[Bug:1.9] $: includes "." when taint mode


#1

e$B$J$+$@$G$9!#e(B

-Te$B$r;XDj$7$F$be(B$:e$B$Ke(B"."e$B$,4^$^$l$F$$$^$9!#e(B

$ RUBYOPT=-T ruby18 -e ‘p $:.include?(".")’
false
$ RUBYOPT=-T ruby19 -e ‘p $:.include?(".")’
true

Index: ruby.c

— ruby.c (revision 20057)
+++ ruby.c (working copy)
@@ -77,4 +77,5 @@ struct cmdline_options {
int verbose;
int yydebug;

  • int safe_level;
    unsigned int setids;
    unsigned int dump;
    @@ -338,7 +339,15 @@ DllMain(HINSTANCE dll, DWORD reason, LPV
    #endif

+void ruby_init_loadpath_safe(int safe_level);
+
void
ruby_init_loadpath(void)
{

  • ruby_init_loadpath_safe(0);
    +}

+void
+ruby_init_loadpath_safe(int safe_level)
+{
VALUE load_path;
#if defined LOAD_RELATIVE
@@ -385,5 +394,5 @@ ruby_init_loadpath(void)
load_path = GET_VM()->load_path;

  • if (rb_safe_level() == 0) {
  • if (safe_level == 0) {
    ruby_incpush(getenv(“RUBYLIB”));
    }
    @@ -413,5 +422,5 @@ ruby_init_loadpath(void)
    incpush(RUBY_RELATIVE(RUBY_ARCHLIB));
  • if (rb_safe_level() == 0) {
  • if (safe_level == 0) {
    incpush(".");
    }
    @@ -875,5 +884,5 @@ proc_options(int argc, char **argv, stru
    s += numlen;
    }
  • rb_set_safe_level(v);
  • if (v > opt->safe_level) opt->safe_level = v;
    }
    goto reswitch;
    @@ -1065,5 +1074,4 @@ process_options(VALUE arg)
    char fbuf[MAXPATHLEN];
    int i = proc_options(argc, argv, opt, 0);
  • int safe;

    argc -= i;
    @@ -1071,5 +1079,5 @@ process_options(VALUE arg)

    if (!(opt->disable & DISABLE_BIT(rubyopt)) &&

  • rb_safe_level() == 0 && (s = getenv(“RUBYOPT”))) {

  • opt->safe_level == 0 && (s = getenv(“RUBYOPT”))) {
    VALUE src_enc_name = opt->src.enc.name;
    VALUE ext_enc_name = opt->ext.enc.name;
    @@ -1094,5 +1102,5 @@ process_options(VALUE arg)
    }
  • if (rb_safe_level() >= 4) {
  • if (opt->safe_level >= 4) {
    OBJ_TAINT(rb_argv);
    OBJ_TAINT(GET_VM()->load_path);
    @@ -1134,8 +1142,6 @@ process_options(VALUE arg)
    opt->script_name = rb_progname;
    opt->script = RSTRING_PTR(opt->script_name);
  • safe = rb_safe_level();

  • rb_set_safe_level_force(0);

  • ruby_init_loadpath();

  • ruby_init_loadpath_safe(opt->safe_level);
    ruby_init_gems(!(opt->disable & DISABLE_BIT(gems)));
    lenc = rb_locale_encoding();
    @@ -1169,5 +1175,4 @@ process_options(VALUE arg)
    process_sflag(opt);
  • rb_set_safe_level_force(safe);
    if (opt->e_script) {
    rb_encoding *eenc;
    @@ -1203,5 +1208,5 @@ process_options(VALUE arg)
    opt->xflag = 0;

  • if (rb_safe_level() >= 4) {

  • if (opt->safe_level >= 4) {
    FL_UNSET(rb_argv, FL_TAINT);
    FL_UNSET(GET_VM()->load_path, FL_TAINT);
    @@ -1229,4 +1234,6 @@ process_options(VALUE arg)
    }

  • rb_set_safe_level(opt->safe_level);

  • return iseq;
    }
    @@ -1532,5 +1539,5 @@ init_ids(struct cmdline_options *opt)
    if (egid != gid) opt->setids |= 2;
    if (uid && opt->setids) {

  • rb_set_safe_level(1);
  • if (opt->safe_level < 1) opt->safe_level = 1;
    }
    }
    @@ -1544,5 +1551,5 @@ forbid_setid(const char *s, struct cmdli
    if (opt->setids & 2)
    rb_raise(rb_eSecurityError, “no %s allowed while running
    setgid”, s);
  • if (rb_safe_level() > 0)
  • if (opt->safe_level > 0)
    rb_raise(rb_eSecurityError, “no %s allowed in tainted mode”,
    s);
    }
    Index: test/ruby/test_rubyoptions.rb
    ===================================================================
    — test/ruby/test_rubyoptions.rb (revision 20057)
    +++ test/ruby/test_rubyoptions.rb (working copy)
    @@ -200,4 +200,6 @@ class TestRubyOptions < Test::Unit::Test
    assert_in_out_err([], “”, [], [])

  • assert_in_out_err([’-e’, ‘p $:.include?(".")’], “”, [“true”], [])

  • ENV[‘RUBYOPT’] = ‘-e “p 1”’
    assert_in_out_err([], “”, [], /invalid switch in RUBYOPT: -e
    (RuntimeError)/)
    @@ -206,4 +208,6 @@ class TestRubyOptions < Test::Unit::Test
    assert_in_out_err([], “”, [], /no program input from stdin allowed
    in tainted mode (SecurityError)/)

  • assert_in_out_err([’-e’, ‘p $:.include?(".")’], “”, [“false”], [])

  • ENV[‘RUBYOPT’] = ‘-T4’
    assert_in_out_err([], “”, [], /no program input from stdin allowed
    in tainted mode (SecurityError)/)


#2

e$B$^$D$b$He(B e$B$f$-$R$m$G$9e(B

In message “Re: [ruby-dev:36997] [Bug:1.9] $: includes “.” when taint
mode”
on Thu, 30 Oct 2008 19:16:59 +0900, Nobuyoshi N.
removed_email_address@domain.invalid writes:

|-Te$B$r;XDj$7$F$be(B$:e$B$Ke(B".“e$B$,4^$^$l$F$$$^$9!#e(B
|
|$ RUBYOPT=-T ruby18 -e 'p $:.include?(”.")’
|false
|$ RUBYOPT=-T ruby19 -e ‘p $:.include?(".")’
|true

e$B%Q%C%A$rEv$F$F$/$@$5$$!#e(B


#3

e$B%A%1%C%He(B #700 e$B$,99?7$5$l$^$7$?!#e(B (by Nobuyoshi N.)

e$B%9%F!<%?%9e(B Opene$B$+$ie(BClosede$B$KJQ99e(B
e$B?JD=e(B % 0e$B$+$ie(B100e$B$KJQ99e(B

Applied in changeset r20067.

http://redmine.ruby-lang.org/issues/show/700