1berry/ruby
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

security enhancement of dl library (need test).

Browse Source 
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@3609 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
matz 2003-03-24 09:38:37 +00:00
parent ab7dac4027
commit ece972717b
9 changed files with 175 additions and 158 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
eval.c
View File

@ -139,7 +139,7 @@ rb_secure(level)
} }
void void
rb_check_safe_str(x) rb_check_safe_obj(x)
VALUE x; VALUE x;
{ {
if (ruby_safe_level > 0 && OBJ_TAINTED(x)){ if (ruby_safe_level > 0 && OBJ_TAINTED(x)){
@ -152,6 +152,13 @@ rb_check_safe_str(x)
} }
} }
rb_secure(4); rb_secure(4);
}
void
rb_check_safe_str(x)
VALUE x;
{
rb_check_safe_obj(x);
if (TYPE(x)!= T_STRING) { if (TYPE(x)!= T_STRING) {
rb_raise(rb_eTypeError, "wrong argument type %s (expected String)", rb_raise(rb_eTypeError, "wrong argument type %s (expected String)",
rb_obj_classname(x)); rb_obj_classname(x));

23
ext/dl/dl.c
View File

@ -401,7 +401,7 @@ c_parray(VALUE v, long *size)
{ {
int i, len; int i, len;
void **ary; void **ary;
VALUE e; VALUE e, tmp;
len = RARRAY(v)->len; len = RARRAY(v)->len;
*size = sizeof(void*) * len; *size = sizeof(void*) * len;
@ -409,7 +409,15 @@ c_parray(VALUE v, long *size)
for (i=0; i < len; i++) { for (i=0; i < len; i++) {
e = rb_ary_entry(v, i); e = rb_ary_entry(v, i);
switch (TYPE(e)) { switch (TYPE(e)) {
default:
tmp = rb_check_string_type(e);
if (NIL_P(tmp)) {
rb_raise(rb_eDLTypeError, "unexpected type of the element #%d", i);
}
e = tmp;
/* fall through */
case T_STRING: case T_STRING:
rb_check_safe_str(e);
{ {
char *str, *src; char *str, *src;
src = RSTRING(e)->ptr; src = RSTRING(e)->ptr;
@ -430,9 +438,6 @@ c_parray(VALUE v, long *size)
rb_raise(rb_eDLTypeError, "unexpected type of the element #%d", i); rb_raise(rb_eDLTypeError, "unexpected type of the element #%d", i);
} }
break; break;
default:
rb_raise(rb_eDLTypeError, "unexpected type of the element #%d", i);
break;
} }
} }
@ -445,9 +450,11 @@ rb_ary2cary(char t, VALUE v, long *size)
int len; int len;
VALUE val0; VALUE val0;
if( TYPE(v) != T_ARRAY ){ val0 = rb_check_array_type(v);
if(NIL_P(TYPE(val0))) {
rb_raise(rb_eDLTypeError, "an array is expected."); rb_raise(rb_eDLTypeError, "an array is expected.");
} }
v = val0;
len = RARRAY(v)->len; len = RARRAY(v)->len;
if (len == 0) { if (len == 0) {
@ -556,15 +563,13 @@ rb_dl_malloc(VALUE self, VALUE size)
VALUE VALUE
rb_dl_strdup(VALUE self, VALUE str) rb_dl_strdup(VALUE self, VALUE str)
{ {
rb_secure(4); SafeStringValue(str);
str = rb_String(str);
return rb_dlptr_new(strdup(RSTRING(str)->ptr), RSTRING(str)->len, dlfree); return rb_dlptr_new(strdup(RSTRING(str)->ptr), RSTRING(str)->len, dlfree);
} }
static VALUE static VALUE
rb_dl_sizeof(VALUE self, VALUE str) rb_dl_sizeof(VALUE self, VALUE str)
{ {
rb_secure(4);
return INT2NUM(dlsizeof(StringValuePtr(str))); return INT2NUM(dlsizeof(StringValuePtr(str)));
} }
@ -589,7 +594,7 @@ rb_dl_callback(int argc, VALUE argv[], VALUE self)
break; break;
} }
Check_Type(type, T_STRING); StringValue(type);
switch (RSTRING(type)->ptr[0]) { switch (RSTRING(type)->ptr[0]) {
case '0': case '0':
rettype = 0x00; rettype = 0x00;

3
ext/dl/handle.c
View File

@ -138,7 +138,9 @@ rb_dlhandle_sym(int argc, VALUE argv[], VALUE self)
const char *name, *stype; const char *name, *stype;
const char *err; const char *err;
rb_secure(4);
if (rb_scan_args(argc, argv, "11", &sym, &type) == 2) { if (rb_scan_args(argc, argv, "11", &sym, &type) == 2) {
SafeStringValue(type);
stype = StringValuePtr(type); stype = StringValuePtr(type);
} }
else{ else{
@ -153,6 +155,7 @@ rb_dlhandle_sym(int argc, VALUE argv[], VALUE self)
#endif #endif
} }
else{ else{
SafeStringValue(sym);
name = StringValuePtr(sym); name = StringValuePtr(sym);
} }

12
ext/dl/ptr.c
View File

@ -82,6 +82,7 @@ dlptr_init(VALUE val)
data->ptr); data->ptr);
}); });
rb_dlmem_aset(data->ptr, val); rb_dlmem_aset(data->ptr, val);
OBJ_TAINT(val);
} }
VALUE VALUE
@ -552,10 +553,7 @@ rb_dlptr_define_data_type(int argc, VALUE argv[], VALUE self)
Check_Type(rest, T_ARRAY); Check_Type(rest, T_ARRAY);
num = RARRAY(rest)->len; num = RARRAY(rest)->len;
for (i=0; i<num; i++) { for (i=0; i<num; i++) {
vid = rb_ary_entry(rest,i); rb_to_id(rb_ary_entry(rest,i));
if( !(TYPE(vid)==T_STRING || TYPE(vid)==T_SYMBOL) ){
rb_raise(rb_eTypeError, "#%d must be a string or symbol", i + 2);
}
} }
data->ctype = t; data->ctype = t;
@ -747,7 +745,7 @@ rb_dlptr_aref(int argc, VALUE argv[], VALUE self)
pass[0] = num; pass[0] = num;
return rb_dlptr_to_str(1, pass, rb_dlptr_plus(self, key)); return rb_dlptr_to_str(1, pass, rb_dlptr_plus(self, key));
} }
rb_to_id(key);
if (! (TYPE(key) == T_STRING || TYPE(key) == T_SYMBOL)) { if (! (TYPE(key) == T_STRING || TYPE(key) == T_SYMBOL)) {
rb_raise(rb_eTypeError, "the key must be a string or symbol"); rb_raise(rb_eTypeError, "the key must be a string or symbol");
} }
@ -882,10 +880,6 @@ rb_dlptr_aset(int argc, VALUE argv[], VALUE self)
return val; return val;
} }
if( ! (TYPE(key) == T_STRING || TYPE(key) == T_SYMBOL ) ){
rb_raise(rb_eTypeError, "the key must be a string or symbol");
}
id = rb_to_id(key); id = rb_to_id(key);
Data_Get_Struct(self, struct ptr_data, data); Data_Get_Struct(self, struct ptr_data, data);
switch (data->ctype) { switch (data->ctype) {

20
ext/dl/sym.c
View File

@ -330,7 +330,7 @@ rb_dlsym_call(int argc, VALUE argv[], VALUE self)
long ftype; long ftype;
void *func; void *func;
rb_secure(4); rb_secure(2);
Data_Get_Struct(self, struct sym_data, sym); Data_Get_Struct(self, struct sym_data, sym);
DEBUG_CODE({ DEBUG_CODE({
printf("rb_dlsym_call(): type = '%s', func = 0x%x\n", sym->type, sym->func); printf("rb_dlsym_call(): type = '%s', func = 0x%x\n", sym->type, sym->func);
@ -457,20 +457,20 @@ rb_dlsym_call(int argc, VALUE argv[], VALUE self)
ANY2S(args[i]) = DLSTR(0); ANY2S(args[i]) = DLSTR(0);
} }
else{ else{
if( TYPE(argv[i]) != T_STRING ){ VALUE str = argv[i];
rb_raise(rb_eDLError, "#%d must be a string",i); SafeStringValue(str);
} ANY2S(args[i]) = DLSTR(RSTRING(str)->ptr);
ANY2S(args[i]) = DLSTR(RSTRING(argv[i])->ptr);
} }
PUSH_P(ftype); PUSH_P(ftype);
break; break;
case 's': case 's':
if( TYPE(argv[i]) != T_STRING ){ {
rb_raise(rb_eDLError, "#%d must be a string",i); VALUE str = argv[i];
} SafeStringValue(str);
ANY2S(args[i]) = DLSTR(dlmalloc(RSTRING(argv[i])->len + 1)); ANY2S(args[i]) = DLSTR(dlmalloc(RSTRING(str)->len + 1));
memcpy((char*)(ANY2S(args[i])), RSTRING(argv[i])->ptr, RSTRING(argv[i])->len + 1); memcpy((char*)(ANY2S(args[i])), RSTRING(str)->ptr, RSTRING(str)->len + 1);
dtypes[i] = 's'; dtypes[i] = 's';
}
PUSH_P(ftype); PUSH_P(ftype);
break; break;
default: default:

6
lib/jcode.rb
View File

@ -19,9 +19,9 @@ class String
PATTERN_EUC = '[\xa1-\xfe][\xa1-\xfe]' PATTERN_EUC = '[\xa1-\xfe][\xa1-\xfe]'
PATTERN_UTF8 = '[\xc0-\xdf][\x80-\xbf]|[\xe0-\xef][\x80-\xbf][\x80-\xbf]' PATTERN_UTF8 = '[\xc0-\xdf][\x80-\xbf]|[\xe0-\xef][\x80-\xbf][\x80-\xbf]'
RE_SJIS = Regexp.new(PATTERN_SJIS, 'n') RE_SJIS = Regexp.new(PATTERN_SJIS, 0, 'n')
RE_EUC = Regexp.new(PATTERN_EUC, 'n') RE_EUC = Regexp.new(PATTERN_EUC, 0, 'n')
RE_UTF8 = Regexp.new(PATTERN_UTF8, 'n') RE_UTF8 = Regexp.new(PATTERN_UTF8, 0, 'n')
SUCC = {} SUCC = {}
SUCC['s'] = Hash.new(1) SUCC['s'] = Hash.new(1)

6
object.c
View File

@ -773,12 +773,14 @@ ID
rb_to_id(name) rb_to_id(name)
VALUE name; VALUE name;
{ {
VALUE tmp;
ID id; ID id;
switch (TYPE(name)) { switch (TYPE(name)) {
case T_STRING: case T_STRING:
return rb_intern(RSTRING(name)->ptr); return rb_intern(RSTRING(name)->ptr);
case T_FIXNUM: case T_FIXNUM:
rb_warn("do not use Fixnums as Symbols");
id = FIX2LONG(name); id = FIX2LONG(name);
if (!rb_id2name(id)) { if (!rb_id2name(id)) {
rb_raise(rb_eArgError, "%ld is not a symbol", id); rb_raise(rb_eArgError, "%ld is not a symbol", id);
@ -788,6 +790,10 @@ rb_to_id(name)
id = SYM2ID(name); id = SYM2ID(name);
break; break;
default: default:
tmp = rb_check_string_type(name);
if (!NIL_P(tmp)) {
return rb_intern(RSTRING(tmp)->ptr);
}
rb_raise(rb_eTypeError, "%s is not a symbol", RSTRING(rb_inspect(name))->ptr); rb_raise(rb_eTypeError, "%s is not a symbol", RSTRING(rb_inspect(name))->ptr);
} }
return id; return id;

6
ruby.h
View File

@ -215,12 +215,14 @@ VALUE rb_string_value _((volatile VALUE*));
char *rb_string_value_ptr _((volatile VALUE*)); char *rb_string_value_ptr _((volatile VALUE*));
#define StringValue(v) if (TYPE(v) != T_STRING) rb_string_value(&(v)) #define StringValue(v) if (TYPE(v) != T_STRING) rb_string_value(&(v))
#define StringValuePtr(v) rb_string_value_ptr(&(v))
void rb_check_safe_obj _((VALUE));
void rb_check_safe_str _((VALUE)); void rb_check_safe_str _((VALUE));
#define SafeStringValue(v) do {\ #define SafeStringValue(v) do {\
StringValue(v);\ StringValue(v);\
rb_check_safe_str(v);\ rb_check_safe_obj(v);\
} while (0) } while (0)
#define StringValuePtr(v) rb_string_value_ptr(&(v))
/* obsolete macro - use SafeStringValue(v) */ /* obsolete macro - use SafeStringValue(v) */
#define Check_SafeStr(v) rb_check_safe_str((VALUE)(v)) #define Check_SafeStr(v) rb_check_safe_str((VALUE)(v))

8
version.h
View File

@ -1,11 +1,11 @@
#define RUBY_VERSION "1.8.0" #define RUBY_VERSION "1.8.0"
#define RUBY_RELEASE_DATE "2003-03-23" #define RUBY_RELEASE_DATE "2003-03-24"
#define RUBY_VERSION_CODE 180 #define RUBY_VERSION_CODE 180
#define RUBY_RELEASE_CODE 20030323 #define RUBY_RELEASE_CODE 20030324
#define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MAJOR 1
#define RUBY_VERSION_MINOR 8 #define RUBY_VERSION_MINOR 8
#define RUBY_VERSION_TEENY 0 #define RUBY_VERSION_TEENY 0
#define RUBY_RELEASE_YEAR 2003 #define RUBY_RELEASE_YEAR 2003
#define RUBY_RELEASE_MONTH 03 #define RUBY_RELEASE_MONTH 3
#define RUBY_RELEASE_DAY 23 #define RUBY_RELEASE_DAY 24