From 3119a80380d503d41623bba8ca103fd40759cf85 Mon Sep 17 00:00:00 2001 From: matz Date: Tue, 28 Mar 2006 21:54:10 +0000 Subject: * eval.c (backtrace): reports aliased method names in a generated backtrace. a patch from "U.Nakamura" . [ruby-dev:28471] * eval.c (rb_call0): insecure calling should be checked for non NODE_SCOPE method invocations too. * eval.c (rb_alias): should preserve the current safe level as well as method definition. * eval.c (yield_under_i): pass self again for instance_eval(). [ruby-dev:28466] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@10063 b2dd03c8-39d4-4d8f-98ff-823fe69b080e --- ChangeLog | 19 +++++++++++++++++++ eval.c | 18 ++++++++++-------- 2 files changed, 29 insertions(+), 8 deletions(-) diff --git a/ChangeLog b/ChangeLog index 30ab29112..1ab20977a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +Wed Mar 29 06:48:40 2006 Yukihiro Matsumoto + + * eval.c (backtrace): reports aliased method names in a generated + backtrace. a patch from "U.Nakamura" . + [ruby-dev:28471] + Mon Mar 27 22:19:09 2006 NARUSE, Yui * ext/nkf/nkf-utf8/{nkf.c, utf8tbl.c, config.h}: imported nkf 2.0.6. @@ -11,6 +17,19 @@ Mon Mar 27 22:19:09 2006 NARUSE, Yui * ext/nkf/lib/kconv.rb (Kconv.to*): add -m0. Note that Kconv.to* still imply -X. +Mon Mar 27 03:17:21 2006 Yukihiro Matsumoto + + * eval.c (rb_call0): insecure calling should be checked for non + NODE_SCOPE method invocations too. + + * eval.c (rb_alias): should preserve the current safe level as + well as method definition. + +Fri Mar 24 23:14:30 2006 Yukihiro Matsumoto + + * eval.c (yield_under_i): pass self again for instance_eval(). + [ruby-dev:28466] + Fri Mar 24 17:20:03 2006 Yukihiro Matsumoto * process.c (rb_f_sleep): remove description about SIGALRM which diff --git a/eval.c b/eval.c index cd2533bc0..eac39bc54 100644 --- a/eval.c +++ b/eval.c @@ -2143,7 +2143,8 @@ rb_alias(klass, name, def) } } st_insert(RCLASS(klass)->m_tbl, name, - (st_data_t)NEW_METHOD(NEW_FBODY(body, def, origin), orig->nd_noex)); + (st_data_t)NEW_METHOD(NEW_FBODY(body, def, origin), + NOEX_WITH_SAFE(orig->nd_noex))); if (singleton) { rb_funcall(singleton, singleton_added, 1, ID2SYM(name)); } @@ -5700,6 +5701,11 @@ rb_call0(klass, recv, id, oid, argc, argv, body, flags) TMP_PROTECT; volatile int safe = -1; + if (NOEX_SAFE(flags) > ruby_safe_level && + !(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) { + rb_raise(rb_eSecurityError, "calling insecure method: %s", + rb_id2name(id)); + } switch (ruby_iter->iter) { case ITER_PRE: case ITER_PAS: @@ -5821,10 +5827,6 @@ rb_call0(klass, recv, id, oid, argc, argv, body, flags) b2 = body = body->nd_next; if (NOEX_SAFE(flags) > ruby_safe_level) { - if (!(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) { - rb_raise(rb_eSecurityError, "calling insecure method: %s", - rb_id2name(id)); - } safe = ruby_safe_level; ruby_safe_level = NOEX_SAFE(flags); } @@ -6189,7 +6191,7 @@ backtrace(lev) if (frame->last_func) { snprintf(buf, BUFSIZ, "%s:%d:in `%s'", ruby_sourcefile, ruby_sourceline, - rb_id2name(frame->orig_func)); + rb_id2name(frame->last_func)); } else if (ruby_sourceline == 0) { snprintf(buf, BUFSIZ, "%s", ruby_sourcefile); @@ -6214,7 +6216,7 @@ backtrace(lev) if (frame->prev->node == n) continue; snprintf(buf, BUFSIZ, "%s:%d:in `%s'", n->nd_file, nd_line(n), - rb_id2name(frame->prev->orig_func)); + rb_id2name(frame->prev->last_func)); } else { snprintf(buf, BUFSIZ, "%s:%d", n->nd_file, nd_line(n)); @@ -6588,7 +6590,7 @@ static VALUE yield_under_i(self) VALUE self; { - return rb_yield_0(Qundef, self, ruby_class, YIELD_PUBLIC_DEF, Qfalse); + return rb_yield_0(self, self, ruby_class, YIELD_PUBLIC_DEF, Qfalse); } /* block eval under the class/module context */ -- cgit