Ruby  2.0.0p594(2014-10-27revision48167)
safe.c
Go to the documentation of this file.
1 /**********************************************************************
2 
3  safe.c -
4 
5  $Author: nobu $
6  created at: Tue Sep 23 09:44:32 JST 2008
7 
8  Copyright (C) 2008 Yukihiro Matsumoto
9 
10 **********************************************************************/
11 
12 /* safe-level:
13  0 - strings from streams/environment/ARGV are tainted (default)
14  1 - no dangerous operation by tainted value
15  2 - process/file operations prohibited
16  3 - all generated objects are tainted
17  4 - no global (non-tainted) variable modification/no direct output
18 */
19 
20 #define SAFE_LEVEL_MAX 4
21 
22 #include "ruby/ruby.h"
23 #include "vm_core.h"
24 
25 /* $SAFE accessor */
26 
27 int
29 {
30  return GET_THREAD()->safe_level;
31 }
32 
33 void
35 {
37 }
38 
39 void
41 {
43 
44  if (level > th->safe_level) {
45  if (level > SAFE_LEVEL_MAX) {
46  level = SAFE_LEVEL_MAX;
47  }
48  th->safe_level = level;
49  }
50 }
51 
52 static VALUE
54 {
55  return INT2NUM(rb_safe_level());
56 }
57 
58 static void
60 {
61  int level = NUM2INT(val);
63 
64  if (level < th->safe_level) {
66  "tried to downgrade safe level from %d to %d",
67  th->safe_level, level);
68  }
69  if (level == 3) {
70  rb_warning("$SAFE=3 does no sandboxing; you might want to use $SAFE=4");
71  }
72  if (level > SAFE_LEVEL_MAX) {
73  level = SAFE_LEVEL_MAX;
74  }
75  th->safe_level = level;
76 }
77 
78 void
80 {
81  if (level <= rb_safe_level()) {
82  if (rb_frame_callee()) {
83  rb_raise(rb_eSecurityError, "Insecure operation `%s' at level %d",
85  }
86  else {
87  rb_raise(rb_eSecurityError, "Insecure operation at level %d",
88  rb_safe_level());
89  }
90  }
91 }
92 
93 void
95 {
96  if (!OBJ_TAINTED(obj))
97  rb_secure(4);
98 }
99 
100 void
102 {
103  if (rb_frame_callee()) {
104  rb_raise(rb_eSecurityError, "Insecure operation - %s",
106  }
107  else {
108  rb_raise(rb_eSecurityError, "Insecure operation: -r");
109  }
110 }
111 
112 void
114 {
115  if (rb_safe_level() > 0 && OBJ_TAINTED(x)) {
117  }
118  rb_secure(4);
119 }
120 
121 void
123 {
125  if (!RB_TYPE_P(x, T_STRING)) {
126  rb_raise(rb_eTypeError, "wrong argument type %s (expected String)",
127  rb_obj_classname(x));
128  }
129 }
130 
131 void
133 {
135 }
#define RB_TYPE_P(obj, type)
static VALUE VALUE th
Definition: tcltklib.c:2947
const char * rb_obj_classname(VALUE)
Definition: variable.c:396
void rb_secure(int)
Definition: safe.c:79
VALUE rb_eTypeError
Definition: error.c:516
#define OBJ_TAINTED(x)
int safe
Definition: tcltklib.c:6403
callq safe_level
Definition: tcltklib.c:7195
void rb_raise(VALUE exc, const char *fmt,...)
Definition: error.c:1788
void rb_check_safe_obj(VALUE)
Definition: safe.c:113
VALUE rb_eSecurityError
Definition: error.c:525
static VALUE safe_getter(void)
Definition: safe.c:53
void Init_safe(void)
Definition: safe.c:132
#define val
Definition: tcltklib.c:1948
#define SAFE_LEVEL_MAX
Definition: safe.c:20
static VALUE VALUE obj
Definition: tcltklib.c:3157
#define T_STRING
gz level
Definition: zlib.c:2262
void rb_set_safe_level_force(int)
Definition: safe.c:34
void rb_insecure_operation(void)
Definition: safe.c:101
void rb_secure_update(VALUE)
Definition: safe.c:94
ID rb_frame_callee(void)
Definition: eval.c:919
void rb_set_safe_level(int)
Definition: safe.c:40
static void safe_setter(VALUE val)
Definition: safe.c:59
#define INT2NUM(x)
void rb_check_safe_str(VALUE x)
Definition: safe.c:122
void rb_define_virtual_variable(const char *, VALUE(*)(ANYARGS), void(*)(ANYARGS))
Definition: variable.c:606
#define rb_safe_level()
Definition: tcltklib.c:94
#define NUM2INT(x)
const char * rb_id2name(ID id)
Definition: ripper.c:17006
unsigned long VALUE
Definition: ripper.y:104
void rb_warning(const char *fmt,...)
Definition: error.c:234
static rb_thread_t * GET_THREAD(void)
Definition: vm_core.h:888