Ruby  1.9.3p551(2014-11-13revision48407)
safe.c
Go to the documentation of this file.
1 /**********************************************************************
2 
3  safe.c -
4 
5  $Author: tadf $
6  created at: Tue Sep 23 09:44:32 JST 2008
7 
8  Copyright (C) 2008 Yukihiro Matsumoto
9 
10 **********************************************************************/
11 
12 /* safe-level:
13  0 - strings from streams/environment/ARGV are tainted (default)
14  1 - no dangerous operation by tainted value
15  2 - process/file operations prohibited
16  3 - all generated objects are tainted
17  4 - no global (non-tainted) variable modification/no direct output
18 */
19 
20 #define SAFE_LEVEL_MAX 4
21 
22 #include "ruby/ruby.h"
23 #include "vm_core.h"
24 
25 /* $SAFE accessor */
26 
27 int
29 {
30  return GET_THREAD()->safe_level;
31 }
32 
33 void
35 {
36  GET_THREAD()->safe_level = safe;
37 }
38 
39 void
41 {
43 
44  if (level > th->safe_level) {
45  if (level > SAFE_LEVEL_MAX) {
46  level = SAFE_LEVEL_MAX;
47  }
48  th->safe_level = level;
49  }
50 }
51 
52 static VALUE
54 {
55  return INT2NUM(rb_safe_level());
56 }
57 
58 static void
60 {
61  int level = NUM2INT(val);
63 
64  if (level < th->safe_level) {
66  "tried to downgrade safe level from %d to %d",
67  th->safe_level, level);
68  }
69  if (level == 3) {
70  rb_warning("$SAFE=3 does no sandboxing; you might want to use $SAFE=4");
71  }
72  if (level > SAFE_LEVEL_MAX) {
73  level = SAFE_LEVEL_MAX;
74  }
75  th->safe_level = level;
76 }
77 
78 void
80 {
81  if (level <= rb_safe_level()) {
82  if (rb_frame_callee()) {
83  rb_raise(rb_eSecurityError, "Insecure operation `%s' at level %d",
85  }
86  else {
87  rb_raise(rb_eSecurityError, "Insecure operation at level %d",
88  rb_safe_level());
89  }
90  }
91 }
92 
93 void
95 {
96  if (!OBJ_TAINTED(obj))
97  rb_secure(4);
98 }
99 
100 void
102 {
103  if (rb_frame_callee()) {
104  rb_raise(rb_eSecurityError, "Insecure operation - %s",
106  }
107  else {
108  rb_raise(rb_eSecurityError, "Insecure operation: -r");
109  }
110 }
111 
112 void
114 {
115  if (rb_safe_level() > 0 && OBJ_TAINTED(x)) {
117  }
118  rb_secure(4);
119 }
120 
121 void
123 {
125  if (TYPE(x) != T_STRING) {
126  rb_raise(rb_eTypeError, "wrong argument type %s (expected String)",
127  rb_obj_classname(x));
128  }
129 }
130 
131 void
133 {
135 }
static VALUE VALUE th
Definition: tcltklib.c:2937
void rb_define_virtual_variable(const char *, VALUE(*)(ANYARGS), void(*)(ANYARGS))
Definition: variable.c:527
#define NUM2INT(x)
Definition: ruby.h:536
parser parser_yylval val
Definition: ripper.c:14289
VALUE rb_eTypeError
Definition: error.c:467
unsigned long VALUE
Definition: ruby.h:88
static VALUE INT2NUM(int v)
Definition: ruby.h:981
int safe
Definition: tcltklib.c:6393
callq safe_level
Definition: tcltklib.c:7185
void rb_raise(VALUE exc, const char *fmt,...)
Definition: error.c:1574
VALUE rb_eSecurityError
Definition: error.c:476
static VALUE safe_getter(void)
Definition: safe.c:53
#define OBJ_TAINTED(x)
Definition: ruby.h:963
const char * rb_obj_classname(VALUE)
Definition: variable.c:318
void Init_safe(void)
Definition: safe.c:132
#define GET_THREAD()
Definition: vm_core.h:690
rb_secure(4)
#define SAFE_LEVEL_MAX
Definition: safe.c:20
void rb_secure_update(VALUE)
Definition: safe.c:94
static VALUE VALUE obj
Definition: tcltklib.c:3147
#define TYPE(x)
Definition: ruby.h:441
gz level
Definition: zlib.c:2025
void rb_set_safe_level_force(int)
Definition: safe.c:34
rb_set_safe_level(q->safe_level)
void rb_insecure_operation(void)
Definition: safe.c:101
ID rb_frame_callee(void)
Definition: eval.c:807
static void safe_setter(VALUE val)
Definition: safe.c:59
#define T_STRING
Definition: ruby.h:418
void rb_check_safe_str(VALUE x)
Definition: safe.c:122
void rb_check_safe_obj(VALUE)
Definition: safe.c:113
#define rb_safe_level()
Definition: tcltklib.c:90
const char * rb_id2name(ID id)
Definition: ripper.c:16362
void rb_warning(const char *fmt,...)
Definition: error.c:212