archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-09-15 16:44:01 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

merges r21917, r21955 and r21974 from trunk into ruby_1_9_1.

Browse source 
* load.c (rb_require_safe): raises when the path to be loaded is
  tainted.  [ruby-dev:37843]
---
* file.c (rb_find_file_ext): should not be infected from other
  load paths.
---
* adds a test case for r21955 and r21917.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_9_1@22500 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
yugui 2009-02-22 04:30:22 +00:00
parent cb2f0c9d14
commit abc40f03ef
4 changed files with 62 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
ChangeLog
View file

@ -1,3 +1,13 @@
Mon Feb 2 17:05:55 2009 Nobuyoshi Nakada <nobu@ruby-lang.org>
* file.c (rb_find_file_ext): should not be infected from other
load paths.
Sat Jan 31 19:09:30 2009 Nobuyoshi Nakada <nobu@ruby-lang.org>
* load.c (rb_require_safe): raises when the path to be loaded is
tainted. [ruby-dev:37843]
Mon Feb 2 08:12:50 2009 Nobuyoshi Nakada <nobu@ruby-lang.org> Mon Feb 2 08:12:50 2009 Nobuyoshi Nakada <nobu@ruby-lang.org>
* lib/xmlrpc/server.rb (Server#serve): gets rid of hardcoded * lib/xmlrpc/server.rb (Server#serve): gets rid of hardcoded

1
file.c
View file

@ -4551,6 +4551,7 @@ rb_find_file_ext(VALUE *filep, const char *const *ext)
*filep = tmp; *filep = tmp;
return j+1; return j+1;
} }
FL_UNSET(tmp, FL_TAINT | FL_UNTRUSTED);
} }
rb_str_set_len(fname, fnlen); rb_str_set_len(fname, fnlen);
} }

6
load.c
View file

@ -554,13 +554,17 @@ rb_require_safe(VALUE fname, int safe)
rb_set_safe_level_force(safe); rb_set_safe_level_force(safe);
FilePathValue(fname); FilePathValue(fname);
RB_GC_GUARD(fname) = rb_str_new4(fname); RB_GC_GUARD(fname) = rb_str_new4(fname);
rb_set_safe_level_force(0);
found = search_required(fname, &path); found = search_required(fname, &path);
if (found) { if (found) {
if (!path || !(ftptr = load_lock(RSTRING_PTR(path)))) { if (!path || !(ftptr = load_lock(RSTRING_PTR(path)))) {
result = Qfalse; result = Qfalse;
} }
else { else {
rb_set_safe_level_force(0); if (safe > 0 && OBJ_TAINTED(path)) {
rb_raise(rb_eSecurityError, "cannot load from insecure path - %s",
RSTRING_PTR(path));
}
switch (found) { switch (found) {
case 'r': case 'r':
rb_load(path, 0); rb_load(path, 0);

46
test/ruby/test_require.rb
View file

@ -195,4 +195,50 @@ class TestRequire < Test::Unit::TestCase
assert_raise(ArgumentError) { at_exit } assert_raise(ArgumentError) { at_exit }
end end
def test_tainted_loadpath
t = Tempfile.new(["test_ruby_test_require", ".rb"])
abs_dir, file = File.dirname(t.path), File.basename(t.path)
abs_dir = File.expand_path(abs_dir).untaint
assert_in_out_err([], <<-INPUT, %w(:ok), [])
abs_dir = "#{ abs_dir }"
$: << abs_dir
require "#{ file }"
p :ok
INPUT
assert_in_out_err([], <<-INPUT, %w(:ok), [])
abs_dir = "#{ abs_dir }"
$: << abs_dir.taint
require "#{ file }"
p :ok
INPUT
assert_in_out_err([], <<-INPUT, %w(:ok), [])
abs_dir = "#{ abs_dir }"
$: << abs_dir.taint
$SAFE = 1
begin
require "#{ file }"
rescue SecurityError
p :ok
end
INPUT
assert_in_out_err([], <<-INPUT, %w(:ok), [])
abs_dir = "#{ abs_dir }"
$: << abs_dir.taint
$SAFE = 1
require "#{ t.path }"
p :ok
INPUT
assert_in_out_err([], <<-INPUT, %w(:ok), [])
abs_dir = "#{ abs_dir }"
$: << abs_dir << 'elsewhere'.taint
require "#{ file }"
p :ok
INPUT
end
end end