From c0d013df914bf4020152e155f8b8218810623ab1 Mon Sep 17 00:00:00 2001
From: matz <matz@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 19 Feb 2002 06:43:58 +0000
Subject: * file.c (path_check_1): should check directory sticky bits.

* process.c (security): need not to warn twice.

* marshal.c (r_object): complete restoration before calling
  r_regist().


git-svn-id: http://svn.ruby-lang.org/repos/ruby/trunk@2092 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog |  9 +++++++++
 file.c    |  9 ++++++++-
 marshal.c | 11 ++++-------
 process.c |  3 ---
 4 files changed, 21 insertions(+), 11 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 736735f55..0d4305302 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+Tue Feb 19 14:45:32 2002  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* file.c (path_check_1): should check directory sticky bits.
+
+	* process.c (security): need not to warn twice.
+
+	* marshal.c (r_object): complete restoration before calling
+	  r_regist(). 
+
 Tue Feb 19 14:24:36 2002  Yukihiro Matsumoto  <matz@ruby-lang.org>
 
 	* parse.y (yylex): operators in the "op" rule should make
diff --git a/file.c b/file.c
index 1eea9360e..3016589b9 100644
--- a/file.c
+++ b/file.c
@@ -2304,7 +2304,14 @@ path_check_1(path)
 	return path_check_1(newpath);
     }
     for (;;) {
-	if (stat(p0, &st) == 0 && (st.st_mode & 002)) {
+#ifndef S_IWOTH
+# define S_IWOTH 002
+#endif
+	if (stat(p0, &st) == 0 && S_ISDIR(st->st_mode) && (st.st_mode & S_IWOTH)
+#ifdef S_ISVTX
+	    && !(st.st_mode & S_ISVTX)
+#endif
+	    ) {
 	    if (p) *p = '/';
 	    rb_warn("Unsecure world writeable dir %s , mode 0%o", p0, st.st_mode);
 	    return 0;
diff --git a/marshal.c b/marshal.c
index 72ac20ae6..5966a7659 100644
--- a/marshal.c
+++ b/marshal.c
@@ -927,11 +927,10 @@ r_object(arg)
 	    volatile long len = r_long(arg); /* gcc 2.7.2.3 -O2 bug?? */
 
 	    v = rb_ary_new2(len);
-	    r_regist(v, arg);
 	    while (len--) {
 		rb_ary_push(v, r_object(arg));
 	    }
-	    return v;
+	    return r_regist(v, arg);;
 	}
 
       case TYPE_HASH:
@@ -940,7 +939,6 @@ r_object(arg)
 	    long len = r_long(arg);
 
 	    v = rb_hash_new();
-	    r_regist(v, arg);
 	    while (len--) {
 		VALUE key = r_object(arg);
 		VALUE value = r_object(arg);
@@ -949,7 +947,7 @@ r_object(arg)
 	    if (type == TYPE_HASH_DEF) {
 		RHASH(v)->ifnone = r_object(arg);
 	    }
-	    return v;
+	    return r_regist(v, arg);
 	}
 
       case TYPE_STRUCT:
@@ -971,7 +969,6 @@ r_object(arg)
 		rb_ary_push(values, Qnil);
 	    }
 	    v = rb_struct_alloc(klass, values);
-	    r_regist(v, arg);
 	    for (i=0; i<len; i++) {
 		slot = r_symbol(arg);
 
@@ -983,6 +980,7 @@ r_object(arg)
 		}
 		rb_struct_aset(v, INT2FIX(i), r_object(arg));
 	    }
+	    r_regist(v, arg);
 	    return v;
 	}
 	break;
@@ -1010,9 +1008,8 @@ r_object(arg)
 	    if (TYPE(v) != T_OBJECT) {
 		rb_raise(rb_eArgError, "dump format error");
 	    }
-	    r_regist(v, arg);
 	    r_ivar(v, arg);
-	    return v;
+	    return r_regist(v, arg);
 	}
 	break;
 
diff --git a/process.c b/process.c
index e4b633c8e..8da595357 100644
--- a/process.c
+++ b/process.c
@@ -431,9 +431,6 @@ security(str)
 	if (rb_safe_level() > 0) {
 	    rb_raise(rb_eSecurityError, "Insecure PATH - %s", str);
 	}
-	else {
-	    rb_warn("Insecure PATH - %s", str);
-	}
     }
 }
 
-- 
cgit