From 8b920b4ac80bf9d7c4193ecff9046b4ae95502e4 Mon Sep 17 00:00:00 2001
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 23 Jun 2009 12:28:16 +0000
Subject: * file.c (rb_get_path_check): check with given safe level.

* file.c (rb_find_file_ext_safe, rb_find_file_safe): ditto.

* safe.c (rb_insecure_operation): function to raise security error.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@23831 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 safe.c | 20 +++++++++++++-------
 1 file changed, 13 insertions(+), 7 deletions(-)

(limited to 'safe.c')

diff --git a/safe.c b/safe.c
index ebe62f4206..bb725e1394 100644
--- a/safe.c
+++ b/safe.c
@@ -97,17 +97,23 @@ rb_secure_update(VALUE obj)
 	rb_secure(4);
 }
 
+void
+rb_insecure_operation(void)
+{
+    if (rb_frame_callee()) {
+	rb_raise(rb_eSecurityError, "Insecure operation - %s",
+		 rb_id2name(rb_frame_callee()));
+    }
+    else {
+	rb_raise(rb_eSecurityError, "Insecure operation: -r");
+    }
+}
+
 void
 rb_check_safe_obj(VALUE x)
 {
     if (rb_safe_level() > 0 && OBJ_TAINTED(x)) {
-	if (rb_frame_callee()) {
-	    rb_raise(rb_eSecurityError, "Insecure operation - %s",
-		     rb_id2name(rb_frame_callee()));
-	}
-	else {
-	    rb_raise(rb_eSecurityError, "Insecure operation: -r");
-	}
+	rb_insecure_operation();
     }
     rb_secure(4);
 }
-- 
cgit v1.2.3