[Bug #884] Insecure operation: -r


#1

Bug #884: Insecure operation: -r
http://redmine.ruby-lang.org/issues/show/884

e$B5/I<<Te(B: Kazuhiro NISHIYAMA
e$B%9%F!<%?%9e(B: Open, e$BM%@hEYe(B: Normal

e$B0J2<$N$h$&$K$9$k$H%(%i!<%a%C%;!<%8$NCf$KFf$Ne(B-re$B$,=P$F$-$^$9!#e(B

% ruby-trunk -ve ‘$SAFE=4;open("")’
ruby 1.9.1 (2008-12-14 revision 20736) [i686-linux]
-e:1:in open': Insecure operation: -r (SecurityError) from -e:1:in
%


#2

e$B$^$D$b$He(B e$B$f$-$R$m$G$9e(B

In message “Re: [ruby-dev:37446] [Bug #884] Insecure operation: -r”
on Mon, 15 Dec 2008 19:58:41 +0900, Kazuhiro NISHIYAMA
removed_email_address@domain.invalid writes:

|e$B0J2<$N$h$&$K$9$k$H%(%i!<%a%C%;!<%8$NCf$KFf$Ne(B-re$B$,=P$F$-$^$9!#e(B
|
|% ruby-trunk -ve ‘$SAFE=4;open("")’
|ruby 1.9.1 (2008-12-14 revision 20736) [i686-linux]
|-e:1:in open': Insecure operation: -r (SecurityError) | from -e:1:in
|%

e$B%a%=%C%Ie(B(open)e$B$NCf$Ge(Brb_check_safe_obj()e$B$,8F$P$l$F%(%i!<$K$J$Ce(B
e$B$?;~!"$=$N%a%=%C%I$,%H%C%W%l%Y%k$G8F$P$l$?>l9g!“e(B
rb_frame_callee()e$B$,e(BNULLe$B$G$”$k$?$a!"e(B-re$B$GH/@8$7$?%(%i!<$H4*0ce(B
e$B$$$9$k$;$$$N$h$&$G$9!#e(B

rb_check_safe_obj()e$B$G$O!"%H%C%W%l%Y%k$G8F$P$l$?%a%=%C%I$H!“e(B
e$B<B9T4D6-$,H/@8$9$kA0e(B(-r)e$B$r6hJL$9$kI,MW$,$”$j$=$&$G$9!#$I$&$d$Ce(B
e$B$F6hJL$G$-$k$N$+$A$g$C$HD4$Y$F$_$^$9$M!#e(B


#3

e$B!!$5$5$@$G$9!%e(B

Yukihiro M. wrote::

rb_frame_callee()e$B$,e(BNULLe$B$G$"$k$?$a!"e(B-re$B$GH/@8$7$?%(%i!<$H4*0ce(B
e$B$$$9$k$;$$$N$h$&$G$9!#e(B

rb_check_safe_obj()e$B$G$O!"%H%C%W%l%Y%k$G8F$P$l$?%a%=%C%I$H!“e(B
e$B<B9T4D6-$,H/@8$9$kA0e(B(-r)e$B$r6hJL$9$kI,MW$,$”$j$=$&$G$9!#$I$&$d$Ce(B
e$B$F6hJL$G$-$k$N$+$A$g$C$HD4$Y$F$_$^$9$M!#e(B

e$B!!$=$b$=$b!$e(Brb_frame_callee() e$B$,e(B caller
e$B$r8+$k$N$,NI$/$J$$$G$9$M!%e(B
rb_f_method_name() e$B$NL>A0$K0z$CD%$i$l$F!$K\Mhe(B rb_frame_caller()
e$B$H$$$C$?e(B
e$BL>A0$K$9$k$H$3$m$re(B rb_frame_callee()
e$B$H$$$&L>A0$K$7$F$$$k$N$,NI$/$J$$!%e(B

e$B!!$H$$$&$o$1$G!$$3$s$J%Q%C%A$r=q$$$F$_$^$7$?$,$I$&$G$7$g$&$+!%e(B

Index: eval.c

— eval.c (e$B%j%S%8%g%se(B 20968)
+++ eval.c (e$B:n6H%3%T!<e(B)
@@ -750,6 +750,12 @@ rb_frame_this_func(void)
ID
rb_frame_callee(void)
{

  • return frame_func_id(GET_THREAD()->cfp);
    +}

+static ID
+rb_frame_caller(void)
+{
rb_thread_t *th = GET_THREAD();
rb_control_frame_t prev_cfp =
RUBY_VM_PREVIOUS_CONTROL_FRAME(th->cfp);
/
check if prev_cfp can be accessible */
@@ -1105,7 +1111,7 @@ rb_f_local_variables(void)
static VALUE
rb_f_method_name(void)
{

  • ID fname = rb_frame_callee();
  • ID fname = rb_frame_caller(); /* need caller ID */

    if (fname) {
    return ID2SYM(fname);


#4

e$B%A%1%C%He(B #884 e$B$,99?7$5$l$^$7$?!#e(B (by Koichi Sasada)

e$B%9%F!<%?%9e(B Opene$B$+$ie(BClosede$B$KJQ99e(B
e$B?JD=e(B % 0e$B$+$ie(B100e$B$KJQ99e(B

Applied in changeset r21093.

http://redmine.ruby-lang.org/issues/show/884