P(str, T_STRING))
str = rb_obj_as_string(str);
@@ -6411,10 +6397,6 @@ io_reopen(VALUE io, VALUE nfile)
off_t pos = 0;
nfile = rb_io_get_io(nfile);
- if (rb_safe_level() >= 4 &&
- (!OBJ_UNTRUSTED(io) || !OBJ_UNTRUSTED(nfile))) {
- rb_raise(rb_eSecurityError, "Insecure: can't reopen");
- }
GetOpenFile(io, fptr);
GetOpenFile(nfile, orig);
@@ -6516,7 +6498,6 @@ rb_io_reopen(int argc, VALUE *argv, VALUE file)
int oflags;
rb_io_t *fptr;
- rb_secure(4);
if (rb_scan_args(argc, argv, "11:", &fname, &nmode, &opt) == 1) {
VALUE tmp = rb_io_check_io(fname);
if (!NIL_P(tmp)) {
@@ -7308,7 +7289,6 @@ rb_io_initialize(int argc, VALUE *argv, VALUE io)
struct stat st;
#endif
- rb_secure(4);
argc = rb_scan_args(argc, argv, "11:", &fnum, &vmode, &opt);
rb_io_extract_modeenc(&vmode, 0, opt, &oflags, &fmode, &convconfig);
@@ -7436,7 +7416,6 @@ static VALUE
rb_io_autoclose_p(VALUE io)
{
rb_io_t *fptr;
- rb_secure(4);
GetOpenFile(io, fptr);
return (fptr->mode & FMODE_PREP) ? Qfalse : Qtrue;
}
@@ -7462,7 +7441,6 @@ static VALUE
rb_io_set_autoclose(VALUE io, VALUE autoclose)
{
rb_io_t *fptr;
- rb_secure(4);
GetOpenFile(io, fptr);
if (!RTEST(autoclose))
fptr->mode |= FMODE_PREP;
diff --git a/iseq.c b/iseq.c
index a7d7d6d..a4a195d 100644
--- a/iseq.c
+++ b/iseq.c
@@ -243,7 +243,6 @@ rb_iseq_add_mark_object(rb_iseq_t *iseq, VALUE obj)
{
if (!RTEST(iseq->mark_ary)) {
iseq->mark_ary = rb_ary_tmp_new(3);
- OBJ_UNTRUST(iseq->mark_ary);
RBASIC_CLEAR_CLASS(iseq->mark_ary);
}
rb_ary_push(iseq->mark_ary, obj);
diff --git a/load.c b/load.c
index 6964df5..cf7011b 100644
--- a/load.c
+++ b/load.c
@@ -574,7 +574,6 @@ rb_load_internal(VALUE fname, int wrap)
th->errinfo = Qnil; /* ensure */
if (!wrap) {
- rb_secure(4); /* should alter global state */
th->top_wrapper = 0;
}
else {
diff --git a/marshal.c b/marshal.c
index be5068c..9df02f3 100644
--- a/marshal.c
+++ b/marshal.c
@@ -130,7 +130,7 @@ rb_marshal_define_compat(VALUE newclass, VALUE oldclass, VALUE (*dumper)(VALUE),
st_insert(compat_allocator_tbl, (st_data_t)allocator, (st_data_t)compat);
}
-#define MARSHAL_INFECTION (FL_TAINT|FL_UNTRUSTED)
+#define MARSHAL_INFECTION FL_TAINT
typedef char ruby_check_marshal_viral_flags[MARSHAL_INFECTION == (int)MARSHAL_INFECTION ? 1 : -1];
struct dump_arg {
@@ -1939,7 +1939,7 @@ marshal_load(int argc, VALUE *argv)
}
else if (rb_respond_to(port, s_getbyte) && rb_respond_to(port, s_read)) {
rb_check_funcall(port, s_binmode, 0, 0);
- infection = (int)(FL_TAINT | FL_TEST(port, FL_UNTRUSTED));
+ infection = (int)FL_TAINT;
}
else {
io_needed();
diff --git a/object.c b/object.c
index c1a52bd..683c893 100644
--- a/object.c
+++ b/object.c
@@ -72,7 +72,7 @@ rb_obj_setup(VALUE obj, VALUE klass, VALUE type)
{
RBASIC(obj)->flags = type;
RBASIC_SET_CLASS(obj, klass);
- if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT | FL_UNTRUSTED);
+ if (rb_safe_level() >= 3) FL_SET((obj), FL_TAINT);
return obj;
}
@@ -259,7 +259,7 @@ init_copy(VALUE dest, VALUE obj)
rb_raise(rb_eTypeError, "[bug] frozen object (%s) allocated", rb_obj_classname(dest));
}
RBASIC(dest)->flags &= ~(T_MASK|FL_EXIVAR);
- RBASIC(dest)->flags |= RBASIC(obj)->flags & (T_MASK|FL_EXIVAR|FL_TAINT|FL_UNTRUSTED);
+ RBASIC(dest)->flags |= RBASIC(obj)->flags & (T_MASK|FL_EXIVAR|FL_TAINT);
rb_copy_generic_ivar(dest, obj);
rb_gc_copy_finalizer(dest, obj);
switch (TYPE(obj)) {
@@ -335,7 +335,7 @@ rb_obj_clone(VALUE obj)
rb_raise(rb_eTypeError, "can't clone %s", rb_obj_classname(obj));
}
clone = rb_obj_alloc(rb_obj_class(obj));
- RBASIC(clone)->flags &= (FL_TAINT|FL_UNTRUSTED);
+ RBASIC(clone)->flags &= FL_TAINT;
RBASIC(clone)->flags |= RBASIC(obj)->flags & ~(FL_OLDGEN|FL_FREEZE|FL_FINALIZE);
singleton = rb_singleton_class_clone_and_attach(obj, clone);
@@ -907,7 +907,6 @@ rb_obj_tainted(VALUE obj)
VALUE
rb_obj_taint(VALUE obj)
{
- rb_secure(4);
if (!OBJ_TAINTED(obj)) {
rb_check_frozen(obj);
OBJ_TAINT(obj);
@@ -940,47 +939,28 @@ rb_obj_untaint(VALUE obj)
* call-seq:
* obj.untrusted? -> true or false
*
- * Returns true if the object is untrusted.
- *
- * See #untrust for more information.
+ * Deprecated method that is equivalent to #tainted?.
*/
VALUE
rb_obj_untrusted(VALUE obj)
{
- if (OBJ_UNTRUSTED(obj))
- return Qtrue;
- return Qfalse;
+ rb_warning("untrusted? is deprecated and its behavior is same as tainted?");
+ return rb_obj_tainted(obj);
}
/*
* call-seq:
* obj.untrust -> obj
*
- * Mark the object as untrusted.
- *
- * An untrusted object is not allowed to modify any trusted objects. To check
- * whether an object is trusted, use #untrusted?
- *
- * Any object created by untrusted code is marked as both tainted and
- * untrusted. See #taint for more information.
- *
- * You should only trust an untrusted object if your code has inspected it and
- * determined that it is safe. To do so use #trust
- *
- * In $SAFE level 3 and 4, all objects are tainted and untrusted, any use of
- * trust or taint methods will raise a SecurityError exception.
+ * Deprecated method that is equivalent to #taint.
*/
VALUE
rb_obj_untrust(VALUE obj)
{
- rb_secure(4);
- if (!OBJ_UNTRUSTED(obj)) {
- rb_check_frozen(obj);
- OBJ_UNTRUST(obj);
- }
- return obj;
+ rb_warning("untrust is deprecated and its behavior is same as taint");
+ return rb_obj_taint(obj);
}
@@ -988,20 +968,14 @@ rb_obj_untrust(VALUE obj)
* call-seq:
* obj.trust -> obj
*
- * Removes the untrusted mark from the object.
- *
- * See #untrust for more information.
+ * Deprecated method that is equivalent to #untaint.
*/
VALUE
rb_obj_trust(VALUE obj)
{
- rb_secure(3);
- if (OBJ_UNTRUSTED(obj)) {
- rb_check_frozen(obj);
- FL_UNSET(obj, FL_UNTRUSTED);
- }
- return obj;
+ rb_warning("trust is deprecated and its behavior is same as untaint");
+ return rb_obj_untaint(obj);
}
void
@@ -1037,9 +1011,6 @@ VALUE
rb_obj_freeze(VALUE obj)
{
if (!OBJ_FROZEN(obj)) {
- if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(obj)) {
- rb_raise(rb_eSecurityError, "Insecure: can't freeze object");
- }
OBJ_FREEZE(obj);
if (SPECIAL_CONST_P(obj)) {
if (!immediate_frozen_tbl) {
diff --git a/proc.c b/proc.c
index 605e622..fa30463 100644
--- a/proc.c
+++ b/proc.c
@@ -1532,7 +1532,6 @@ top_define_method(int argc, VALUE *argv, VALUE obj)
rb_thread_t *th = GET_THREAD();
VALUE klass;
- rb_secure(4);
klass = th->top_wrapper;
if (klass) {
rb_warning("main.define_method in the wrapped load is effective only in wrapper module");
diff --git a/process.c b/process.c
index d660289..0cd495e 100644
--- a/process.c
+++ b/process.c
@@ -3535,7 +3535,6 @@ rb_f_exit_bang(int argc, VALUE *argv, VALUE obj)
VALUE status;
int istatus;
- rb_secure(4);
if (argc > 0 && rb_scan_args(argc, argv, "01", &status) == 1) {
istatus = exit_status_code(status);
}
@@ -3609,7 +3608,6 @@ rb_f_exit(int argc, VALUE *argv)
VALUE status;
int istatus;
- rb_secure(4);
if (argc > 0 && rb_scan_args(argc, argv, "01", &status) == 1) {
istatus = exit_status_code(status);
}
@@ -3636,7 +3634,6 @@ rb_f_exit(int argc, VALUE *argv)
VALUE
rb_f_abort(int argc, VALUE *argv)
{
- rb_secure(4);
if (argc == 0) {
if (!NIL_P(GET_THREAD()->errinfo)) {
ruby_error_print();
diff --git a/random.c b/random.c
index 61262fb..5d5a507 100644
--- a/random.c
+++ b/random.c
@@ -687,7 +687,6 @@ rb_f_srand(int argc, VALUE *argv, VALUE obj)
VALUE seed, old;
rb_random_t *r = &default_rand;
- rb_secure(4);
if (argc == 0) {
seed = random_seed();
}
diff --git a/re.c b/re.c
index 96c3c3d..dbcbeb4 100644
--- a/re.c
+++ b/re.c
@@ -2395,8 +2395,6 @@ rb_reg_initialize(VALUE obj, const char *s, long len, rb_encoding *enc,
rb_encoding *fixed_enc = 0;
rb_encoding *a_enc = rb_ascii8bit_encoding();
- if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: can't modify regexp");
rb_check_frozen(obj);
if (FL_TEST(obj, REG_LITERAL))
rb_raise(rb_eSecurityError, "can't modify literal regexp");
diff --git a/safe.c b/safe.c
index cc07513..2ebb9da 100644
--- a/safe.c
+++ b/safe.c
@@ -14,10 +14,9 @@
1 - no dangerous operation by tainted value
2 - process/file operations prohibited
3 - all generated objects are tainted
- 4 - no global (non-tainted) variable modification/no direct output
*/
-#define SAFE_LEVEL_MAX 4
+#define SAFE_LEVEL_MAX 3
#include "ruby/ruby.h"
#include "vm_core.h"
@@ -43,7 +42,7 @@ rb_set_safe_level(int level)
if (level > th->safe_level) {
if (level > SAFE_LEVEL_MAX) {
- level = SAFE_LEVEL_MAX;
+ rb_raise(rb_eArgError, "$SAFE=4 is obsolete");
}
th->safe_level = level;
}
@@ -67,10 +66,10 @@ safe_setter(VALUE val)
th->safe_level, level);
}
if (level == 3) {
- rb_warning("$SAFE=3 does no sandboxing; you might want to use $SAFE=4");
+ rb_warning("$SAFE=3 does no sandboxing");
}
if (level > SAFE_LEVEL_MAX) {
- level = SAFE_LEVEL_MAX;
+ rb_raise(rb_eArgError, "$SAFE=4 is obsolete");
}
th->safe_level = level;
}
@@ -94,8 +93,6 @@ rb_secure(int level)
void
rb_secure_update(VALUE obj)
{
- if (!OBJ_TAINTED(obj))
- rb_secure(4);
}
void
@@ -117,7 +114,6 @@ rb_check_safe_obj(VALUE x)
if (rb_safe_level() > 0 && OBJ_TAINTED(x)) {
rb_insecure_operation();
}
- rb_secure(4);
}
void
diff --git a/string.c b/string.c
index 5c0ff89..98f2df0 100644
--- a/string.c
+++ b/string.c
@@ -704,7 +704,7 @@ rb_str_new_frozen(VALUE orig)
assert(OBJ_FROZEN(str));
ofs = RSTRING_LEN(str) - RSTRING_LEN(orig);
if ((ofs > 0) || (klass != RBASIC(str)->klass) ||
- ((RBASIC(str)->flags ^ RBASIC(orig)->flags) & (FL_TAINT|FL_UNTRUSTED)) ||
+ ((RBASIC(str)->flags ^ RBASIC(orig)->flags) & FL_TAINT) ||
ENCODING_GET(str) != ENCODING_GET(orig)) {
str = str_new3(klass, str);
RSTRING(str)->as.heap.ptr += ofs;
@@ -1305,8 +1305,6 @@ str_modifiable(VALUE str)
rb_raise(rb_eRuntimeError, "can't modify string; temporarily locked");
}
rb_check_frozen(str);
- if (!OBJ_UNTRUSTED(str) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: can't modify string");
}
static inline int
@@ -3659,7 +3657,6 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str)
VALUE pat, repl, hash = Qnil;
int iter = 0;
int tainted = 0;
- int untrusted = 0;
long plen;
int min_arity = rb_block_given_p() ? 1 : 2;
@@ -3674,7 +3671,6 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str)
StringValue(repl);
}
if (OBJ_TAINTED(repl)) tainted = 1;
- if (OBJ_UNTRUSTED(repl)) untrusted = 1;
}
pat = get_pat(argv[0], 1);
@@ -3720,7 +3716,6 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str)
rb_str_modify(str);
rb_enc_associate(str, enc);
if (OBJ_TAINTED(repl)) tainted = 1;
- if (OBJ_UNTRUSTED(repl)) untrusted = 1;
if (ENC_CODERANGE_UNKNOWN < cr && cr < ENC_CODERANGE_BROKEN) {
int cr2 = ENC_CODERANGE(repl);
if (cr2 == ENC_CODERANGE_BROKEN ||
@@ -3745,7 +3740,6 @@ rb_str_sub_bang(int argc, VALUE *argv, VALUE str)
RSTRING_PTR(str)[len] = '\0';
ENC_CODERANGE_SET(str, cr);
if (tainted) OBJ_TAINT(str);
- if (untrusted) OBJ_UNTRUST(str);
return str;
}
diff --git a/test/dl/test_dl2.rb b/test/dl/test_dl2.rb
index 88ef086..955ac1d 100644
--- a/test/dl/test_dl2.rb
+++ b/test/dl/test_dl2.rb
@@ -11,15 +11,6 @@ class TestDL < TestBase
# TODO: refactor test repetition
- def test_free_secure
- assert_raises(SecurityError) do
- Thread.new do
- $SAFE = 4
- DL.free(0)
- end.join
- end
- end
-
def test_realloc
str = "abc"
ptr_id = DL.realloc(0, 4)
@@ -33,15 +24,6 @@ class TestDL < TestBase
DL.free ptr_id
end
- def test_realloc_secure
- assert_raises(SecurityError) do
- Thread.new do
- $SAFE = 4
- DL.realloc(0, 4)
- end.join
- end
- end
-
def test_malloc
str = "abc"
@@ -56,15 +38,6 @@ class TestDL < TestBase
DL.free ptr_id
end
- def test_malloc_security
- assert_raises(SecurityError) do
- Thread.new do
- $SAFE = 4
- DL.malloc(4)
- end.join
- end
- end
-
def test_call_int()
cfunc = CFunc.new(@libc['atoi'], TYPE_INT, 'atoi')
x = cfunc.call(["100"].pack("p").unpack("l!*"))
diff --git a/test/erb/test_erb.rb b/test/erb/test_erb.rb
index 89fdbff..65efd39 100644
--- a/test/erb/test_erb.rb
+++ b/test/erb/test_erb.rb
@@ -185,11 +185,6 @@ EOS
assert_equal(ans, erb.result)
end
- def test_safe_04
- erb = @erb.new('<%=$SAFE%>', 4)
- assert_equal('4', erb.result(TOPLEVEL_BINDING.taint))
- end
-
class Foo; end
def test_def_class
diff --git a/test/readline/test_readline.rb b/test/readline/test_readline.rb
index a4c8e58..17e54ef 100644
--- a/test/readline/test_readline.rb
+++ b/test/readline/test_readline.rb
@@ -18,55 +18,6 @@ class TestReadline < Test::Unit::TestCase
Readline.instance_variable_set("@completion_proc", nil)
end
- def test_safe_level_4
- method_args =
- [
- ["readline"],
- ["input=", $stdin],
- ["output=", $stdout],
- ["completion_proc=", proc {}],
- ["completion_proc"],
- ["completion_case_fold=", true],
- ["completion_case_fold"],
- ["vi_editing_mode"],
- ["vi_editing_mode?"],
- ["emacs_editing_mode"],
- ["emacs_editing_mode?"],
- ["completion_append_character=", "s"],
- ["completion_append_character"],
- ["basic_word_break_characters=", "s"],
- ["basic_word_break_characters"],
- ["completer_word_break_characters=", "s"],
- ["completer_word_break_characters"],
- ["basic_quote_characters=", "\\"],
- ["basic_quote_characters"],
- ["completer_quote_characters=", "\\"],
- ["completer_quote_characters"],
- ["filename_quote_characters=", "\\"],
- ["filename_quote_characters"],
- ["line_buffer"],
- ["point"],
- ["set_screen_size", 1, 1],
- ["get_screen_size"],
- ["pre_input_hook=", proc {}],
- ["pre_input_hook"],
- ["insert_text", ""],
- ["redisplay"],
- ["special_prefixes=", "$"],
- ["special_prefixes"],
- ]
- method_args.each do |method_name, *args|
- assert_raise(SecurityError, NotImplementedError,
- "method=<#{method_name}>") do
- Thread.start {
- $SAFE = 4
- Readline.send(method_name.to_sym, *args)
- assert(true)
- }.join
- end
- end
- end
-
if !/EditLine/n.match(Readline::VERSION)
def test_readline
with_temp_stdio do |stdin, stdout|
@@ -90,12 +41,6 @@ class TestReadline < Test::Unit::TestCase
end
}.join
end
- assert_raise(SecurityError) do
- Thread.start {
- $SAFE = 4
- replace_stdio(stdin.path, stdout.path) { Readline.readline("> ") }
- }.join
- end
end
end
diff --git a/test/readline/test_readline_history.rb b/test/readline/test_readline_history.rb
index e21d170..4bcd7b3 100644
--- a/test/readline/test_readline_history.rb
+++ b/test/readline/test_readline_history.rb
@@ -39,41 +39,6 @@ class Readline::TestHistory < Test::Unit::TestCase
HISTORY.clear
end
- def test_safe_level_4
- method_args =
- [
- ["[]", [0]],
- ["[]=", [0, "s"]],
- ["\<\<", ["s"]],
- ["push", ["s"]],
- ["pop", []],
- ["shift", []],
- ["length", []],
- ["delete_at", [0]],
- ["clear", []],
- ]
- method_args.each do |method_name, args|
- assert_raise(SecurityError, NotImplementedError,
- "method=<#{method_name}>") do
- Thread.start {
- $SAFE = 4
- HISTORY.send(method_name.to_sym, *args)
- assert(true)
- }.join
- end
- end
-
- assert_raise(SecurityError, NotImplementedError,
- "method=<each>") do
- Thread.start {
- $SAFE = 4
- HISTORY.each { |s|
- assert(true)
- }
- }.join
- end
- end
-
def test_to_s
expected = "HISTORY"
assert_equal(expected, HISTORY.to_s)
diff --git a/test/ruby/test_alias.rb b/test/ruby/test_alias.rb
index e154982..0fd8d5f 100644
--- a/test/ruby/test_alias.rb
+++ b/test/ruby/test_alias.rb
@@ -52,16 +52,6 @@ class TestAlias < Test::Unit::TestCase
end
end
- def test_JVN_83768862
- d = lambda {
- $SAFE = 4
- dclass = Class.new(C)
- dclass.send(:alias_method, :mm, :m)
- dclass.new
- }.call
- assert_raise(SecurityError) { d.mm }
- end
-
def test_nonexistmethod
assert_raise(NameError){
Class.new{
diff --git a/test/ruby/test_array.rb b/test/ruby/test_array.rb
index 6807598..63db980 100644
--- a/test/ruby/test_array.rb
+++ b/test/ruby/test_array.rb
@@ -1732,19 +1732,6 @@ class TestArray < Test::Unit::TestCase
assert_equal([3,4,5,0], [1,2,3,4,5,0].drop_while {|i| i < 3 })
end
- def test_modify_check
- a = []
- a.freeze
- assert_raise(RuntimeError) { a.shift }
- a = [1, 2]
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- a.shift
- end.value
- end
- end
-
LONGP = [127, 63, 31, 15, 7].map {|x| 2**x-1 }.find do |x|
begin
[].first(x)
diff --git a/test/ruby/test_dir.rb b/test/ruby/test_dir.rb
index 1c8f73e..d8f6868 100644
--- a/test/ruby/test_dir.rb
+++ b/test/ruby/test_dir.rb
@@ -43,15 +43,6 @@ class TestDir < Test::Unit::TestCase
end
end
- def test_JVN_13947696
- b = lambda {
- d = Dir.open('.')
- $SAFE = 4
- d.close
- }
- assert_raise(SecurityError) { b.call }
- end
-
def test_nodir
assert_raise(Errno::ENOENT) { Dir.open(@nodir) }
end
@@ -90,12 +81,6 @@ class TestDir < Test::Unit::TestCase
d.rewind
b = (0..5).map { d.read }
assert_equal(a, b)
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- d.rewind
- end.join
- end
ensure
d.close
end
diff --git a/test/ruby/test_encoding.rb b/test/ruby/test_encoding.rb
index ef2dc39..c1ded6c 100644
--- a/test/ruby/test_encoding.rb
+++ b/test/ruby/test_encoding.rb
@@ -100,11 +100,6 @@ class TestEncoding < Test::Unit::TestCase
assert_equal(str, str2, '[ruby-dev:38596]')
end
- def test_unsafe
- bug5279 = '[ruby-dev:44469]'
- assert_ruby_status([], '$SAFE=4; "a".encode("utf-16be")', bug5279)
- end
-
def test_compatible_p
ua = "abc".force_encoding(Encoding::UTF_8)
assert_equal(Encoding::UTF_8, Encoding.compatible?(ua, :abc))
diff --git a/test/ruby/test_env.rb b/test/ruby/test_env.rb
index 618be37..b4c2d1f 100644
--- a/test/ruby/test_env.rb
+++ b/test/ruby/test_env.rb
@@ -114,12 +114,6 @@ class TestEnv < Test::Unit::TestCase
end
def test_aset
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- ENV["test"] = "foo"
- end.join
- end
assert_nothing_raised { ENV["test"] = nil }
assert_equal(nil, ENV["test"])
assert_raise(ArgumentError) { ENV["foo\0bar"] = "test" }
diff --git a/test/ruby/test_eval.rb b/test/ruby/test_eval.rb
index a97b982..790e288 100644
--- a/test/ruby/test_eval.rb
+++ b/test/ruby/test_eval.rb
@@ -440,16 +440,6 @@ class TestEval < Test::Unit::TestCase
assert_raise(RuntimeError) { eval("raise ''") }
end
- def test_eval_using_untainted_binding_under_safe4
- assert_raise(SecurityError) do
- Thread.new do
- b = binding
- $SAFE = 4
- eval("", b)
- end.join
- end
- end
-
def test_eval_with_toplevel_binding # [ruby-dev:37142]
ruby("-e", "x = 0; eval('p x', TOPLEVEL_BINDING)") do |f|
f.close_write
diff --git a/test/ruby/test_exception.rb b/test/ruby/test_exception.rb
index c829a17..4a0edc3 100644
--- a/test/ruby/test_exception.rb
+++ b/test/ruby/test_exception.rb
@@ -255,25 +255,6 @@ class TestException < Test::Unit::TestCase
INPUT
end
- def test_safe4
- cmd = proc{raise SystemExit}
- safe0_p = proc{|*args| args}
-
- test_proc = proc {
- $SAFE = 4
- begin
- cmd.call
- rescue SystemExit => e
- safe0_p["SystemExit: #{e.inspect}"]
- raise e
- rescue Exception => e
- safe0_p["Exception (NOT SystemExit): #{e.inspect}"]
- raise e
- end
- }
- assert_raise(SystemExit, '[ruby-dev:38760]') {test_proc.call}
- end
-
def test_thread_signal_location
_, stderr, _ = EnvUtil.invoke_ruby("--disable-gems -d", <<-RUBY, false, true)
Thread.start do
@@ -475,32 +456,4 @@ end.join
s = e.to_s
assert_equal(false, s.tainted?)
end
-
- def test_exception_to_s_should_not_propagate_untrustedness
- favorite_lang = "Ruby"
-
- for exc in [Exception, NameError]
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- exc.new(favorite_lang).to_s
- favorite_lang.replace("Python")
- }.call
- end
- end
-
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- o = Object.new
- o.singleton_class.send(:define_method, :to_str) {
- favorite_lang
- }
- NameError.new(o).to_s
- favorite_lang.replace("Python")
- }.call
- end
-
- assert_equal("Ruby", favorite_lang)
- end
end
diff --git a/test/ruby/test_file_exhaustive.rb b/test/ruby/test_file_exhaustive.rb
index 8a33258..3394d12 100644
--- a/test/ruby/test_file_exhaustive.rb
+++ b/test/ruby/test_file_exhaustive.rb
@@ -1109,15 +1109,6 @@ class TestFileExhaustive < Test::Unit::TestCase
assert_nothing_raised { ENV["PATH"] }
end
- def test_find_file
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- load(@file)
- end.join
- end
- end
-
def test_size
assert_equal(3, File.open(@file) {|f| f.size })
File.open(@file, "a") do |f|
diff --git a/test/ruby/test_hash.rb b/test/ruby/test_hash.rb
index dbc3ed2..3168760 100644
--- a/test/ruby/test_hash.rb
+++ b/test/ruby/test_hash.rb
@@ -722,16 +722,6 @@ class TestHash < Test::Unit::TestCase
assert_equal([], expected - vals)
end
- def test_security_check
- h = {}
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- h[1] = 1
- end.join
- end
- end
-
def test_intialize_wrong_arguments
assert_raise(ArgumentError) do
Hash.new(0) { }
diff --git a/test/ruby/test_io.rb b/test/ruby/test_io.rb
index 959982f..e42ace1 100644
--- a/test/ruby/test_io.rb
+++ b/test/ruby/test_io.rb
@@ -918,17 +918,6 @@ class TestIO < Test::Unit::TestCase
}
end
- def safe_4
- t = Thread.new do
- $SAFE = 4
- yield
- end
- unless t.join(10)
- t.kill
- flunk("timeout in safe_4")
- end
- end
-
def ruby(*args)
args = ['-e', '$>.write($<.read)'] if args.empty?
ruby = EnvUtil.rubybin
@@ -1001,9 +990,6 @@ class TestIO < Test::Unit::TestCase
def test_inspect
with_pipe do |r, w|
assert_match(/^#<IO:fd \d+>$/, r.inspect)
- assert_raise(SecurityError) do
- safe_4 { r.inspect }
- end
end
end
@@ -1179,14 +1165,6 @@ class TestIO < Test::Unit::TestCase
end
end
- def test_close_read_security_error
- with_pipe do |r, w|
- assert_raise(SecurityError) do
- safe_4 { r.close_read }
- end
- end
- end
-
def test_close_read_non_readable
with_pipe do |r, w|
assert_raise(IOError) do
@@ -1203,14 +1181,6 @@ class TestIO < Test::Unit::TestCase
end
end
- def test_close_write_security_error
- with_pipe do |r, w|
- assert_raise(SecurityError) do
- safe_4 { r.close_write }
- end
- end
- end
-
def test_close_write_non_readable
with_pipe do |r, w|
assert_raise(IOError) do
@@ -1441,14 +1411,6 @@ class TestIO < Test::Unit::TestCase
end
end
- def test_close_security_error
- with_pipe do |r, w|
- assert_raise(SecurityError) do
- safe_4 { r.close }
- end
- end
- end
-
def test_pos
make_tempfile {|t|
@@ -1710,12 +1672,6 @@ class TestIO < Test::Unit::TestCase
def test_reopen
make_tempfile {|t|
- with_pipe do |r, w|
- assert_raise(SecurityError) do
- safe_4 { r.reopen(t.path) }
- end
- end
-
open(__FILE__) do |f|
f.gets
assert_nothing_raised {
diff --git a/test/ruby/test_method.rb b/test/ruby/test_method.rb
index ca790df..b46d67c 100644
--- a/test/ruby/test_method.rb
+++ b/test/ruby/test_method.rb
@@ -325,15 +325,6 @@ class TestMethod < Test::Unit::TestCase
assert_equal(:bar, m.clone.bar)
end
- def test_call
- o = Object.new
- def o.foo; p 1; end
- def o.bar(x); x; end
- m = o.method(:foo)
- m.taint
- assert_raise(SecurityError) { m.call }
- end
-
def test_inspect
o = Object.new
def o.foo; end
diff --git a/test/ruby/test_module.rb b/test/ruby/test_module.rb
index 816e5dc..5574bf0 100644
--- a/test/ruby/test_module.rb
+++ b/test/ruby/test_module.rb
@@ -760,13 +760,6 @@ class TestModule < Test::Unit::TestCase
end
def test_undef
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- Class.instance_eval { undef_method(:foo) }
- end.join
- end
-
c = Class.new
assert_raise(NameError) do
c.instance_eval { undef_method(:foo) }
@@ -861,19 +854,6 @@ class TestModule < Test::Unit::TestCase
assert_equal(true, c.private_method_defined?(:baz))
end
- def test_change_visibility_under_safe4
- c = Class.new
- c.class_eval do
- def foo; end
- end
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- c.class_eval { private :foo }
- end.join
- end
- end
-
def test_top_public_private
assert_in_out_err([], <<-INPUT, %w([:foo] [:bar]), [])
private
@@ -970,24 +950,6 @@ class TestModule < Test::Unit::TestCase
assert_equal(false, m.include?(m))
end
- def test_include_under_safe4
- m = Module.new
- c1 = Class.new
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- c1.instance_eval { include(m) }
- }.call
- end
- assert_nothing_raised do
- lambda {
- $SAFE = 4
- c2 = Class.new
- c2.instance_eval { include(m) }
- }.call
- end
- end
-
def test_send
a = AClass.new
assert_equal(:aClass, a.__send__(:aClass))
diff --git a/test/ruby/test_object.rb b/test/ruby/test_object.rb
index 1da7f25..7b660ce 100644
--- a/test/ruby/test_object.rb
+++ b/test/ruby/test_object.rb
@@ -52,16 +52,6 @@ class TestObject < Test::Unit::TestCase
assert_raise(RuntimeError) { o.untaint }
end
- def test_freeze_under_safe_4
- o = Object.new
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- o.freeze
- end.join
- end
- end
-
def test_freeze_immediate
assert_equal(true, 1.frozen?)
1.freeze
@@ -282,17 +272,6 @@ class TestObject < Test::Unit::TestCase
assert_equal(1+3+5+7+9, n)
end
- def test_add_method_under_safe4
- o = Object.new
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- def o.foo
- end
- end.join
- end
- end
-
def test_redefine_method_under_verbose
assert_in_out_err([], <<-INPUT, %w(2), /warning: method redefined; discarding old foo$/)
$VERBOSE = true
@@ -316,20 +295,6 @@ class TestObject < Test::Unit::TestCase
end
def test_remove_method
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- Object.instance_eval { remove_method(:foo) }
- end.join
- end
-
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- Class.instance_eval { remove_method(:foo) }
- end.join
- end
-
c = Class.new
c.freeze
assert_raise(RuntimeError) do
@@ -687,72 +652,21 @@ class TestObject < Test::Unit::TestCase
end
def test_untrusted
- obj = lambda {
- $SAFE = 4
- x = Object.new
- x.instance_eval { @foo = 1 }
- x
- }.call
+ obj = Object.new
+ assert_equal(false, obj.untrusted?)
+ assert_equal(false, obj.tainted?)
+ obj.untrust
assert_equal(true, obj.untrusted?)
assert_equal(true, obj.tainted?)
-
- x = Object.new
- assert_equal(false, x.untrusted?)
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- x.instance_eval { @foo = 1 }
- }.call
- end
-
- x = Object.new
- x.taint
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- x.instance_eval { @foo = 1 }
- }.call
- end
-
- x.untrust
- assert_equal(true, x.untrusted?)
- assert_nothing_raised do
- lambda {
- $SAFE = 4
- x.instance_eval { @foo = 1 }
- }.call
- end
-
- x.trust
- assert_equal(false, x.untrusted?)
- assert_raise(SecurityError) do
- lambda {
- $SAFE = 4
- x.instance_eval { @foo = 1 }
- }.call
- end
-
- a = Object.new
- a.untrust
- assert_equal(true, a.untrusted?)
- b = a.dup
- assert_equal(true, b.untrusted?)
- c = a.clone
- assert_equal(true, c.untrusted?)
-
- a = Object.new
- b = lambda {
- $SAFE = 4
- a.dup
- }.call
- assert_equal(true, b.untrusted?)
-
- a = Object.new
- b = lambda {
- $SAFE = 4
- a.clone
- }.call
- assert_equal(true, b.untrusted?)
+ obj.trust
+ assert_equal(false, obj.untrusted?)
+ assert_equal(false, obj.tainted?)
+ obj.taint
+ assert_equal(true, obj.untrusted?)
+ assert_equal(true, obj.tainted?)
+ obj.untaint
+ assert_equal(false, obj.untrusted?)
+ assert_equal(false, obj.tainted?)
end
def test_to_s
@@ -813,42 +727,6 @@ class TestObject < Test::Unit::TestCase
assert_match(/\bInspect\u{3042}:.* @\u{3044}=42\b/, x)
end
- def test_exec_recursive
- Thread.current[:__recursive_key__] = nil
- a = [[]]
- a.inspect
-
- assert_nothing_raised do
- -> do
- $SAFE = 4
- begin
- a.hash
- rescue ArgumentError
- end
- end.call
- end
-
- -> do
- assert_nothing_raised do
- $SAFE = 4
- a.inspect
- end
- end.call
-
- -> do
- o = Object.new
- def o.to_ary(x); end
- def o.==(x); $SAFE = 4; false; end
- a = [[o]]
- b = []
- b << b
-
- assert_nothing_raised do
- b == a
- end
- end.call
- end
-
def test_singleton_class
x = Object.new
xs = class << x; self; end
@@ -895,12 +773,6 @@ class TestObject < Test::Unit::TestCase
c = a.dup.freeze
assert_raise(RuntimeError, "frozen") {c.instance_eval {initialize_copy(b)}}
d = a.dup.trust
- assert_raise(SecurityError, "untrust") do
- proc {
- $SAFE = 4
- d.instance_eval {initialize_copy(b)}
- }.call
- end
[a, b, c, d]
end
diff --git a/test/ruby/test_pack.rb b/test/ruby/test_pack.rb
index 9dbb0b0..7848eb5 100644
--- a/test/ruby/test_pack.rb
+++ b/test/ruby/test_pack.rb
@@ -644,16 +644,6 @@ EXPECTED
assert_equal([0x100000000], "\220\200\200\200\000".unpack("w"), [0x100000000])
end
- def test_modify_under_safe4
- s = "foo"
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- s.clear
- end.join
- end
- end
-
def test_length_too_big
assert_raise(RangeError) { [].pack("C100000000000000000000") }
end
diff --git a/test/ruby/test_rand.rb b/test/ruby/test_rand.rb
index 611e9f5..98615f8 100644
--- a/test/ruby/test_rand.rb
+++ b/test/ruby/test_rand.rb
@@ -504,18 +504,6 @@ END
end
end
- def test_marshal_load_insecure
- r = Random.new(0)
- d = r.__send__(:marshal_dump)
- l = proc do
- $SAFE = 4
- r.__send__(:marshal_load, d)
- end
- assert_raise(SecurityError, '[Bug #6540]') do
- l.call
- end
- end
-
def test_random_ulong_limited
def (gen = Object.new).rand(*) 1 end
assert_equal([2], (1..100).map {[1,2,3].sample(random: gen)}.uniq)
diff --git a/test/ruby/test_regexp.rb b/test/ruby/test_regexp.rb
index 9ad9afe..a91ae8b 100644
--- a/test/ruby/test_regexp.rb
+++ b/test/ruby/test_regexp.rb
@@ -340,14 +340,6 @@ class TestRegexp < Test::Unit::TestCase
def test_initialize
assert_raise(ArgumentError) { Regexp.new }
assert_equal(/foo/, Regexp.new(/foo/, Regexp::IGNORECASE))
- re = /foo/
- assert_raise(SecurityError) do
- Thread.new { $SAFE = 4; re.instance_eval { initialize(re) } }.join
- end
- re.taint
- assert_raise(SecurityError) do
- Thread.new { $SAFE = 4; re.instance_eval { initialize(re) } }.join
- end
assert_equal(Encoding.find("US-ASCII"), Regexp.new("b..", nil, "n").encoding)
assert_equal("bar", "foobarbaz"[Regexp.new("b..", nil, "n")])
@@ -545,12 +537,12 @@ class TestRegexp < Test::Unit::TestCase
def test_taint
m = Thread.new do
"foo"[/foo/]
- $SAFE = 4
+ $SAFE = 3
/foo/.match("foo")
end.value
assert(m.tainted?)
assert_nothing_raised('[ruby-core:26137]') {
- m = proc {$SAFE = 4; %r"#{ }"o}.call
+ m = proc {$SAFE = 3; %r"#{ }"o}.call
}
assert(m.tainted?)
end
diff --git a/test/ruby/test_settracefunc.rb b/test/ruby/test_settracefunc.rb
index b010846..ab1a37f 100644
--- a/test/ruby/test_settracefunc.rb
+++ b/test/ruby/test_settracefunc.rb
@@ -397,42 +397,6 @@ class TestSetTraceFunc < Test::Unit::TestCase
assert_equal(self, ok, bug3921)
end
- def assert_security_error_safe4(block)
- assert_raise(SecurityError) do
- block.call
- end
- end
-
- def test_set_safe4
- func = proc do
- $SAFE = 4
- set_trace_func(lambda {|*|})
- end
- assert_security_error_safe4(func)
- end
-
- def test_thread_set_safe4
- th = Thread.start {sleep}
- func = proc do
- $SAFE = 4
- th.set_trace_func(lambda {|*|})
- end
- assert_security_error_safe4(func)
- ensure
- th.kill
- end
-
- def test_thread_add_safe4
- th = Thread.start {sleep}
- func = proc do
- $SAFE = 4
- th.add_trace_func(lambda {|*|})
- end
- assert_security_error_safe4(func)
- ensure
- th.kill
- end
-
class << self
define_method(:method_added, Module.method(:method_added))
end
@@ -924,24 +888,6 @@ class TestSetTraceFunc < Test::Unit::TestCase
end
end
- def test_trace_point_enable_safe4
- tp = TracePoint.new {}
- func = proc do
- $SAFE = 4
- tp.enable
- end
- assert_security_error_safe4(func)
- end
-
- def test_trace_point_disable_safe4
- tp = TracePoint.new {}
- func = proc do
- $SAFE = 4
- tp.disable
- end
- assert_security_error_safe4(func)
- end
-
def m1_for_test_trace_point_binding_in_ifunc(arg)
arg + nil
rescue
diff --git a/test/ruby/test_struct.rb b/test/ruby/test_struct.rb
index 1c10877..c5ac2eb 100644
--- a/test/ruby/test_struct.rb
+++ b/test/ruby/test_struct.rb
@@ -74,17 +74,6 @@ class TestStruct < Test::Unit::TestCase
assert_raise(NameError) { o[:b] }
end
- def test_modify
- klass = Struct.new(:a)
- o = klass.new(1)
- assert_raise(SecurityError) do
- Thread.new do
- $SAFE = 4
- o.a = 2
- end.value
- end
- end
-
def test_set
klass = Struct.new(:a)
o = klass.new(1)
@@ -263,19 +252,6 @@ class TestStruct < Test::Unit::TestCase
}
end
- def test_struct_subclass
- bug5036 = '[ruby-dev:44122]'
- st = Class.new(Struct)
- s = st.new("S", :m).new
- error = assert_raise(SecurityError) do
- proc do
- $SAFE = 4
- s.m = 1
- end.call
- end
- assert_equal("Insecure: can't modify #{st}::S", error.message, bug5036)
- end
-
def test_to_h
klass = Struct.new(:a, :b, :c, :d, :e, :f)
o = klass.new(1, 2, 3, 4, 5, 6)
diff --git a/test/ruby/test_thread.rb b/test/ruby/test_thread.rb
index d9b8afc..46831f3 100644
--- a/test/ruby/test_thread.rb
+++ b/test/ruby/test_thread.rb
@@ -88,18 +88,6 @@ class TestThread < Test::Unit::TestCase
end
end
- def test_thread_variable_security
- t = Thread.new { sleep }
-
- assert_raises(SecurityError) do
- Thread.new { $SAFE = 4; t.thread_variable_get(:foo) }.join
- end
-
- assert_raises(SecurityError) do
- Thread.new { $SAFE = 4; t.thread_variable_set(:foo, :baz) }.join
- end
- end
-
def test_mutex_synchronize
m = Mutex.new
r = 0
@@ -396,14 +384,6 @@ class TestThread < Test::Unit::TestCase
def test_thread_local_security
t = Thread.new { sleep }
- assert_raise(SecurityError) do
- Thread.new { $SAFE = 4; t[:foo] }.join
- end
-
- assert_raise(SecurityError) do
- Thread.new { $SAFE = 4; t[:foo] = :baz }.join
- end
-
assert_raise(RuntimeError) do
Thread.new do
Thread.current[:foo] = :bar
diff --git a/test/ruby/test_time.rb b/test/ruby/test_time.rb
index 22df270..2a56836 100644
--- a/test/ruby/test_time.rb
+++ b/test/ruby/test_time.rb
@@ -312,16 +312,6 @@ class TestTime < Test::Unit::TestCase
"[ruby-dev:44827] [Bug #5586]")
end
- def test_security_error
- assert_raise(SecurityError) do
- Thread.new do
- t = Time.gm(2000)
- $SAFE = 4
- t.localtime
- end.join
- end
- end
-
def test_at3
t2000 = get_t2000
assert_equal(t2000, Time.at(t2000))
@@ -884,20 +874,6 @@ class TestTime < Test::Unit::TestCase
assert_raise(NoMethodError, bug5012) { t1.m }
end
- def test_time_subclass
- bug5036 = '[ruby-dev:44122]'
- tc = Class.new(Time)
- tc.inspect
- t = tc.now
- error = assert_raise(SecurityError) do
- proc do
- $SAFE = 4
- t.gmtime
- end.call
- end
- assert_equal("Insecure: can't modify #{tc}", error.message, bug5036)
- end
-
def test_sec_str
bug6193 = '[ruby-core:43569]'
t = nil
diff --git a/thread.c b/thread.c
index c845fd2..40a21bd 100644
--- a/thread.c
+++ b/thread.c
@@ -2165,7 +2165,6 @@ rb_thread_kill(VALUE thread)
GetThreadPtr(thread, th);
if (th != GET_THREAD() && th->safe_level < 4) {
- rb_secure(4);
}
if (th->to_kill || th->status == THREAD_KILLED) {
return thread;
@@ -2474,7 +2473,6 @@ rb_thread_s_abort_exc(void)
static VALUE
rb_thread_s_abort_exc_set(VALUE self, VALUE val)
{
- rb_secure(4);
GET_THREAD()->vm->thread_abort_on_exception = RTEST(val);
return val;
}
@@ -2523,7 +2521,6 @@ static VALUE
rb_thread_abort_exc_set(VALUE thread, VALUE val)
{
rb_thread_t *th;
- rb_secure(4);
GetThreadPtr(thread, th);
th->abort_on_exception = RTEST(val);
@@ -3142,7 +3139,6 @@ rb_thread_priority_set(VALUE thread, VALUE prio)
int priority;
GetThreadPtr(thread, th);
- rb_secure(4);
#if USE_NATIVE_THREAD_PRIORITY
th->priority = NUM2INT(prio);
@@ -4116,7 +4112,6 @@ thgroup_add(VALUE group, VALUE thread)
rb_thread_t *th;
struct thgroup *data;
- rb_secure(4);
GetThreadPtr(thread, th);
if (OBJ_FROZEN(group)) {
@@ -4738,7 +4733,6 @@ recursive_list_access(void)
VALUE list;
if (NIL_P(hash) || !RB_TYPE_P(hash, T_HASH)) {
hash = rb_hash_new();
- OBJ_UNTRUST(hash);
rb_thread_local_aset(rb_thread_current(), recursive_key, hash);
list = Qnil;
}
@@ -4747,7 +4741,6 @@ recursive_list_access(void)
}
if (NIL_P(list) || !RB_TYPE_P(list, T_HASH)) {
list = rb_hash_new();
- OBJ_UNTRUST(list);
rb_hash_aset(hash, sym, list);
}
return list;
@@ -4809,7 +4802,6 @@ recursive_push(VALUE list, VALUE obj, VALUE paired_obj)
if (!RB_TYPE_P(pair_list, T_HASH)){
VALUE other_paired_obj = pair_list;
pair_list = rb_hash_new();
- OBJ_UNTRUST(pair_list);
rb_hash_aset(pair_list, other_paired_obj, Qtrue);
rb_hash_aset(list, obj, pair_list);
}
diff --git a/transcode.c b/transcode.c
index badb846..54fc316 100644
--- a/transcode.c
+++ b/transcode.c
@@ -377,7 +377,7 @@ load_transcoder_entry(transcoder_entry_t *entry)
memcpy(path, transcoder_lib_prefix, sizeof(transcoder_lib_prefix) - 1);
memcpy(path + sizeof(transcoder_lib_prefix) - 1, lib, len);
rb_str_set_len(fn, total_len);
- FL_UNSET(fn, FL_TAINT|FL_UNTRUSTED);
+ FL_UNSET(fn, FL_TAINT);
OBJ_FREEZE(fn);
if (!rb_require_safe(fn, safe > 3 ? 3 : safe))
return NULL;
diff --git a/variable.c b/variable.c
index 82dd217..8f21847 100644
--- a/variable.c
+++ b/variable.c
@@ -645,7 +645,6 @@ rb_f_trace_var(int argc, VALUE *argv)
struct global_entry *entry;
struct trace_var *trace;
- rb_secure(4);
if (rb_scan_args(argc, argv, "11", &var, &cmd) == 1) {
cmd = rb_block_proc();
}
@@ -707,7 +706,6 @@ rb_f_untrace_var(int argc, VALUE *argv)
struct trace_var *trace;
st_data_t data;
- rb_secure(4);
rb_scan_args(argc, argv, "11", &var, &cmd);
id = rb_check_id(&var);
if (!id) {
@@ -1130,8 +1128,6 @@ rb_ivar_set(VALUE obj, ID id, VALUE val)
long i, len;
int ivar_extended;
- if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable");
rb_check_frozen(obj);
if (SPECIAL_CONST_P(obj)) goto generic;
switch (BUILTIN_TYPE(obj)) {
@@ -1404,8 +1400,6 @@ rb_obj_remove_instance_variable(VALUE obj, VALUE name)
struct st_table *iv_index_tbl;
st_data_t index;
- if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable");
rb_check_frozen(obj);
if (!id) {
if (rb_is_instance_name(name)) {
@@ -1939,8 +1933,6 @@ rb_const_remove(VALUE mod, ID id)
VALUE val;
st_data_t v, n = id;
- if (!OBJ_UNTRUSTED(mod) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: can't remove constant");
rb_check_frozen(mod);
if (!RCLASS_CONST_TBL(mod) || !st_delete(RCLASS_CONST_TBL(mod), &n, &v)) {
if (rb_const_defined_at(mod, id)) {
@@ -2131,8 +2123,6 @@ rb_public_const_defined_at(VALUE klass, ID id)
static void
check_before_mod_set(VALUE klass, ID id, VALUE val, const char *dest)
{
- if (!OBJ_UNTRUSTED(klass) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: can't set %s", dest);
rb_check_frozen(klass);
}
@@ -2206,7 +2196,6 @@ rb_define_const(VALUE klass, const char *name, VALUE val)
rb_warn("rb_define_const: invalid name `%s' for constant", name);
}
if (klass == rb_cObject) {
- rb_secure(4);
}
rb_const_set(klass, id, val);
}
@@ -2224,11 +2213,6 @@ set_const_visibility(VALUE mod, int argc, VALUE *argv, rb_const_flag_t flag)
st_data_t v;
ID id;
- if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(mod)) {
- rb_raise(rb_eSecurityError,
- "Insecure: can't change constant visibility");
- }
-
if (argc == 0) {
rb_warning("%"PRIsVALUE" with no argument is just ignored",
QUOTE_ID(rb_frame_callee()));
@@ -2563,8 +2547,6 @@ rb_mod_remove_cvar(VALUE mod, VALUE name)
if (!rb_is_class_id(id)) {
rb_name_error(id, "wrong class variable name %"PRIsVALUE"", QUOTE_ID(id));
}
- if (!OBJ_UNTRUSTED(mod) && rb_safe_level() >= 4)
- rb_raise(rb_eSecurityError, "Insecure: can't remove class variable");
rb_check_frozen(mod);
if (RCLASS_IV_TBL(mod) && st_delete(RCLASS_IV_TBL(mod), &n, &val)) {
return (VALUE)val;
diff --git a/vm_insnhelper.c b/vm_insnhelper.c
index 061b020..b57cccd 100644
--- a/vm_insnhelper.c
+++ b/vm_insnhelper.c
@@ -559,10 +559,6 @@ static inline VALUE
vm_setivar(VALUE obj, ID id, VALUE val, IC ic, rb_call_info_t *ci, int is_attr)
{
#if USE_IC_FOR_IVAR
- if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4) {
- rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable");
- }
-
rb_check_frozen(obj);
if (RB_TYPE_P(obj, T_OBJECT)) {
diff --git a/vm_method.c b/vm_method.c
index 35e1d6f..70fda7b 100644
--- a/vm_method.c
+++ b/vm_method.c
@@ -234,10 +234,6 @@ rb_method_entry_make(VALUE klass, ID mid, rb_method_type_t type,
if (NIL_P(klass)) {
klass = rb_cObject;
}
- if (rb_safe_level() >= 4 &&
- (klass == rb_cObject || !OBJ_UNTRUSTED(klass))) {
- rb_raise(rb_eSecurityError, "Insecure: can't define method");
- }
if (!FL_TEST(klass, FL_SINGLETON) &&
type != VM_METHOD_TYPE_NOTIMPLEMENTED &&
type != VM_METHOD_TYPE_ZSUPER &&
@@ -657,10 +653,6 @@ remove_method(VALUE klass, ID mid)
klass = RCLASS_ORIGIN(klass);
if (klass == rb_cObject) {
- rb_secure(4);
- }
- if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(klass)) {
- rb_raise(rb_eSecurityError, "Insecure: can't remove method");
}
rb_check_frozen(klass);
if (mid == object_id || mid == id__send__ || mid == idInitialize) {
@@ -744,7 +736,6 @@ rb_export_method(VALUE klass, ID name, rb_method_flag_t noex)
VALUE defined_class;
if (klass == rb_cObject) {
- rb_secure(4);
}
me = search_method(klass, name, &defined_class);
@@ -847,10 +838,6 @@ rb_undef(VALUE klass, ID id)
rb_raise(rb_eTypeError, "no class to undef method");
}
if (rb_vm_cbase() == rb_cObject && klass == rb_cObject) {
- rb_secure(4);
- }
- if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(klass)) {
- rb_raise(rb_eSecurityError, "Insecure: can't undef `%s'", rb_id2name(id));
}
rb_frozen_class_p(klass);
if (id == object_id || id == id__send__ || id == idInitialize) {
@@ -1201,7 +1188,6 @@ rb_alias(VALUE klass, ID name, ID def)
rb_frozen_class_p(klass);
if (klass == rb_cObject) {
- rb_secure(4);
}
again:
@@ -1259,19 +1245,9 @@ rb_mod_alias_method(VALUE mod, VALUE newname, VALUE oldname)
}
static void
-secure_visibility(VALUE self)
-{
- if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(self)) {
- rb_raise(rb_eSecurityError,
- "Insecure: can't change method visibility");
- }
-}
-
-static void
set_method_visibility(VALUE self, int argc, VALUE *argv, rb_method_flag_t ex)
{
int i;
- secure_visibility(self);
if (argc == 0) {
rb_warning("%"PRIsVALUE" with no argument is just ignored",
@@ -1293,7 +1269,6 @@ set_method_visibility(VALUE self, int argc, VALUE *argv, rb_method_flag_t ex)
static VALUE
set_visibility(int argc, VALUE *argv, VALUE module, rb_method_flag_t ex)
{
- secure_visibility(module);
if (argc == 0) {
SCOPE_SET(ex);
}
@@ -1495,7 +1470,6 @@ rb_mod_modfunc(int argc, VALUE *argv, VALUE module)
rb_raise(rb_eTypeError, "module_function must be called for modules");
}
- secure_visibility(module);
if (argc == 0) {
SCOPE_SET(NOEX_MODFUNC);
return module;
diff --git a/vm_trace.c b/vm_trace.c
index d0bcc3a..48d4e34 100644
--- a/vm_trace.c
+++ b/vm_trace.c
@@ -449,7 +449,6 @@ static void call_trace_func(rb_event_flag_t, VALUE data, VALUE self, ID id, VALU
static VALUE
set_trace_func(VALUE obj, VALUE trace)
{
- rb_secure(4);
rb_remove_event_hook(call_trace_func);
@@ -489,7 +488,6 @@ thread_add_trace_func_m(VALUE obj, VALUE trace)
{
rb_thread_t *th;
- rb_secure(4);
GetThreadPtr(obj, th);
thread_add_trace_func(th, trace);
return trace;
@@ -511,7 +509,6 @@ thread_set_trace_func_m(VALUE obj, VALUE trace)
{
rb_thread_t *th;
- rb_secure(4);
GetThreadPtr(obj, th);
rb_threadptr_remove_event_hook(th, call_trace_func, Qundef);
@@ -973,7 +970,6 @@ rb_tracepoint_enable(VALUE tpval)
{
rb_tp_t *tp;
- rb_secure(4);
tp = tpptr(tpval);
if (tp->target_th) {
@@ -993,7 +989,6 @@ rb_tracepoint_disable(VALUE tpval)
{
rb_tp_t *tp;
- rb_secure(4);
tp = tpptr(tpval);
if (tp->target_th) {