diff options
author | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2001-12-21 09:23:28 +0000 |
---|---|---|
committer | matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2001-12-21 09:23:28 +0000 |
commit | 63b6b9c43003cd5071748efca0a6d9b066834c5b (patch) | |
tree | f8118586a62a230db5e7a53998ec7c8775b78eac /variable.c | |
parent | e93b8f1c892672a06bd6861859373e7bec49c3f6 (diff) | |
download | ruby-63b6b9c43003cd5071748efca0a6d9b066834c5b.tar.gz |
* time.c (time_plus): result should not be negative unless
NEGATIVE_TIME_T is defined.
* time.c (time_new_internal): should check tv_sec overflow too.
* time.c (time_timeval): should check time_t range when time is
initialized from float.
* time.c (time_plus): uses modf(3).
* variable.c (rb_cvar_set): add frozen class/module check.
* variable.c (rb_cvar_declare): add frozen class/module check.
* re.c (match_to_a): should propagate taint.
* re.c (rb_reg_s_quote): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1933 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'variable.c')
-rw-r--r-- | variable.c | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/variable.c b/variable.c index ce8180f02f..8b9dfaa1d5 100644 --- a/variable.c +++ b/variable.c @@ -1459,16 +1459,15 @@ rb_cvar_set(klass, id, val) tmp = klass; while (tmp) { - if (RCLASS(tmp)->iv_tbl) { - if (st_lookup(RCLASS(tmp)->iv_tbl,id,0)) { - if (!OBJ_TAINTED(tmp) && rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't modify class variable"); - st_insert(RCLASS(tmp)->iv_tbl,id,val); - if (ruby_verbose) { - cvar_override_check(id, tmp); - } - return; + if (RCLASS(tmp)->iv_tbl && st_lookup(RCLASS(tmp)->iv_tbl,id,0)) { + if (OBJ_FROZEN(tmp)) rb_error_frozen("class/module"); + if (!OBJ_TAINTED(tmp) && rb_safe_level() >= 4) + rb_raise(rb_eSecurityError, "Insecure: can't modify class variable"); + st_insert(RCLASS(tmp)->iv_tbl,id,val); + if (ruby_verbose) { + cvar_override_check(id, tmp); } + return; } tmp = RCLASS(tmp)->super; } @@ -1488,6 +1487,7 @@ rb_cvar_declare(klass, id, val) tmp = klass; while (tmp) { if (RCLASS(tmp)->iv_tbl && st_lookup(RCLASS(tmp)->iv_tbl,id,0)) { + if (OBJ_FROZEN(tmp)) rb_error_frozen("class/module"); if (!OBJ_TAINTED(tmp) && rb_safe_level() >= 4) rb_raise(rb_eSecurityError, "Insecure: can't modify class variable"); if (ruby_verbose && klass != tmp) { |