summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog22
-rw-r--r--ToDo1
-rw-r--r--array.c2
-rw-r--r--error.c9
-rw-r--r--eval.c14
-rw-r--r--parse.y36
-rw-r--r--process.c8
-rw-r--r--signal.c14
8 files changed, 90 insertions, 16 deletions
diff --git a/ChangeLog b/ChangeLog
index cb5ee4d1cf3..9d1bf4dda4f 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,16 @@
+Mon Feb 19 01:55:43 2001 Yukihiro Matsumoto <matz@ruby-lang.org>
+
+ * eval.c (secure_visibility): visibility check for untainted modules.
+
+Mon Feb 19 00:29:29 2001 Nobuyoshi Nakada <nobu.nakada@nifty.ne.jp>
+
+ * signal.c (sigpipe): sighandler which does nothing.
+
+ * signal.c (trap): set sigpipe function for SIGPIPE.
+
+ * signal.c (Init_signal): default SIGPIPE handler should be
+ sigpipe function.
+
Sun Feb 18 15:42:38 2001 WATANABE Hirofumi <eban@ruby-lang.org>
* ext/curses/extconf.rb: add dir_config.
@@ -8,6 +21,10 @@ Sun Feb 18 05:46:03 2001 Minero Aoki <aamine@dp.u-netsurf.ne.jp>
* lib/net/http.rb: Response#range_length was not debugged.
+Sun Feb 18 04:02:03 2001 Yasushi Shoji <yashi@yashi.com>
+
+ * array.c (rb_ary_subseq): wrong boundary check.
+
Sun Feb 18 00:09:50 2001 Nobuyoshi Nakada <nobu.nakada@nifty.ne.jp>
* win32/win32.c: fasten file I/O on mswin32/mingw32.
@@ -16,6 +33,11 @@ Sun Feb 18 00:09:50 2001 Nobuyoshi Nakada <nobu.nakada@nifty.ne.jp>
* rubysig.h: ditto.
+Sat Feb 17 23:32:45 2001 Yukihiro Matsumoto <matz@ruby-lang.org>
+
+ * parse.y (cond0): integer literal in condition should not be
+ compared to lineno ($.).
+
Fri Feb 16 01:44:56 2001 Yukihiro Matsumoto <matz@ruby-lang.org>
* io.c (set_outfile): f should be the FILE* from the assigning value.
diff --git a/ToDo b/ToDo
index fa60ea01288..c1441005297 100644
--- a/ToDo
+++ b/ToDo
@@ -74,6 +74,7 @@ Standard Libraries
* or raise ForkException to every thread but fork caller.
* Hash::new{default} or recommend Hash#fetch?
* new user-defined marshal scheme. _dump(dumper), _load(restorer)
+* warn, warning for Ruby level
Extension Libraries
diff --git a/array.c b/array.c
index 768b7e8ffed..e18fb3d8f59 100644
--- a/array.c
+++ b/array.c
@@ -400,7 +400,7 @@ rb_ary_subseq(ary, beg, len)
{
VALUE ary2;
- if (beg > RARRAY(ary)->len) return Qnil;
+ if (beg >= RARRAY(ary)->len) return Qnil;
if (beg < 0 || len < 0) return Qnil;
if (beg + len > RARRAY(ary)->len) {
diff --git a/error.c b/error.c
index b3d900fb9b5..03bc93f0e04 100644
--- a/error.c
+++ b/error.c
@@ -412,6 +412,13 @@ exc_set_backtrace(exc, bt)
return rb_iv_set(exc, "bt", check_backtrace(bt));
}
+static VALUE
+exit_status(exc)
+ VALUE exc;
+{
+ return rb_iv_get(exc, "status");
+}
+
#ifdef __BEOS__
typedef struct {
VALUE *list;
@@ -554,6 +561,8 @@ Init_Exception()
rb_define_method(rb_eException, "set_backtrace", exc_set_backtrace, 1);
rb_eSystemExit = rb_define_class("SystemExit", rb_eException);
+ rb_define_method(rb_eSystemExit, "status", exit_status, 0);
+
rb_eFatal = rb_define_class("fatal", rb_eException);
rb_eSignal = rb_define_class("SignalException", rb_eException);
rb_eInterrupt = rb_define_class("Interrupt", rb_eSignal);
diff --git a/eval.c b/eval.c
index 0323c9fbbe9..fc46baae532 100644
--- a/eval.c
+++ b/eval.c
@@ -5427,6 +5427,15 @@ rb_require(fname)
}
static void
+secure_visibility(self)
+ VALUE self;
+{
+ if (rb_safe_level() >= 4 && !OBJ_TAINTED(self)) {
+ rb_raise(rb_eSecurityError, "Insecure: can't change method visibility");
+ }
+}
+
+static void
set_method_visibility(self, argc, argv, ex)
VALUE self;
int argc;
@@ -5435,6 +5444,7 @@ set_method_visibility(self, argc, argv, ex)
{
int i;
+ secure_visibility(self);
for (i=0; i<argc; i++) {
rb_export_method(self, rb_to_id(argv[i]), ex);
}
@@ -5446,6 +5456,7 @@ rb_mod_public(argc, argv, module)
VALUE *argv;
VALUE module;
{
+ secure_visibility(module);
if (argc == 0) {
SCOPE_SET(SCOPE_PUBLIC);
}
@@ -5461,6 +5472,7 @@ rb_mod_protected(argc, argv, module)
VALUE *argv;
VALUE module;
{
+ secure_visibility(module);
if (argc == 0) {
SCOPE_SET(SCOPE_PROTECTED);
}
@@ -5476,6 +5488,7 @@ rb_mod_private(argc, argv, module)
VALUE *argv;
VALUE module;
{
+ secure_visibility(module);
if (argc == 0) {
SCOPE_SET(SCOPE_PRIVATE);
}
@@ -5535,6 +5548,7 @@ rb_mod_modfunc(argc, argv, module)
rb_raise(rb_eTypeError, "module_function must be called for modules");
}
+ secure_visibility(module);
if (argc == 0) {
SCOPE_SET(SCOPE_MODFUNC);
return module;
diff --git a/parse.y b/parse.y
index a0504cf0bee..4f6095b6fd3 100644
--- a/parse.y
+++ b/parse.y
@@ -4469,6 +4469,28 @@ warning_unless_e_option(str)
if (e_option_supplied()) rb_warning(str);
}
+static NODE *cond0();
+
+static NODE*
+cond2(node, logop)
+ NODE *node;
+ int logop;
+{
+ enum node_type type;
+
+ if (logop) return node;
+ if (!e_option_supplied()) return node;
+
+ warn_unless_e_option("integer literal in condition");
+ node = cond0(node);
+ type = nd_type(node);
+ if (type == NODE_NEWLINE) node = node->nd_next;
+ if (type == NODE_LIT && FIXNUM_P(node->nd_lit)) {
+ return call_op(node,tEQ,1,NEW_GVAR(rb_intern("$.")));
+ }
+ return node;
+}
+
static NODE*
cond0(node, logop)
NODE *node;
@@ -4494,8 +4516,8 @@ cond0(node, logop)
case NODE_DOT2:
case NODE_DOT3:
- node->nd_beg = cond0(node->nd_beg, logop);
- node->nd_end = cond0(node->nd_end, logop);
+ node->nd_beg = cond2(node->nd_beg, logop);
+ node->nd_end = cond2(node->nd_end, logop);
if (type == NODE_DOT2) nd_set_type(node,NODE_FLIP2);
else if (type == NODE_DOT3) nd_set_type(node, NODE_FLIP3);
node->nd_cnt = local_append(0);
@@ -4509,20 +4531,12 @@ cond0(node, logop)
goto regexp;
case NODE_LIT:
- switch (TYPE(node->nd_lit)) {
- case T_REGEXP:
+ if (TYPE(node->nd_lit) == T_REGEXP) {
warning_unless_e_option("regex literal in condition");
regexp:
nd_set_type(node, NODE_MATCH);
local_cnt('_');
local_cnt('~');
- break;
-
- case T_FIXNUM:
- if (logop) break;
- if (!e_option_supplied()) break;
- warn_unless_e_option("integer literal in condition");
- return call_op(node,tEQ,1,NEW_GVAR(rb_intern("$.")));
}
}
return node;
diff --git a/process.c b/process.c
index dcde77a9bb6..85b205831f7 100644
--- a/process.c
+++ b/process.c
@@ -299,12 +299,12 @@ struct waitall_data {
int pid;
int status;
VALUE ary;
-}
+};
static int
waitall_each(key, value, data)
int key, value;
- struct wait_data *data;
+ struct waitall_data *data;
{
VALUE pid_status_member;
@@ -563,6 +563,10 @@ rb_proc_exec(str)
char **argv, **a;
security(str);
+
+ while (*str && ISSPACE(*str))
+ str++;
+
for (s=str; *s; s++) {
if (*s != ' ' && !ISALPHA(*s) && strchr("*?{}[]<>()~&|\\$;'`\"\n",*s)) {
#if defined(MSDOS)
diff --git a/signal.c b/signal.c
index 3ec09464717..ca4cded0552 100644
--- a/signal.c
+++ b/signal.c
@@ -386,6 +386,16 @@ sigsegv(sig)
}
#endif
+#ifdef SIGPIPE
+static RETSIGTYPE sigsegv _((int));
+static RETSIGTYPE
+sigpipe(sig)
+ int sig;
+{
+ /* do nothing */
+}
+#endif
+
void
rb_trap_exit()
{
@@ -546,7 +556,7 @@ trap(arg)
#endif
#ifdef SIGPIPE
case SIGPIPE:
- func = SIG_IGN;
+ func = sigpipe;
break;
#endif
}
@@ -659,7 +669,7 @@ Init_signal()
ruby_signal(SIGSEGV, sigsegv);
#endif
#ifdef SIGPIPE
- ruby_signal(SIGPIPE, SIG_IGN);
+ ruby_signal(SIGPIPE, sigpipe);
#endif
#endif /* MACOS_UNUSE_SIGNAL */
}