From c0a636b6f94d7f95ed95a7abf7c2936bbd3fc5a7 Mon Sep 17 00:00:00 2001 From: matz Date: Wed, 16 Jan 2002 09:25:59 +0000 Subject: * st.c: primes should be primes. * eval.c (is_defined): method defined? check should honor protected too. * eval.c (block_pass): should not pass tainted block, if $SAFE > 0. * variable.c (rb_mod_remove_cvar): should pass the char*. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@1996 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 17 +++++++++++++++++ eval.c | 27 ++++++++++++++++++++++----- ext/digest/defs.h | 3 ++- parse.y | 4 +--- sample/test.rb | 22 ++++++++++++++++++---- st.c | 30 +++++++++++++++--------------- variable.c | 2 +- 7 files changed, 76 insertions(+), 29 deletions(-) diff --git a/ChangeLog b/ChangeLog index 1d90e24780..d81327eaa4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +Wed Jan 16 18:25:08 2002 Yukihiro Matsumoto + + * st.c: primes should be primes. + Wed Jan 16 12:29:14 2002 Tanaka Akira * lib/timeout.rb (timeout): new optional argument to specify an @@ -15,6 +19,19 @@ Wed Jan 16 11:12:30 2002 Nobuyoshi Nakada * class.c (rb_class_inherited): should use Object when no super class. +Tue Jan 15 01:11:44 2002 Yukihiro Matsumoto + + * eval.c (is_defined): method defined? check should honor + protected too. + +Mon Jan 14 13:06:02 2002 Yukihiro Matsumoto + + * eval.c (block_pass): should not pass tainted block, if $SAFE > 0. + +Sun Jan 13 09:31:41 2002 Koji Arai + + * variable.c (rb_mod_remove_cvar): should pass the char*. + Fri Jan 11 05:06:25 2002 Nobuyoshi Nakada * class.c (rb_make_metaclass): [new] diff --git a/eval.c b/eval.c index 607c42b707..a70adbca18 100644 --- a/eval.c +++ b/eval.c @@ -1801,7 +1801,23 @@ is_defined(self, node, buf) return 0; } check_bound: - if (rb_method_boundp(val, node->nd_mid, nd_type(node)== NODE_CALL)) { + { + int call = nd_type(node)== NODE_CALL; + if (call) { + int noex; + ID id = node->nd_mid; + + if (!rb_get_method_body(&val, &id, &noex)) + break; + if ((noex & NOEX_PRIVATE)) + break; + if ((noex & NOEX_PROTECTED) && + !rb_obj_is_kind_of(self, rb_class_real(val))) + break; + } + } + else if (!rb_method_boundp(val, node->nd_mid, call)) + break; return arg_defined(self, node->nd_args, buf, "method"); } break; @@ -4634,10 +4650,7 @@ rb_call(klass, recv, mid, argc, argv, scope) /* self must be kind of a specified form for private method */ if ((noex & NOEX_PROTECTED)) { - VALUE defined_class = klass; - while (TYPE(defined_class) == T_ICLASS) - defined_class = RBASIC(defined_class)->klass; - if (!rb_obj_is_kind_of(ruby_frame->self, defined_class)) + if (!rb_obj_is_kind_of(ruby_frame->self, rb_class_real(klass))) return rb_undefined(recv, mid, argc, argv, CSTAT_PROT); } } @@ -6564,6 +6577,10 @@ block_pass(self, node) rb_class2name(CLASS_OF(block))); } + if (rb_safe_level() >= 1 && OBJ_TAINTED(block)) { + rb_raise(rb_eSecurityError, "Insecure: tainted block value"); + } + Data_Get_Struct(block, struct BLOCK, data); orphan = blk_orphan(data); diff --git a/ext/digest/defs.h b/ext/digest/defs.h index 7af8f52324..df7df377b9 100644 --- a/ext/digest/defs.h +++ b/ext/digest/defs.h @@ -10,7 +10,8 @@ #if defined(HAVE_SYS_CDEFS_H) # include -#else +#endif +#if !defined(__BEGIN_DECLS) # define __BEGIN_DECLS # define __END_DECLS #endif diff --git a/parse.y b/parse.y index ce7eae97a3..1b077cb152 100644 --- a/parse.y +++ b/parse.y @@ -4278,9 +4278,7 @@ gettable(id) return NEW_FALSE(); } else if (id == k__FILE__) { - VALUE f = rb_str_new2(ruby_sourcefile); - OBJ_FREEZE(f); - return NEW_LIT(f); + return NEW_STR(rb_str_new2(ruby_sourcefile)); } else if (id == k__LINE__) { return NEW_LIT(INT2FIX(ruby_sourceline)); diff --git a/sample/test.rb b/sample/test.rb index 7022b4de98..fc2eb5ae0f 100644 --- a/sample/test.rb +++ b/sample/test.rb @@ -1313,17 +1313,31 @@ test_ok(defined?($x) == 'global-variable')# returns description foo=5 test_ok(defined?(foo)) # local variable -test_ok(defined?(Array)) # constant +test_ok(defined?(Array)) # constant test_ok(defined?(Object.new)) # method -test_ok(!defined?(Object.print)) # private method -test_ok(defined?(1 == 2)) # operator expression +test_ok(!defined?(Object.print))# private method +test_ok(defined?(1 == 2)) # operator expression + +class Foo + def foo + p :foo + end + protected :foo + def bar(f) + test_ok(defined?(self.foo)) + test_ok(defined?(f.foo)) + end +end +f = Foo.new +test_ok(defined?(f.foo) == nil) +f.bar(f) def defined_test return !defined?(yield) end test_ok(defined_test) # not iterator -test_ok(!defined_test{}) # called as iterator +test_ok(!defined_test{}) # called as iterator test_check "alias" class Alias0 diff --git a/st.c b/st.c index c1e4e3bec8..5380a81e03 100644 --- a/st.c +++ b/st.c @@ -86,25 +86,25 @@ static long primes[] = { 512 + 9, 1024 + 9, 2048 + 5, - 4096 + 83, + 4096 + 3, 8192 + 27, 16384 + 43, 32768 + 3, 65536 + 45, - 131072 + 9, - 262144 + 39, - 524288 + 39, - 1048576 + 9, - 2097152 + 5, - 4194304 + 3, - 8388608 + 33, - 16777216 + 27, - 33554432 + 9, - 67108864 + 71, - 134217728 + 39, - 268435456 + 9, - 536870912 + 5, - 1073741824 + 83, + 131072 + 29, + 262144 + 3, + 524288 + 21, + 1048576 + 7, + 2097152 + 17, + 4194304 + 15, + 8388608 + 9, + 16777216 + 43, + 33554432 + 35, + 67108864 + 15, + 134217728 + 29, + 268435456 + 3, + 536870912 + 11, + 1073741824 + 85, 0 }; diff --git a/variable.c b/variable.c index 8b9dfaa1d5..b44ea009ed 100644 --- a/variable.c +++ b/variable.c @@ -1631,7 +1631,7 @@ rb_mod_remove_cvar(mod, name) VALUE val; if (!rb_is_class_id(id)) { - rb_name_error(id, "wrong class variable name %s", name); + rb_name_error(id, "wrong class variable name %s", rb_id2name(id)); } if (!OBJ_TAINTED(mod) && rb_safe_level() >= 4) rb_raise(rb_eSecurityError, "Insecure: can't remove class variable"); -- cgit v1.2.3