From 5d14e8c8309860d70f194e27688b9312609c43c8 Mon Sep 17 00:00:00 2001
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Fri, 18 Jun 2004 14:12:42 +0000
Subject: * eval.c (proc_save_safe_level, rb_set_safe_level, safe_setter):
 limit   safe level.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@6471 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 eval.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

(limited to 'eval.c')

diff --git a/eval.c b/eval.c
index 42cef9df10..7b04b42e8b 100644
--- a/eval.c
+++ b/eval.c
@@ -7896,12 +7896,17 @@ rb_f_binding(self)
 
 #define PROC_TSHIFT (FL_USHIFT+1)
 #define PROC_TMASK  (FL_USER1|FL_USER2|FL_USER3)
+#define PROC_TMAX   (PROC_TMASK >> PROC_TSHIFT)
+
+#define SAFE_LEVEL_MAX PROC_TMASK
 
 static void
 proc_save_safe_level(data)
     VALUE data;
 {
-    FL_SET(data, (ruby_safe_level << PROC_TSHIFT) & PROC_TMASK);
+    int safe = ruby_safe_level;
+    if (safe > PROC_TMAX) safe = PROC_TMAX;
+    FL_SET(data, (safe << PROC_TSHIFT) & PROC_TMASK);
 }
 
 static int
@@ -9529,6 +9534,7 @@ rb_set_safe_level(level)
     int level;
 {
     if (level > ruby_safe_level) {
+	if (level > SAFE_LEVEL_MAX) level = SAFE_LEVEL_MAX;
 	ruby_safe_level = level;
 	curr_thread->safe = level;
     }
@@ -9550,6 +9556,7 @@ safe_setter(val)
 	rb_raise(rb_eSecurityError, "tried to downgrade safe level from %d to %d",
 		 ruby_safe_level, level);
     }
+    if (level > SAFE_LEVEL_MAX) level = SAFE_LEVEL_MAX;
     ruby_safe_level = level;
     curr_thread->safe = level;
 }
-- 
cgit v1.2.3