diff options
| author | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-06-23 12:28:16 +0000 |
|---|---|---|
| committer | nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-06-23 12:28:16 +0000 |
| commit | 3a94ceaabb6f0a4cd65cd0ca240e7662dd7d86b2 (patch) | |
| tree | f339bc301c0cb845242c5c454132a732a10e8835 /safe.c | |
| parent | 18e76095b9f247d1f53770a2c94503da12bcaa9f (diff) | |
| download | ruby-3a94ceaabb6f0a4cd65cd0ca240e7662dd7d86b2.tar.gz ruby-3a94ceaabb6f0a4cd65cd0ca240e7662dd7d86b2.tar.xz ruby-3a94ceaabb6f0a4cd65cd0ca240e7662dd7d86b2.zip | |
* file.c (rb_get_path_check): check with given safe level.
* file.c (rb_find_file_ext_safe, rb_find_file_safe): ditto.
* safe.c (rb_insecure_operation): function to raise security error.
git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@23831 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'safe.c')
| -rw-r--r-- | safe.c | 20 |
1 files changed, 13 insertions, 7 deletions
@@ -98,16 +98,22 @@ rb_secure_update(VALUE obj) } void +rb_insecure_operation(void) +{ + if (rb_frame_callee()) { + rb_raise(rb_eSecurityError, "Insecure operation - %s", + rb_id2name(rb_frame_callee())); + } + else { + rb_raise(rb_eSecurityError, "Insecure operation: -r"); + } +} + +void rb_check_safe_obj(VALUE x) { if (rb_safe_level() > 0 && OBJ_TAINTED(x)) { - if (rb_frame_callee()) { - rb_raise(rb_eSecurityError, "Insecure operation - %s", - rb_id2name(rb_frame_callee())); - } - else { - rb_raise(rb_eSecurityError, "Insecure operation: -r"); - } + rb_insecure_operation(); } rb_secure(4); } |