From 1f828497d1e8df2b7b68ac2a093ab4439585d88a Mon Sep 17 00:00:00 2001 From: shugo Date: Wed, 12 Jun 2013 14:20:51 +0000 Subject: * safe.c (rb_set_safe_level, safe_setter): raise an ArgumentError when $SAFE is set to 4. $SAFE=4 is now obsolete. [ruby-core:55222] [Feature #8468] * object.c (rb_obj_untrusted, rb_obj_untrust, rb_obj_trust): Kernel#untrusted?, untrust, and trust are now deprecated. Their behavior is same as tainted?, taint, and untaint, respectively. * include/ruby/ruby.h (OBJ_UNTRUSTED, OBJ_UNTRUST): OBJ_UNTRUSTED() and OBJ_UNTRUST() are aliases of OBJ_TAINTED() and OBJ_TAINT(), respectively. * array.c, class.c, debug.c, dir.c, encoding.c, error.c, eval.c, ext/curses/curses.c, ext/dbm/dbm.c, ext/dl/cfunc.c, ext/dl/cptr.c, ext/dl/dl.c, ext/etc/etc.c, ext/fiddle/fiddle.c, ext/fiddle/pointer.c, ext/gdbm/gdbm.c, ext/readline/readline.c, ext/sdbm/init.c, ext/socket/ancdata.c, ext/socket/basicsocket.c, ext/socket/socket.c, ext/socket/udpsocket.c, ext/stringio/stringio.c, ext/syslog/syslog.c, ext/tk/tcltklib.c, ext/win32ole/win32ole.c, file.c, gc.c, hash.c, io.c, iseq.c, load.c, marshal.c, object.c, proc.c, process.c, random.c, re.c, safe.c, string.c, thread.c, transcode.c, variable.c, vm_insnhelper.c, vm_method.c, vm_trace.c: remove code for $SAFE=4. * test/dl/test_dl2.rb, test/erb/test_erb.rb, test/readline/test_readline.rb, test/readline/test_readline_history.rb, test/ruby/test_alias.rb, test/ruby/test_array.rb, test/ruby/test_dir.rb, test/ruby/test_encoding.rb, test/ruby/test_env.rb, test/ruby/test_eval.rb, test/ruby/test_exception.rb, test/ruby/test_file_exhaustive.rb, test/ruby/test_hash.rb, test/ruby/test_io.rb, test/ruby/test_method.rb, test/ruby/test_module.rb, test/ruby/test_object.rb, test/ruby/test_pack.rb, test/ruby/test_rand.rb, test/ruby/test_regexp.rb, test/ruby/test_settracefunc.rb, test/ruby/test_struct.rb, test/ruby/test_thread.rb, test/ruby/test_time.rb: remove tests for $SAFE=4. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@41259 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- test/dl/test_dl2.rb | 27 ------ test/erb/test_erb.rb | 5 -- test/readline/test_readline.rb | 55 ------------ test/readline/test_readline_history.rb | 35 -------- test/ruby/test_alias.rb | 10 --- test/ruby/test_array.rb | 13 --- test/ruby/test_dir.rb | 15 ---- test/ruby/test_encoding.rb | 5 -- test/ruby/test_env.rb | 6 -- test/ruby/test_eval.rb | 10 --- test/ruby/test_exception.rb | 47 ---------- test/ruby/test_file_exhaustive.rb | 9 -- test/ruby/test_hash.rb | 10 --- test/ruby/test_io.rb | 44 ---------- test/ruby/test_method.rb | 9 -- test/ruby/test_module.rb | 38 -------- test/ruby/test_object.rb | 154 +++------------------------------ test/ruby/test_pack.rb | 10 --- test/ruby/test_rand.rb | 12 --- test/ruby/test_regexp.rb | 12 +-- test/ruby/test_settracefunc.rb | 54 ------------ test/ruby/test_struct.rb | 24 ----- test/ruby/test_thread.rb | 20 ----- test/ruby/test_time.rb | 24 ----- 24 files changed, 15 insertions(+), 633 deletions(-) (limited to 'test') diff --git a/test/dl/test_dl2.rb b/test/dl/test_dl2.rb index 88ef0869b1..955ac1d855 100644 --- a/test/dl/test_dl2.rb +++ b/test/dl/test_dl2.rb @@ -11,15 +11,6 @@ class TestDL < TestBase # TODO: refactor test repetition - def test_free_secure - assert_raises(SecurityError) do - Thread.new do - $SAFE = 4 - DL.free(0) - end.join - end - end - def test_realloc str = "abc" ptr_id = DL.realloc(0, 4) @@ -33,15 +24,6 @@ class TestDL < TestBase DL.free ptr_id end - def test_realloc_secure - assert_raises(SecurityError) do - Thread.new do - $SAFE = 4 - DL.realloc(0, 4) - end.join - end - end - def test_malloc str = "abc" @@ -56,15 +38,6 @@ class TestDL < TestBase DL.free ptr_id end - def test_malloc_security - assert_raises(SecurityError) do - Thread.new do - $SAFE = 4 - DL.malloc(4) - end.join - end - end - def test_call_int() cfunc = CFunc.new(@libc['atoi'], TYPE_INT, 'atoi') x = cfunc.call(["100"].pack("p").unpack("l!*")) diff --git a/test/erb/test_erb.rb b/test/erb/test_erb.rb index 89fdbff6eb..65efd39191 100644 --- a/test/erb/test_erb.rb +++ b/test/erb/test_erb.rb @@ -185,11 +185,6 @@ EOS assert_equal(ans, erb.result) end - def test_safe_04 - erb = @erb.new('<%=$SAFE%>', 4) - assert_equal('4', erb.result(TOPLEVEL_BINDING.taint)) - end - class Foo; end def test_def_class diff --git a/test/readline/test_readline.rb b/test/readline/test_readline.rb index a4c8e581a3..17e54ef428 100644 --- a/test/readline/test_readline.rb +++ b/test/readline/test_readline.rb @@ -18,55 +18,6 @@ class TestReadline < Test::Unit::TestCase Readline.instance_variable_set("@completion_proc", nil) end - def test_safe_level_4 - method_args = - [ - ["readline"], - ["input=", $stdin], - ["output=", $stdout], - ["completion_proc=", proc {}], - ["completion_proc"], - ["completion_case_fold=", true], - ["completion_case_fold"], - ["vi_editing_mode"], - ["vi_editing_mode?"], - ["emacs_editing_mode"], - ["emacs_editing_mode?"], - ["completion_append_character=", "s"], - ["completion_append_character"], - ["basic_word_break_characters=", "s"], - ["basic_word_break_characters"], - ["completer_word_break_characters=", "s"], - ["completer_word_break_characters"], - ["basic_quote_characters=", "\\"], - ["basic_quote_characters"], - ["completer_quote_characters=", "\\"], - ["completer_quote_characters"], - ["filename_quote_characters=", "\\"], - ["filename_quote_characters"], - ["line_buffer"], - ["point"], - ["set_screen_size", 1, 1], - ["get_screen_size"], - ["pre_input_hook=", proc {}], - ["pre_input_hook"], - ["insert_text", ""], - ["redisplay"], - ["special_prefixes=", "$"], - ["special_prefixes"], - ] - method_args.each do |method_name, *args| - assert_raise(SecurityError, NotImplementedError, - "method=<#{method_name}>") do - Thread.start { - $SAFE = 4 - Readline.send(method_name.to_sym, *args) - assert(true) - }.join - end - end - end - if !/EditLine/n.match(Readline::VERSION) def test_readline with_temp_stdio do |stdin, stdout| @@ -90,12 +41,6 @@ class TestReadline < Test::Unit::TestCase end }.join end - assert_raise(SecurityError) do - Thread.start { - $SAFE = 4 - replace_stdio(stdin.path, stdout.path) { Readline.readline("> ") } - }.join - end end end diff --git a/test/readline/test_readline_history.rb b/test/readline/test_readline_history.rb index e21d170cc3..4bcd7b3b25 100644 --- a/test/readline/test_readline_history.rb +++ b/test/readline/test_readline_history.rb @@ -39,41 +39,6 @@ class Readline::TestHistory < Test::Unit::TestCase HISTORY.clear end - def test_safe_level_4 - method_args = - [ - ["[]", [0]], - ["[]=", [0, "s"]], - ["\<\<", ["s"]], - ["push", ["s"]], - ["pop", []], - ["shift", []], - ["length", []], - ["delete_at", [0]], - ["clear", []], - ] - method_args.each do |method_name, args| - assert_raise(SecurityError, NotImplementedError, - "method=<#{method_name}>") do - Thread.start { - $SAFE = 4 - HISTORY.send(method_name.to_sym, *args) - assert(true) - }.join - end - end - - assert_raise(SecurityError, NotImplementedError, - "method=") do - Thread.start { - $SAFE = 4 - HISTORY.each { |s| - assert(true) - } - }.join - end - end - def test_to_s expected = "HISTORY" assert_equal(expected, HISTORY.to_s) diff --git a/test/ruby/test_alias.rb b/test/ruby/test_alias.rb index e154982c89..0fd8d5f89b 100644 --- a/test/ruby/test_alias.rb +++ b/test/ruby/test_alias.rb @@ -52,16 +52,6 @@ class TestAlias < Test::Unit::TestCase end end - def test_JVN_83768862 - d = lambda { - $SAFE = 4 - dclass = Class.new(C) - dclass.send(:alias_method, :mm, :m) - dclass.new - }.call - assert_raise(SecurityError) { d.mm } - end - def test_nonexistmethod assert_raise(NameError){ Class.new{ diff --git a/test/ruby/test_array.rb b/test/ruby/test_array.rb index 6807598054..63db980357 100644 --- a/test/ruby/test_array.rb +++ b/test/ruby/test_array.rb @@ -1732,19 +1732,6 @@ class TestArray < Test::Unit::TestCase assert_equal([3,4,5,0], [1,2,3,4,5,0].drop_while {|i| i < 3 }) end - def test_modify_check - a = [] - a.freeze - assert_raise(RuntimeError) { a.shift } - a = [1, 2] - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - a.shift - end.value - end - end - LONGP = [127, 63, 31, 15, 7].map {|x| 2**x-1 }.find do |x| begin [].first(x) diff --git a/test/ruby/test_dir.rb b/test/ruby/test_dir.rb index 1c8f73e20c..d8f6868aa6 100644 --- a/test/ruby/test_dir.rb +++ b/test/ruby/test_dir.rb @@ -43,15 +43,6 @@ class TestDir < Test::Unit::TestCase end end - def test_JVN_13947696 - b = lambda { - d = Dir.open('.') - $SAFE = 4 - d.close - } - assert_raise(SecurityError) { b.call } - end - def test_nodir assert_raise(Errno::ENOENT) { Dir.open(@nodir) } end @@ -90,12 +81,6 @@ class TestDir < Test::Unit::TestCase d.rewind b = (0..5).map { d.read } assert_equal(a, b) - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - d.rewind - end.join - end ensure d.close end diff --git a/test/ruby/test_encoding.rb b/test/ruby/test_encoding.rb index ef2dc39c4d..c1ded6c741 100644 --- a/test/ruby/test_encoding.rb +++ b/test/ruby/test_encoding.rb @@ -100,11 +100,6 @@ class TestEncoding < Test::Unit::TestCase assert_equal(str, str2, '[ruby-dev:38596]') end - def test_unsafe - bug5279 = '[ruby-dev:44469]' - assert_ruby_status([], '$SAFE=4; "a".encode("utf-16be")', bug5279) - end - def test_compatible_p ua = "abc".force_encoding(Encoding::UTF_8) assert_equal(Encoding::UTF_8, Encoding.compatible?(ua, :abc)) diff --git a/test/ruby/test_env.rb b/test/ruby/test_env.rb index 618be37214..b4c2d1f726 100644 --- a/test/ruby/test_env.rb +++ b/test/ruby/test_env.rb @@ -114,12 +114,6 @@ class TestEnv < Test::Unit::TestCase end def test_aset - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - ENV["test"] = "foo" - end.join - end assert_nothing_raised { ENV["test"] = nil } assert_equal(nil, ENV["test"]) assert_raise(ArgumentError) { ENV["foo\0bar"] = "test" } diff --git a/test/ruby/test_eval.rb b/test/ruby/test_eval.rb index a97b982246..790e2887d5 100644 --- a/test/ruby/test_eval.rb +++ b/test/ruby/test_eval.rb @@ -440,16 +440,6 @@ class TestEval < Test::Unit::TestCase assert_raise(RuntimeError) { eval("raise ''") } end - def test_eval_using_untainted_binding_under_safe4 - assert_raise(SecurityError) do - Thread.new do - b = binding - $SAFE = 4 - eval("", b) - end.join - end - end - def test_eval_with_toplevel_binding # [ruby-dev:37142] ruby("-e", "x = 0; eval('p x', TOPLEVEL_BINDING)") do |f| f.close_write diff --git a/test/ruby/test_exception.rb b/test/ruby/test_exception.rb index c829a179d5..4a0edc3f1a 100644 --- a/test/ruby/test_exception.rb +++ b/test/ruby/test_exception.rb @@ -255,25 +255,6 @@ class TestException < Test::Unit::TestCase INPUT end - def test_safe4 - cmd = proc{raise SystemExit} - safe0_p = proc{|*args| args} - - test_proc = proc { - $SAFE = 4 - begin - cmd.call - rescue SystemExit => e - safe0_p["SystemExit: #{e.inspect}"] - raise e - rescue Exception => e - safe0_p["Exception (NOT SystemExit): #{e.inspect}"] - raise e - end - } - assert_raise(SystemExit, '[ruby-dev:38760]') {test_proc.call} - end - def test_thread_signal_location _, stderr, _ = EnvUtil.invoke_ruby("--disable-gems -d", <<-RUBY, false, true) Thread.start do @@ -475,32 +456,4 @@ end.join s = e.to_s assert_equal(false, s.tainted?) end - - def test_exception_to_s_should_not_propagate_untrustedness - favorite_lang = "Ruby" - - for exc in [Exception, NameError] - assert_raise(SecurityError) do - lambda { - $SAFE = 4 - exc.new(favorite_lang).to_s - favorite_lang.replace("Python") - }.call - end - end - - assert_raise(SecurityError) do - lambda { - $SAFE = 4 - o = Object.new - o.singleton_class.send(:define_method, :to_str) { - favorite_lang - } - NameError.new(o).to_s - favorite_lang.replace("Python") - }.call - end - - assert_equal("Ruby", favorite_lang) - end end diff --git a/test/ruby/test_file_exhaustive.rb b/test/ruby/test_file_exhaustive.rb index 8a33258759..3394d12372 100644 --- a/test/ruby/test_file_exhaustive.rb +++ b/test/ruby/test_file_exhaustive.rb @@ -1109,15 +1109,6 @@ class TestFileExhaustive < Test::Unit::TestCase assert_nothing_raised { ENV["PATH"] } end - def test_find_file - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - load(@file) - end.join - end - end - def test_size assert_equal(3, File.open(@file) {|f| f.size }) File.open(@file, "a") do |f| diff --git a/test/ruby/test_hash.rb b/test/ruby/test_hash.rb index dbc3ed2bfc..3168760670 100644 --- a/test/ruby/test_hash.rb +++ b/test/ruby/test_hash.rb @@ -722,16 +722,6 @@ class TestHash < Test::Unit::TestCase assert_equal([], expected - vals) end - def test_security_check - h = {} - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - h[1] = 1 - end.join - end - end - def test_intialize_wrong_arguments assert_raise(ArgumentError) do Hash.new(0) { } diff --git a/test/ruby/test_io.rb b/test/ruby/test_io.rb index 959982f1d5..e42ace1952 100644 --- a/test/ruby/test_io.rb +++ b/test/ruby/test_io.rb @@ -918,17 +918,6 @@ class TestIO < Test::Unit::TestCase } end - def safe_4 - t = Thread.new do - $SAFE = 4 - yield - end - unless t.join(10) - t.kill - flunk("timeout in safe_4") - end - end - def ruby(*args) args = ['-e', '$>.write($<.read)'] if args.empty? ruby = EnvUtil.rubybin @@ -1001,9 +990,6 @@ class TestIO < Test::Unit::TestCase def test_inspect with_pipe do |r, w| assert_match(/^#$/, r.inspect) - assert_raise(SecurityError) do - safe_4 { r.inspect } - end end end @@ -1179,14 +1165,6 @@ class TestIO < Test::Unit::TestCase end end - def test_close_read_security_error - with_pipe do |r, w| - assert_raise(SecurityError) do - safe_4 { r.close_read } - end - end - end - def test_close_read_non_readable with_pipe do |r, w| assert_raise(IOError) do @@ -1203,14 +1181,6 @@ class TestIO < Test::Unit::TestCase end end - def test_close_write_security_error - with_pipe do |r, w| - assert_raise(SecurityError) do - safe_4 { r.close_write } - end - end - end - def test_close_write_non_readable with_pipe do |r, w| assert_raise(IOError) do @@ -1441,14 +1411,6 @@ class TestIO < Test::Unit::TestCase end end - def test_close_security_error - with_pipe do |r, w| - assert_raise(SecurityError) do - safe_4 { r.close } - end - end - end - def test_pos make_tempfile {|t| @@ -1710,12 +1672,6 @@ class TestIO < Test::Unit::TestCase def test_reopen make_tempfile {|t| - with_pipe do |r, w| - assert_raise(SecurityError) do - safe_4 { r.reopen(t.path) } - end - end - open(__FILE__) do |f| f.gets assert_nothing_raised { diff --git a/test/ruby/test_method.rb b/test/ruby/test_method.rb index ca790dfd12..b46d67c9fa 100644 --- a/test/ruby/test_method.rb +++ b/test/ruby/test_method.rb @@ -325,15 +325,6 @@ class TestMethod < Test::Unit::TestCase assert_equal(:bar, m.clone.bar) end - def test_call - o = Object.new - def o.foo; p 1; end - def o.bar(x); x; end - m = o.method(:foo) - m.taint - assert_raise(SecurityError) { m.call } - end - def test_inspect o = Object.new def o.foo; end diff --git a/test/ruby/test_module.rb b/test/ruby/test_module.rb index 816e5dc1ff..5574bf0567 100644 --- a/test/ruby/test_module.rb +++ b/test/ruby/test_module.rb @@ -760,13 +760,6 @@ class TestModule < Test::Unit::TestCase end def test_undef - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - Class.instance_eval { undef_method(:foo) } - end.join - end - c = Class.new assert_raise(NameError) do c.instance_eval { undef_method(:foo) } @@ -861,19 +854,6 @@ class TestModule < Test::Unit::TestCase assert_equal(true, c.private_method_defined?(:baz)) end - def test_change_visibility_under_safe4 - c = Class.new - c.class_eval do - def foo; end - end - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - c.class_eval { private :foo } - end.join - end - end - def test_top_public_private assert_in_out_err([], <<-INPUT, %w([:foo] [:bar]), []) private @@ -970,24 +950,6 @@ class TestModule < Test::Unit::TestCase assert_equal(false, m.include?(m)) end - def test_include_under_safe4 - m = Module.new - c1 = Class.new - assert_raise(SecurityError) do - lambda { - $SAFE = 4 - c1.instance_eval { include(m) } - }.call - end - assert_nothing_raised do - lambda { - $SAFE = 4 - c2 = Class.new - c2.instance_eval { include(m) } - }.call - end - end - def test_send a = AClass.new assert_equal(:aClass, a.__send__(:aClass)) diff --git a/test/ruby/test_object.rb b/test/ruby/test_object.rb index 1da7f250c2..7b660ce87c 100644 --- a/test/ruby/test_object.rb +++ b/test/ruby/test_object.rb @@ -52,16 +52,6 @@ class TestObject < Test::Unit::TestCase assert_raise(RuntimeError) { o.untaint } end - def test_freeze_under_safe_4 - o = Object.new - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - o.freeze - end.join - end - end - def test_freeze_immediate assert_equal(true, 1.frozen?) 1.freeze @@ -282,17 +272,6 @@ class TestObject < Test::Unit::TestCase assert_equal(1+3+5+7+9, n) end - def test_add_method_under_safe4 - o = Object.new - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - def o.foo - end - end.join - end - end - def test_redefine_method_under_verbose assert_in_out_err([], <<-INPUT, %w(2), /warning: method redefined; discarding old foo$/) $VERBOSE = true @@ -316,20 +295,6 @@ class TestObject < Test::Unit::TestCase end def test_remove_method - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - Object.instance_eval { remove_method(:foo) } - end.join - end - - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - Class.instance_eval { remove_method(:foo) } - end.join - end - c = Class.new c.freeze assert_raise(RuntimeError) do @@ -687,72 +652,21 @@ class TestObject < Test::Unit::TestCase end def test_untrusted - obj = lambda { - $SAFE = 4 - x = Object.new - x.instance_eval { @foo = 1 } - x - }.call + obj = Object.new + assert_equal(false, obj.untrusted?) + assert_equal(false, obj.tainted?) + obj.untrust assert_equal(true, obj.untrusted?) assert_equal(true, obj.tainted?) - - x = Object.new - assert_equal(false, x.untrusted?) - assert_raise(SecurityError) do - lambda { - $SAFE = 4 - x.instance_eval { @foo = 1 } - }.call - end - - x = Object.new - x.taint - assert_raise(SecurityError) do - lambda { - $SAFE = 4 - x.instance_eval { @foo = 1 } - }.call - end - - x.untrust - assert_equal(true, x.untrusted?) - assert_nothing_raised do - lambda { - $SAFE = 4 - x.instance_eval { @foo = 1 } - }.call - end - - x.trust - assert_equal(false, x.untrusted?) - assert_raise(SecurityError) do - lambda { - $SAFE = 4 - x.instance_eval { @foo = 1 } - }.call - end - - a = Object.new - a.untrust - assert_equal(true, a.untrusted?) - b = a.dup - assert_equal(true, b.untrusted?) - c = a.clone - assert_equal(true, c.untrusted?) - - a = Object.new - b = lambda { - $SAFE = 4 - a.dup - }.call - assert_equal(true, b.untrusted?) - - a = Object.new - b = lambda { - $SAFE = 4 - a.clone - }.call - assert_equal(true, b.untrusted?) + obj.trust + assert_equal(false, obj.untrusted?) + assert_equal(false, obj.tainted?) + obj.taint + assert_equal(true, obj.untrusted?) + assert_equal(true, obj.tainted?) + obj.untaint + assert_equal(false, obj.untrusted?) + assert_equal(false, obj.tainted?) end def test_to_s @@ -813,42 +727,6 @@ class TestObject < Test::Unit::TestCase assert_match(/\bInspect\u{3042}:.* @\u{3044}=42\b/, x) end - def test_exec_recursive - Thread.current[:__recursive_key__] = nil - a = [[]] - a.inspect - - assert_nothing_raised do - -> do - $SAFE = 4 - begin - a.hash - rescue ArgumentError - end - end.call - end - - -> do - assert_nothing_raised do - $SAFE = 4 - a.inspect - end - end.call - - -> do - o = Object.new - def o.to_ary(x); end - def o.==(x); $SAFE = 4; false; end - a = [[o]] - b = [] - b << b - - assert_nothing_raised do - b == a - end - end.call - end - def test_singleton_class x = Object.new xs = class << x; self; end @@ -895,12 +773,6 @@ class TestObject < Test::Unit::TestCase c = a.dup.freeze assert_raise(RuntimeError, "frozen") {c.instance_eval {initialize_copy(b)}} d = a.dup.trust - assert_raise(SecurityError, "untrust") do - proc { - $SAFE = 4 - d.instance_eval {initialize_copy(b)} - }.call - end [a, b, c, d] end diff --git a/test/ruby/test_pack.rb b/test/ruby/test_pack.rb index 9dbb0b0c72..7848eb5e62 100644 --- a/test/ruby/test_pack.rb +++ b/test/ruby/test_pack.rb @@ -644,16 +644,6 @@ EXPECTED assert_equal([0x100000000], "\220\200\200\200\000".unpack("w"), [0x100000000]) end - def test_modify_under_safe4 - s = "foo" - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - s.clear - end.join - end - end - def test_length_too_big assert_raise(RangeError) { [].pack("C100000000000000000000") } end diff --git a/test/ruby/test_rand.rb b/test/ruby/test_rand.rb index 611e9f57a0..98615f8d42 100644 --- a/test/ruby/test_rand.rb +++ b/test/ruby/test_rand.rb @@ -504,18 +504,6 @@ END end end - def test_marshal_load_insecure - r = Random.new(0) - d = r.__send__(:marshal_dump) - l = proc do - $SAFE = 4 - r.__send__(:marshal_load, d) - end - assert_raise(SecurityError, '[Bug #6540]') do - l.call - end - end - def test_random_ulong_limited def (gen = Object.new).rand(*) 1 end assert_equal([2], (1..100).map {[1,2,3].sample(random: gen)}.uniq) diff --git a/test/ruby/test_regexp.rb b/test/ruby/test_regexp.rb index 9ad9afe14c..a91ae8b79f 100644 --- a/test/ruby/test_regexp.rb +++ b/test/ruby/test_regexp.rb @@ -340,14 +340,6 @@ class TestRegexp < Test::Unit::TestCase def test_initialize assert_raise(ArgumentError) { Regexp.new } assert_equal(/foo/, Regexp.new(/foo/, Regexp::IGNORECASE)) - re = /foo/ - assert_raise(SecurityError) do - Thread.new { $SAFE = 4; re.instance_eval { initialize(re) } }.join - end - re.taint - assert_raise(SecurityError) do - Thread.new { $SAFE = 4; re.instance_eval { initialize(re) } }.join - end assert_equal(Encoding.find("US-ASCII"), Regexp.new("b..", nil, "n").encoding) assert_equal("bar", "foobarbaz"[Regexp.new("b..", nil, "n")]) @@ -545,12 +537,12 @@ class TestRegexp < Test::Unit::TestCase def test_taint m = Thread.new do "foo"[/foo/] - $SAFE = 4 + $SAFE = 3 /foo/.match("foo") end.value assert(m.tainted?) assert_nothing_raised('[ruby-core:26137]') { - m = proc {$SAFE = 4; %r"#{ }"o}.call + m = proc {$SAFE = 3; %r"#{ }"o}.call } assert(m.tainted?) end diff --git a/test/ruby/test_settracefunc.rb b/test/ruby/test_settracefunc.rb index b010846b92..ab1a37f8eb 100644 --- a/test/ruby/test_settracefunc.rb +++ b/test/ruby/test_settracefunc.rb @@ -397,42 +397,6 @@ class TestSetTraceFunc < Test::Unit::TestCase assert_equal(self, ok, bug3921) end - def assert_security_error_safe4(block) - assert_raise(SecurityError) do - block.call - end - end - - def test_set_safe4 - func = proc do - $SAFE = 4 - set_trace_func(lambda {|*|}) - end - assert_security_error_safe4(func) - end - - def test_thread_set_safe4 - th = Thread.start {sleep} - func = proc do - $SAFE = 4 - th.set_trace_func(lambda {|*|}) - end - assert_security_error_safe4(func) - ensure - th.kill - end - - def test_thread_add_safe4 - th = Thread.start {sleep} - func = proc do - $SAFE = 4 - th.add_trace_func(lambda {|*|}) - end - assert_security_error_safe4(func) - ensure - th.kill - end - class << self define_method(:method_added, Module.method(:method_added)) end @@ -924,24 +888,6 @@ class TestSetTraceFunc < Test::Unit::TestCase end end - def test_trace_point_enable_safe4 - tp = TracePoint.new {} - func = proc do - $SAFE = 4 - tp.enable - end - assert_security_error_safe4(func) - end - - def test_trace_point_disable_safe4 - tp = TracePoint.new {} - func = proc do - $SAFE = 4 - tp.disable - end - assert_security_error_safe4(func) - end - def m1_for_test_trace_point_binding_in_ifunc(arg) arg + nil rescue diff --git a/test/ruby/test_struct.rb b/test/ruby/test_struct.rb index 1c108777ee..c5ac2eb330 100644 --- a/test/ruby/test_struct.rb +++ b/test/ruby/test_struct.rb @@ -74,17 +74,6 @@ class TestStruct < Test::Unit::TestCase assert_raise(NameError) { o[:b] } end - def test_modify - klass = Struct.new(:a) - o = klass.new(1) - assert_raise(SecurityError) do - Thread.new do - $SAFE = 4 - o.a = 2 - end.value - end - end - def test_set klass = Struct.new(:a) o = klass.new(1) @@ -263,19 +252,6 @@ class TestStruct < Test::Unit::TestCase } end - def test_struct_subclass - bug5036 = '[ruby-dev:44122]' - st = Class.new(Struct) - s = st.new("S", :m).new - error = assert_raise(SecurityError) do - proc do - $SAFE = 4 - s.m = 1 - end.call - end - assert_equal("Insecure: can't modify #{st}::S", error.message, bug5036) - end - def test_to_h klass = Struct.new(:a, :b, :c, :d, :e, :f) o = klass.new(1, 2, 3, 4, 5, 6) diff --git a/test/ruby/test_thread.rb b/test/ruby/test_thread.rb index d9b8afc752..46831f3c46 100644 --- a/test/ruby/test_thread.rb +++ b/test/ruby/test_thread.rb @@ -88,18 +88,6 @@ class TestThread < Test::Unit::TestCase end end - def test_thread_variable_security - t = Thread.new { sleep } - - assert_raises(SecurityError) do - Thread.new { $SAFE = 4; t.thread_variable_get(:foo) }.join - end - - assert_raises(SecurityError) do - Thread.new { $SAFE = 4; t.thread_variable_set(:foo, :baz) }.join - end - end - def test_mutex_synchronize m = Mutex.new r = 0 @@ -396,14 +384,6 @@ class TestThread < Test::Unit::TestCase def test_thread_local_security t = Thread.new { sleep } - assert_raise(SecurityError) do - Thread.new { $SAFE = 4; t[:foo] }.join - end - - assert_raise(SecurityError) do - Thread.new { $SAFE = 4; t[:foo] = :baz }.join - end - assert_raise(RuntimeError) do Thread.new do Thread.current[:foo] = :bar diff --git a/test/ruby/test_time.rb b/test/ruby/test_time.rb index 22df27067f..2a56836cce 100644 --- a/test/ruby/test_time.rb +++ b/test/ruby/test_time.rb @@ -312,16 +312,6 @@ class TestTime < Test::Unit::TestCase "[ruby-dev:44827] [Bug #5586]") end - def test_security_error - assert_raise(SecurityError) do - Thread.new do - t = Time.gm(2000) - $SAFE = 4 - t.localtime - end.join - end - end - def test_at3 t2000 = get_t2000 assert_equal(t2000, Time.at(t2000)) @@ -884,20 +874,6 @@ class TestTime < Test::Unit::TestCase assert_raise(NoMethodError, bug5012) { t1.m } end - def test_time_subclass - bug5036 = '[ruby-dev:44122]' - tc = Class.new(Time) - tc.inspect - t = tc.now - error = assert_raise(SecurityError) do - proc do - $SAFE = 4 - t.gmtime - end.call - end - assert_equal("Insecure: can't modify #{tc}", error.message, bug5036) - end - def test_sec_str bug6193 = '[ruby-core:43569]' t = nil -- cgit v1.2.3