Ruby  2.1.10p492(2016-04-01revision54464)
safe.c
Go to the documentation of this file.
1 /**********************************************************************
2 
3  safe.c -
4 
5  $Author: nobu $
6  created at: Tue Sep 23 09:44:32 JST 2008
7 
8  Copyright (C) 2008 Yukihiro Matsumoto
9 
10 **********************************************************************/
11 
12 /* safe-level:
13  0 - strings from streams/environment/ARGV are tainted (default)
14  1 - no dangerous operation by tainted value
15  2 - process/file operations prohibited
16  3 - all generated objects are tainted
17 */
18 
19 #define SAFE_LEVEL_MAX RUBY_SAFE_LEVEL_MAX
20 
21 #include "ruby/ruby.h"
22 #include "vm_core.h"
23 
24 /* $SAFE accessor */
25 
26 #undef rb_secure
27 #undef rb_set_safe_level
28 #undef ruby_safe_level_4_warning
29 
30 int
32 {
33  return 4;
34 }
35 
36 int
38 {
39  return GET_THREAD()->safe_level;
40 }
41 
42 void
44 {
45  GET_THREAD()->safe_level = safe;
46 }
47 
48 void
50 {
51  rb_thread_t *th = GET_THREAD();
52 
53  if (level > th->safe_level) {
54  if (level > SAFE_LEVEL_MAX) {
55  rb_raise(rb_eArgError, "$SAFE=4 is obsolete");
56  }
57  th->safe_level = level;
58  }
59 }
60 
61 static VALUE
63 {
64  return INT2NUM(rb_safe_level());
65 }
66 
67 static void
69 {
70  int level = NUM2INT(val);
71  rb_thread_t *th = GET_THREAD();
72 
73  if (level < th->safe_level) {
75  "tried to downgrade safe level from %d to %d",
76  th->safe_level, level);
77  }
78  if (level == 3) {
79  rb_warning("$SAFE=3 does no sandboxing");
80  }
81  if (level > SAFE_LEVEL_MAX) {
82  rb_raise(rb_eArgError, "$SAFE=4 is obsolete");
83  }
84  th->safe_level = level;
85 }
86 
87 void
89 {
90  if (level <= rb_safe_level()) {
91  ID caller_name = rb_frame_callee();
92  if (caller_name) {
93  rb_raise(rb_eSecurityError, "Insecure operation `%s' at level %d",
94  rb_id2name(caller_name), rb_safe_level());
95  }
96  else {
97  rb_raise(rb_eSecurityError, "Insecure operation at level %d",
98  rb_safe_level());
99  }
100  }
101 }
102 
103 void
105 {
106 }
107 
108 void
110 {
111  ID caller_name = rb_frame_callee();
112  if (caller_name) {
113  rb_raise(rb_eSecurityError, "Insecure operation - %s",
114  rb_id2name(caller_name));
115  }
116  else {
117  rb_raise(rb_eSecurityError, "Insecure operation: -r");
118  }
119 }
120 
121 void
123 {
124  if (rb_safe_level() > 0 && OBJ_TAINTED(x)) {
126  }
127 }
128 
129 void
131 {
133  if (!RB_TYPE_P(x, T_STRING)) {
134  rb_raise(rb_eTypeError, "wrong argument type %s (expected String)",
135  rb_obj_classname(x));
136  }
137 }
138 
139 void
141 {
143 }
void rb_check_safe_obj(VALUE x)
Definition: safe.c:122
#define INT2NUM(x)
Definition: ruby.h:1296
void rb_define_virtual_variable(const char *, VALUE(*)(ANYARGS), void(*)(ANYARGS))
Definition: variable.c:616
#define NUM2INT(x)
Definition: ruby.h:630
VALUE rb_eTypeError
Definition: error.c:548
void rb_raise(VALUE exc, const char *fmt,...)
Definition: error.c:1857
void rb_secure_update(VALUE obj)
Definition: safe.c:104
void rb_set_safe_level_force(int safe)
Definition: safe.c:43
VALUE rb_eSecurityError
Definition: error.c:557
static VALUE safe_getter(void)
Definition: safe.c:62
#define OBJ_TAINTED(x)
Definition: ruby.h:1182
const char * rb_obj_classname(VALUE)
Definition: variable.c:406
void Init_safe(void)
Definition: safe.c:140
#define RB_TYPE_P(obj, type)
Definition: ruby.h:1672
#define level
int ruby_safe_level_4_warning(void)
Definition: safe.c:31
#define SAFE_LEVEL_MAX
Definition: safe.c:19
unsigned long ID
Definition: ruby.h:89
unsigned long VALUE
Definition: ruby.h:88
void rb_insecure_operation(void)
Definition: safe.c:109
ID rb_frame_callee(void)
Definition: eval.c:949
int rb_safe_level(void)
Definition: safe.c:37
static void safe_setter(VALUE val)
Definition: safe.c:68
#define T_STRING
Definition: ruby.h:482
void rb_check_safe_str(VALUE x)
Definition: safe.c:130
void rb_set_safe_level(int level)
Definition: safe.c:49
const char * rb_id2name(ID id)
Definition: ripper.c:17271
void rb_warning(const char *fmt,...)
Definition: error.c:236
void rb_secure(int level)
Definition: safe.c:88
static rb_thread_t * GET_THREAD(void)
Definition: vm_core.h:929
VALUE rb_eArgError
Definition: error.c:549