diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | error.c | 15 | ||||
-rw-r--r-- | include/ruby/intern.h | 1 |
3 files changed, 21 insertions, 0 deletions
@@ -1,3 +1,8 @@ +Fri Jun 22 13:32:33 2012 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * error.c (rb_check_copyable): new function, to ensure the target is + not frozen and the source is not tainted nor untrusted. + Fri Jun 22 05:55:20 2012 Eric Hodel <drbrain@segment7.net> * eval.c (ruby_cleanup): Fixed typo. Patch by Trever Dawe. @@ -2011,6 +2011,21 @@ rb_check_trusted(VALUE obj) } void +rb_check_copyable(VALUE obj, VALUE orig) +{ + if (!FL_ABLE(obj)) return; + rb_check_frozen_internal(obj); + rb_check_trusted_internal(obj); + if (!FL_ABLE(orig)) return; + if ((~RBASIC(obj)->flags & RBASIC(orig)->flags) & (FL_UNTRUSTED|FL_TAINT)) { + if (rb_safe_level() > 0) { + rb_raise(rb_eSecurityError, "Insecure: can't modify %"PRIsVALUE, + RBASIC(obj)->klass); + } + } +} + +void Init_syserr(void) { rb_eNOERROR = set_syserr(0, "NOERROR"); diff --git a/include/ruby/intern.h b/include/ruby/intern.h index 6389073265..e5167c6fad 100644 --- a/include/ruby/intern.h +++ b/include/ruby/intern.h @@ -251,6 +251,7 @@ rb_check_trusted_inline(VALUE obj) } #define rb_check_trusted(obj) rb_check_trusted_inline(obj) #endif +void rb_check_copyable(VALUE obj, VALUE orig); #define OBJ_INIT_COPY(obj, orig) \ ((obj) != (orig) && (rb_obj_init_copy((obj), (orig)), 1)) |