summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog9
-rw-r--r--file.c9
-rw-r--r--marshal.c11
-rw-r--r--process.c3
4 files changed, 21 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog
index 736735f55e3..0d4305302dc 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+Tue Feb 19 14:45:32 2002 Yukihiro Matsumoto <matz@ruby-lang.org>
+
+ * file.c (path_check_1): should check directory sticky bits.
+
+ * process.c (security): need not to warn twice.
+
+ * marshal.c (r_object): complete restoration before calling
+ r_regist().
+
Tue Feb 19 14:24:36 2002 Yukihiro Matsumoto <matz@ruby-lang.org>
* parse.y (yylex): operators in the "op" rule should make
diff --git a/file.c b/file.c
index 1eea9360e43..3016589b91e 100644
--- a/file.c
+++ b/file.c
@@ -2304,7 +2304,14 @@ path_check_1(path)
return path_check_1(newpath);
}
for (;;) {
- if (stat(p0, &st) == 0 && (st.st_mode & 002)) {
+#ifndef S_IWOTH
+# define S_IWOTH 002
+#endif
+ if (stat(p0, &st) == 0 && S_ISDIR(st->st_mode) && (st.st_mode & S_IWOTH)
+#ifdef S_ISVTX
+ && !(st.st_mode & S_ISVTX)
+#endif
+ ) {
if (p) *p = '/';
rb_warn("Unsecure world writeable dir %s , mode 0%o", p0, st.st_mode);
return 0;
diff --git a/marshal.c b/marshal.c
index 72ac20ae6ff..5966a7659d2 100644
--- a/marshal.c
+++ b/marshal.c
@@ -927,11 +927,10 @@ r_object(arg)
volatile long len = r_long(arg); /* gcc 2.7.2.3 -O2 bug?? */
v = rb_ary_new2(len);
- r_regist(v, arg);
while (len--) {
rb_ary_push(v, r_object(arg));
}
- return v;
+ return r_regist(v, arg);;
}
case TYPE_HASH:
@@ -940,7 +939,6 @@ r_object(arg)
long len = r_long(arg);
v = rb_hash_new();
- r_regist(v, arg);
while (len--) {
VALUE key = r_object(arg);
VALUE value = r_object(arg);
@@ -949,7 +947,7 @@ r_object(arg)
if (type == TYPE_HASH_DEF) {
RHASH(v)->ifnone = r_object(arg);
}
- return v;
+ return r_regist(v, arg);
}
case TYPE_STRUCT:
@@ -971,7 +969,6 @@ r_object(arg)
rb_ary_push(values, Qnil);
}
v = rb_struct_alloc(klass, values);
- r_regist(v, arg);
for (i=0; i<len; i++) {
slot = r_symbol(arg);
@@ -983,6 +980,7 @@ r_object(arg)
}
rb_struct_aset(v, INT2FIX(i), r_object(arg));
}
+ r_regist(v, arg);
return v;
}
break;
@@ -1010,9 +1008,8 @@ r_object(arg)
if (TYPE(v) != T_OBJECT) {
rb_raise(rb_eArgError, "dump format error");
}
- r_regist(v, arg);
r_ivar(v, arg);
- return v;
+ return r_regist(v, arg);
}
break;
diff --git a/process.c b/process.c
index e4b633c8ed3..8da5953573b 100644
--- a/process.c
+++ b/process.c
@@ -431,9 +431,6 @@ security(str)
if (rb_safe_level() > 0) {
rb_raise(rb_eSecurityError, "Insecure PATH - %s", str);
}
- else {
- rb_warn("Insecure PATH - %s", str);
- }
}
}