aboutsummaryrefslogtreecommitdiffstats
path: root/dir.c
diff options
context:
space:
mode:
Diffstat (limited to 'dir.c')
-rw-r--r--dir.c20
1 files changed, 19 insertions, 1 deletions
diff --git a/dir.c b/dir.c
index 42668d338f..2c868c2747 100644
--- a/dir.c
+++ b/dir.c
@@ -441,7 +441,16 @@ dir_closed(void)
rb_raise(rb_eIOError, "closed directory");
}
+static void
+dir_check(VALUE dir)
+{
+ if (!OBJ_TAINTED(dir) && rb_safe_level() >= 4)
+ rb_raise(rb_eSecurityError, "Insecure: operation on untainted Dir");
+ rb_check_frozen(dir);
+}
+
#define GetDIR(obj, dirp) do {\
+ dir_check(dir);\
Data_Get_Struct(obj, struct dir_data, dirp);\
if (dirp->dir == NULL) dir_closed();\
} while (0)
@@ -647,6 +656,9 @@ dir_rewind(VALUE dir)
{
struct dir_data *dirp;
+ if (rb_safe_level() >= 4 && !OBJ_TAINTED(dir)) {
+ rb_raise(rb_eSecurityError, "Insecure: can't close");
+ }
GetDIR(dir, dirp);
rewinddir(dirp->dir);
return dir;
@@ -903,9 +915,15 @@ dir_s_rmdir(VALUE obj, VALUE dir)
return INT2FIX(0);
}
+static void
+sys_warning_1(const char* mesg)
+{
+ rb_sys_warning("%s", mesg);
+}
+
#define GLOB_VERBOSE (1 << (sizeof(int) * CHAR_BIT - 1))
#define sys_warning(val) \
- ((flags & GLOB_VERBOSE) && rb_protect((VALUE (*)(VALUE))rb_sys_warning, (VALUE)(val), 0))
+ ((flags & GLOB_VERBOSE) && rb_protect((VALUE (*)_((VALUE)))sys_warning_1, (VALUE)(val), 0))
/* System call with warning */
static int
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-09 11:10:33 +0000