From 27c7fd9acca91edb649d16cdd7822ac93f213c61 Mon Sep 17 00:00:00 2001 From: shyouhei Date: Fri, 7 Sep 2007 06:52:05 +0000 Subject: * eval.c (mnew): should preserve noex as safe_level. * eval.c (rb_call0): tighten security check condition.. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@13387 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 6 ++++++ eval.c | 4 ++-- version.h | 2 +- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index e7bb6db371..a3d90f5d69 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +Fri Sep 7 15:50:50 2007 Yukihiro Matsumoto + + * eval.c (mnew): should preserve noex as safe_level. + + * eval.c (rb_call0): tighten security check condition.. + Fri Sep 7 15:43:43 2007 Nobuyoshi Nakada * ext/tk/tcltklib.c (Init_tcltklib): use rb_set_end_proc(). diff --git a/eval.c b/eval.c index fa0ed979a6..3dd107654d 100644 --- a/eval.c +++ b/eval.c @@ -5777,7 +5777,7 @@ rb_call0(klass, recv, id, oid, argc, argv, body, flags) volatile int safe = -1; if (NOEX_SAFE(flags) > ruby_safe_level && - !(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) { + ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) { rb_raise(rb_eSecurityError, "calling insecure method: %s", rb_id2name(id)); } @@ -9007,7 +9007,7 @@ mnew(klass, obj, id, mklass) data->body = body; data->rklass = rklass; data->oid = oid; - data->safe_level = NOEX_WITH_SAFE(0); + data->safe_level = NOEX_WITH_SAFE(noex); OBJ_INFECT(method, klass); return method; diff --git a/version.h b/version.h index 25a38dfe30..3ead08fa80 100644 --- a/version.h +++ b/version.h @@ -2,7 +2,7 @@ #define RUBY_RELEASE_DATE "2007-09-07" #define RUBY_VERSION_CODE 186 #define RUBY_RELEASE_CODE 20070907 -#define RUBY_PATCHLEVEL 93 +#define RUBY_PATCHLEVEL 94 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 8 -- cgit v1.2.3