* io.c (rb_io_initialize): should check rb_secure(4).

* dir.c (dir_s_getwd): should check rb_secure(4). * object.c (rb_obj_infect): function version of OBJ_INFECT(). * eval.c (rb_secure_update): new function to check object update. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@3611 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
lann · Mar 25, 2003 · d4db9e9 · d4db9e9
1 parent 2d505ae
commit d4db9e9
Show file tree

Hide file tree

Showing 6 changed files with 34 additions and 2 deletions.
diff --git a/ChangeLog b/ChangeLog
@@ -1,3 +1,13 @@
+Tue Mar 25 12:01:54 2003  Yukihiro Matsumoto  <[email protected]>
+
+	* io.c (rb_io_initialize): should check rb_secure(4).
+
+	* dir.c (dir_s_getwd): should check rb_secure(4).
+
+	* object.c (rb_obj_infect): function version of OBJ_INFECT().
+
+	* eval.c (rb_secure_update): new function to check object update.
+
 Tue Mar 25 10:18:05 2003  Minero Aoki  <[email protected]>
 
 	* ext/strscan/strscan.c: should infect also return values of

diff --git a/dir.c b/dir.c
@@ -493,8 +493,12 @@ static VALUE
 dir_s_getwd(dir)
     VALUE dir;
 {
-    char *path = my_getcwd();
-    VALUE cwd = rb_tainted_str_new2(path);
+    char *path;
+    VALUE cwd;
+
+    rb_secure(4);
+    path = my_getcwd();
+    cwd = rb_tainted_str_new2(path);
 
     free(path);
     return cwd;

diff --git a/eval.c b/eval.c
@@ -138,6 +138,13 @@ rb_secure(level)
     }
 }
 
+void
+rb_secure_update(obj)
+    VALUE obj;
+{
+    if (!OBJ_TAINTED(obj)) rb_secure(4);
+}
+
 void
 rb_check_safe_obj(x)
     VALUE x;

diff --git a/io.c b/io.c
@@ -2826,6 +2826,7 @@ rb_io_initialize(argc, argv, io)
     int fd, flags;
     char mbuf[4];
 
+    rb_secure(4);
     rb_scan_args(argc, argv, "11", &fnum, &mode);
     fd = NUM2INT(fnum);
     if (argc == 2) {

diff --git a/object.c b/object.c
@@ -357,6 +357,13 @@ rb_obj_untaint(obj)
     return obj;
 }
 
+void
+rb_obj_infect(obj1, obj2)
+    VALUE obj1, obj2;
+{
+    OBJ_INFECT(obj1, obj2);
+}
+
 VALUE
 rb_obj_freeze(obj)
     VALUE obj;

diff --git a/ruby.h b/ruby.h
@@ -230,6 +230,7 @@ void rb_secure _((int));
 RUBY_EXTERN int ruby_safe_level;
 #define rb_safe_level() (ruby_safe_level)
 void rb_set_safe_level _((int));
+void rb_secure_update _((VALUE));
 
 long rb_num2long _((VALUE));
 unsigned long rb_num2ulong _((VALUE));
@@ -457,6 +458,8 @@ struct RBignum {
 #define MEMMOVE(p1,p2,type,n) memmove((p1), (p2), sizeof(type)*(n))
 #define MEMCMP(p1,p2,type,n) memcmp((p1), (p2), sizeof(type)*(n))
 
+void rb_obj_infect _((VALUE,VALUE));
+
 void rb_glob _((char*,void(*)(const char*,VALUE),VALUE));
 void rb_globi _((char*,void(*)(const char*,VALUE),VALUE));