diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rwxr-xr-x | bin/erb | 4 | ||||
-rw-r--r-- | error.c | 4 | ||||
-rw-r--r-- | file.c | 8 | ||||
-rw-r--r-- | gc.c | 2 | ||||
-rw-r--r-- | hash.c | 4 | ||||
-rw-r--r-- | thread.c | 25 | ||||
-rw-r--r-- | variable.c | 5 | ||||
-rw-r--r-- | vm_eval.c | 25 |
9 files changed, 11 insertions, 71 deletions
@@ -1,3 +1,8 @@ +Sun Aug 18 19:32:26 2013 Kazuki Tsujimoto <kazuki@callcc.net> + + * error.c, file.c, gc.c, hash.c, thread.c, variable.c, vm_eval.c, bin/erb: + $SAFE=4 is obsolete. + Sun Aug 18 14:30:47 2013 Tanaka Akira <akr@fsij.org> * process.c (rb_clock_gettime): Rename POSIX_TIME_CLOCK_REALTIME to @@ -72,7 +72,7 @@ class ERB require ARGV.req_arg when '-S' # security level arg = ARGV.req_arg - raise "invalid safe_level #{arg.dump}" unless arg =~ /^[0-4]$/ + raise "invalid safe_level #{arg.dump}" unless arg =~ /^[0-3]$/ safe_level = arg.to_i when '-T' # trim mode arg = ARGV.req_arg @@ -105,7 +105,7 @@ class ERB -v enable verbose mode -d set $DEBUG to true -r library load a library - -S safe_level set $SAFE (0..4) + -S safe_level set $SAFE (0..3) -E ex[:in] set default external/internal encodings -U set default encoding to UTF-8. -T trim_mode specify trim_mode (0..2, -) @@ -2030,10 +2030,6 @@ rb_check_frozen(VALUE obj) void rb_error_untrusted(VALUE obj) { - if (rb_safe_level() >= 4) { - rb_raise(rb_eSecurityError, "Insecure: can't modify %s", - rb_obj_classname(obj)); - } } #undef rb_check_trusted @@ -5428,10 +5428,6 @@ rb_find_file_ext_safe(VALUE *filep, const char *const *ext, int safe_level) return 0; } - if (safe_level >= 4) { - rb_raise(rb_eSecurityError, "loading from non-absolute path %s", f); - } - RB_GC_GUARD(load_path) = rb_get_expanded_load_path(); if (!load_path) return 0; @@ -5493,10 +5489,6 @@ rb_find_file_safe(VALUE path, int safe_level) return path; } - if (safe_level >= 4) { - rb_raise(rb_eSecurityError, "loading from non-absolute path %s", f); - } - RB_GC_GUARD(load_path) = rb_get_expanded_load_path(); if (load_path) { long i; @@ -4578,7 +4578,7 @@ rb_memerror(void) { rb_thread_t *th = GET_THREAD(); if (!nomem_error || - (rb_thread_raised_p(th, RAISED_NOMEMORY) && rb_safe_level() < 4)) { + rb_thread_raised_p(th, RAISED_NOMEMORY)) { fprintf(stderr, "[FATAL] failed to allocate memory\n"); exit(EXIT_FAILURE); } @@ -2714,10 +2714,6 @@ env_aset(VALUE obj, VALUE nm, VALUE val) { char *name, *value; - if (rb_safe_level() >= 4) { - rb_raise(rb_eSecurityError, "can't change environment variable"); - } - if (NIL_P(val)) { env_delete(obj, nm); return Qnil; @@ -541,10 +541,6 @@ thread_start_func_2(rb_thread_t *th, VALUE *stack_start, VALUE *register_stack_s if (state == TAG_FATAL) { /* fatal error within this thread, need to stop whole script */ } - else if (th->safe_level >= 4) { - /* Ignore it. Main thread shouldn't be harmed from untrusted thread. */ - errinfo = Qnil; - } else if (rb_obj_is_kind_of(errinfo, rb_eSystemExit)) { /* exit on main_thread. */ } @@ -2176,8 +2172,6 @@ rb_thread_kill(VALUE thread) GetThreadPtr(thread, th); - if (th != GET_THREAD() && th->safe_level < 4) { - } if (th->to_kill || th->status == THREAD_KILLED) { return thread; } @@ -2741,9 +2735,6 @@ rb_thread_local_aref(VALUE thread, ID id) st_data_t val; GetThreadPtr(thread, th); - if (rb_safe_level() >= 4 && th != GET_THREAD()) { - rb_raise(rb_eSecurityError, "Insecure: thread locals"); - } if (!th->local_storage) { return Qnil; } @@ -2827,9 +2818,6 @@ rb_thread_local_aset(VALUE thread, ID id, VALUE val) rb_thread_t *th; GetThreadPtr(thread, th); - if (rb_safe_level() >= 4 && th != GET_THREAD()) { - rb_raise(rb_eSecurityError, "Insecure: can't modify thread locals"); - } if (OBJ_FROZEN(thread)) { rb_error_frozen("thread locals"); } @@ -2898,15 +2886,8 @@ static VALUE rb_thread_variable_get(VALUE thread, VALUE key) { VALUE locals; - rb_thread_t *th; ID id = rb_check_id(&key); - GetThreadPtr(thread, th); - - if (rb_safe_level() >= 4 && th != GET_THREAD()) { - rb_raise(rb_eSecurityError, "Insecure: can't access thread locals"); - } - if (!id) return Qnil; locals = rb_ivar_get(thread, id_locals); return rb_hash_aref(locals, ID2SYM(id)); @@ -2925,13 +2906,7 @@ static VALUE rb_thread_variable_set(VALUE thread, VALUE id, VALUE val) { VALUE locals; - rb_thread_t *th; - GetThreadPtr(thread, th); - - if (rb_safe_level() >= 4 && th != GET_THREAD()) { - rb_raise(rb_eSecurityError, "Insecure: can't modify thread locals"); - } if (OBJ_FROZEN(thread)) { rb_error_frozen("thread locals"); } diff --git a/variable.c b/variable.c index 96289a6d8f..0bb91e279f 100644 --- a/variable.c +++ b/variable.c @@ -782,8 +782,6 @@ rb_gvar_set(struct global_entry *entry, VALUE val) struct trace_data trace; struct global_variable *var = entry->var; - if (rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't change global variable value"); (*var->setter)(val, entry->id, var->data, var); if (var->trace && !var->block_trace) { @@ -860,9 +858,6 @@ rb_alias_variable(ID name1, ID name2) struct global_entry *entry1, *entry2; st_data_t data1; - if (rb_safe_level() >= 4) - rb_raise(rb_eSecurityError, "Insecure: can't alias global variable"); - entry2 = rb_global_entry(name2); if (!st_lookup(rb_global_tbl, (st_data_t)name1, &data1)) { entry1 = ALLOC(struct global_entry); @@ -1337,16 +1337,7 @@ rb_f_eval(int argc, VALUE *argv, VALUE self) int line = 1; rb_scan_args(argc, argv, "13", &src, &scope, &vfile, &vline); - if (rb_safe_level() >= 4) { - StringValue(src); - if (!NIL_P(scope) && !OBJ_TAINTED(scope)) { - rb_raise(rb_eSecurityError, - "Insecure: can't modify trusted binding"); - } - } - else { - SafeStringValue(src); - } + SafeStringValue(src); if (argc >= 3) { StringValue(vfile); } @@ -1551,12 +1542,7 @@ eval_under(VALUE under, VALUE self, VALUE src, VALUE file, int line) if (SPECIAL_CONST_P(self) && !NIL_P(under)) { cref->flags |= NODE_FL_CREF_PUSHED_BY_EVAL; } - if (rb_safe_level() >= 4) { - StringValue(src); - } - else { - SafeStringValue(src); - } + SafeStringValue(src); return eval_string_with_cref(self, src, Qnil, cref, file, line); } @@ -1573,12 +1559,7 @@ specific_eval(int argc, VALUE *argv, VALUE klass, VALUE self) int line = 1; rb_check_arity(argc, 1, 3); - if (rb_safe_level() >= 4) { - StringValue(argv[0]); - } - else { - SafeStringValue(argv[0]); - } + SafeStringValue(argv[0]); if (argc > 2) line = NUM2INT(argv[2]); if (argc > 1) { |