rb_check_frozen.patch
| b/array.c | ||
|---|---|---|
| 242 | 242 |
static inline void |
| 243 | 243 |
rb_ary_modify_check(VALUE ary) |
| 244 | 244 |
{
|
| 245 |
if (OBJ_FROZEN(ary)) rb_error_frozen("array");
|
|
| 245 |
rb_check_frozen(ary);
|
|
| 246 | 246 |
if (!OBJ_UNTRUSTED(ary) && rb_safe_level() >= 4) |
| 247 | 247 |
rb_raise(rb_eSecurityError, "Insecure: can't modify array"); |
| 248 | 248 |
} |
| b/gc.c | ||
|---|---|---|
| 2674 | 2674 |
undefine_final(VALUE os, VALUE obj) |
| 2675 | 2675 |
{
|
| 2676 | 2676 |
rb_objspace_t *objspace = &rb_objspace; |
| 2677 |
if (OBJ_FROZEN(obj)) rb_error_frozen("object");
|
|
| 2677 |
rb_check_frozen(obj);
|
|
| 2678 | 2678 |
if (finalizer_table) {
|
| 2679 | 2679 |
st_delete(finalizer_table, (st_data_t*)&obj, 0); |
| 2680 | 2680 |
} |
| ... | ... | |
| 2698 | 2698 |
VALUE obj, block, table; |
| 2699 | 2699 | |
| 2700 | 2700 |
rb_scan_args(argc, argv, "11", &obj, &block); |
| 2701 |
if (OBJ_FROZEN(obj)) rb_error_frozen("object");
|
|
| 2701 |
rb_check_frozen(obj);
|
|
| 2702 | 2702 |
if (argc == 1) {
|
| 2703 | 2703 |
block = rb_block_proc(); |
| 2704 | 2704 |
} |
| b/hash.c | ||
|---|---|---|
| 248 | 248 |
static void |
| 249 | 249 |
rb_hash_modify_check(VALUE hash) |
| 250 | 250 |
{
|
| 251 |
if (OBJ_FROZEN(hash)) rb_error_frozen("hash");
|
|
| 251 |
rb_check_frozen(hash);
|
|
| 252 | 252 |
if (!OBJ_UNTRUSTED(hash) && rb_safe_level() >= 4) |
| 253 | 253 |
rb_raise(rb_eSecurityError, "Insecure: can't modify hash"); |
| 254 | 254 |
} |
| b/object.c | ||
|---|---|---|
| 712 | 712 |
{
|
| 713 | 713 |
rb_secure(4); |
| 714 | 714 |
if (!OBJ_TAINTED(obj)) {
|
| 715 |
if (OBJ_FROZEN(obj)) {
|
|
| 716 |
rb_error_frozen("object");
|
|
| 717 |
} |
|
| 715 |
rb_check_frozen(obj); |
|
| 718 | 716 |
OBJ_TAINT(obj); |
| 719 | 717 |
} |
| 720 | 718 |
return obj; |
| ... | ... | |
| 733 | 731 |
{
|
| 734 | 732 |
rb_secure(3); |
| 735 | 733 |
if (OBJ_TAINTED(obj)) {
|
| 736 |
if (OBJ_FROZEN(obj)) {
|
|
| 737 |
rb_error_frozen("object");
|
|
| 738 |
} |
|
| 734 |
rb_check_frozen(obj); |
|
| 739 | 735 |
FL_UNSET(obj, FL_TAINT); |
| 740 | 736 |
} |
| 741 | 737 |
return obj; |
| ... | ... | |
| 768 | 764 |
{
|
| 769 | 765 |
rb_secure(4); |
| 770 | 766 |
if (!OBJ_UNTRUSTED(obj)) {
|
| 771 |
if (OBJ_FROZEN(obj)) {
|
|
| 772 |
rb_error_frozen("object");
|
|
| 773 |
} |
|
| 767 |
rb_check_frozen(obj); |
|
| 774 | 768 |
OBJ_UNTRUST(obj); |
| 775 | 769 |
} |
| 776 | 770 |
return obj; |
| ... | ... | |
| 789 | 783 |
{
|
| 790 | 784 |
rb_secure(3); |
| 791 | 785 |
if (OBJ_UNTRUSTED(obj)) {
|
| 792 |
if (OBJ_FROZEN(obj)) {
|
|
| 793 |
rb_error_frozen("object");
|
|
| 794 |
} |
|
| 786 |
rb_check_frozen(obj); |
|
| 795 | 787 |
FL_UNSET(obj, FL_UNTRUSTED); |
| 796 | 788 |
} |
| 797 | 789 |
return obj; |
| b/string.c | ||
|---|---|---|
| 350 | 350 |
} |
| 351 | 351 |
} |
| 352 | 352 | |
| 353 |
static inline void |
|
| 354 |
str_frozen_check(VALUE s) |
|
| 355 |
{
|
|
| 356 |
if (OBJ_FROZEN(s)) {
|
|
| 357 |
rb_raise(rb_eRuntimeError, "string frozen"); |
|
| 358 |
} |
|
| 359 |
} |
|
| 360 | ||
| 361 | 353 |
size_t |
| 362 | 354 |
rb_str_capacity(VALUE str) |
| 363 | 355 |
{
|
| ... | ... | |
| 1249 | 1241 |
if (FL_TEST(str, STR_TMPLOCK)) {
|
| 1250 | 1242 |
rb_raise(rb_eRuntimeError, "can't modify string; temporarily locked"); |
| 1251 | 1243 |
} |
| 1252 |
if (OBJ_FROZEN(str)) rb_error_frozen("string");
|
|
| 1244 |
rb_check_frozen(str);
|
|
| 1253 | 1245 |
if (!OBJ_UNTRUSTED(str) && rb_safe_level() >= 4) |
| 1254 | 1246 |
rb_raise(rb_eSecurityError, "Insecure: can't modify string"); |
| 1255 | 1247 |
} |
| ... | ... | |
| 1334 | 1326 |
rb_str_associate(VALUE str, VALUE add) |
| 1335 | 1327 |
{
|
| 1336 | 1328 |
/* sanity check */ |
| 1337 |
if (OBJ_FROZEN(str)) rb_error_frozen("string");
|
|
| 1329 |
rb_check_frozen(str);
|
|
| 1338 | 1330 |
if (STR_ASSOC_P(str)) {
|
| 1339 | 1331 |
/* already associated */ |
| 1340 | 1332 |
rb_ary_concat(RSTRING(str)->as.heap.aux.shared, add); |
| ... | ... | |
| 3549 | 3541 |
repl = rb_obj_as_string(repl); |
| 3550 | 3542 |
} |
| 3551 | 3543 |
str_mod_check(str, p, len); |
| 3552 |
str_frozen_check(str);
|
|
| 3544 |
rb_check_frozen(str);
|
|
| 3553 | 3545 |
} |
| 3554 | 3546 |
else {
|
| 3555 | 3547 |
repl = rb_reg_regsub(repl, str, regs, pat); |
| b/struct.c | ||
|---|---|---|
| 151 | 151 |
static void |
| 152 | 152 |
rb_struct_modify(VALUE s) |
| 153 | 153 |
{
|
| 154 |
if (OBJ_FROZEN(s)) rb_error_frozen("Struct");
|
|
| 154 |
rb_check_frozen(s);
|
|
| 155 | 155 |
if (!OBJ_UNTRUSTED(s) && rb_safe_level() >= 4) |
| 156 | 156 |
rb_raise(rb_eSecurityError, "Insecure: can't modify Struct"); |
| 157 | 157 |
} |
| b/transcode.c | ||
|---|---|---|
| 2714 | 2714 |
VALUE newstr; |
| 2715 | 2715 |
int encidx; |
| 2716 | 2716 | |
| 2717 |
if (OBJ_FROZEN(str)) { /* in future, may use str_frozen_check from string.c, but that's currently static */
|
|
| 2718 |
rb_raise(rb_eRuntimeError, "string frozen"); |
|
| 2719 |
} |
|
| 2717 |
rb_check_frozen(str); |
|
| 2720 | 2718 | |
| 2721 | 2719 |
newstr = str; |
| 2722 | 2720 |
encidx = str_transcode(argc, argv, &newstr); |
| b/variable.c | ||
|---|---|---|
| 1042 | 1042 | |
| 1043 | 1043 |
if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4) |
| 1044 | 1044 |
rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable"); |
| 1045 |
if (OBJ_FROZEN(obj)) rb_error_frozen("object");
|
|
| 1045 |
rb_check_frozen(obj);
|
|
| 1046 | 1046 |
switch (TYPE(obj)) {
|
| 1047 | 1047 |
case T_OBJECT: |
| 1048 | 1048 |
iv_index_tbl = ROBJECT_IV_INDEX_TBL(obj); |
| ... | ... | |
| 1304 | 1304 | |
| 1305 | 1305 |
if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4) |
| 1306 | 1306 |
rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable"); |
| 1307 |
if (OBJ_FROZEN(obj)) rb_error_frozen("object");
|
|
| 1307 |
rb_check_frozen(obj);
|
|
| 1308 | 1308 |
if (!rb_is_instance_id(id)) {
|
| 1309 | 1309 |
rb_name_error(id, "`%s' is not allowed as an instance variable name", rb_id2name(id)); |
| 1310 | 1310 |
} |
| ... | ... | |
| 1648 | 1648 | |
| 1649 | 1649 |
if (!OBJ_UNTRUSTED(mod) && rb_safe_level() >= 4) |
| 1650 | 1650 |
rb_raise(rb_eSecurityError, "Insecure: can't remove constant"); |
| 1651 |
if (OBJ_FROZEN(mod)) rb_error_frozen("class/module");
|
|
| 1652 | ||
| 1651 |
rb_check_frozen(mod); |
|
| 1653 | 1652 |
if (!RCLASS_IV_TBL(mod) || !st_delete(RCLASS_IV_TBL(mod), &n, &v)) {
|
| 1654 | 1653 |
if (rb_const_defined_at(mod, id)) {
|
| 1655 | 1654 |
rb_name_error(id, "cannot remove %s::%s", |
| ... | ... | |
| 1814 | 1813 | |
| 1815 | 1814 |
if (!OBJ_UNTRUSTED(klass) && rb_safe_level() >= 4) |
| 1816 | 1815 |
rb_raise(rb_eSecurityError, "Insecure: can't set %s", dest); |
| 1817 |
if (OBJ_FROZEN(klass)) {
|
|
| 1818 |
if (BUILTIN_TYPE(klass) == T_MODULE) {
|
|
| 1819 |
rb_error_frozen("module");
|
|
| 1820 |
} |
|
| 1821 |
else {
|
|
| 1822 |
rb_error_frozen("class");
|
|
| 1823 |
} |
|
| 1824 |
} |
|
| 1816 |
rb_check_frozen(klass); |
|
| 1825 | 1817 |
if (!RCLASS_IV_TBL(klass)) {
|
| 1826 | 1818 |
RCLASS_IV_TBL(klass) = st_init_numtable(); |
| 1827 | 1819 |
} |
| ... | ... | |
| 2069 | 2061 |
} |
| 2070 | 2062 |
if (!OBJ_UNTRUSTED(mod) && rb_safe_level() >= 4) |
| 2071 | 2063 |
rb_raise(rb_eSecurityError, "Insecure: can't remove class variable"); |
| 2072 |
if (OBJ_FROZEN(mod)) rb_error_frozen("class/module");
|
|
| 2073 | ||
| 2064 |
rb_check_frozen(mod); |
|
| 2074 | 2065 |
if (RCLASS_IV_TBL(mod) && st_delete(RCLASS_IV_TBL(mod), &n, &val)) {
|
| 2075 | 2066 |
return (VALUE)val; |
| 2076 | 2067 |
} |
| b/vm.c | ||
|---|---|---|
| 1862 | 1862 |
rb_id2name(id), rb_obj_classname(obj)); |
| 1863 | 1863 |
} |
| 1864 | 1864 | |
| 1865 |
if (OBJ_FROZEN(obj)) {
|
|
| 1866 |
rb_error_frozen("object");
|
|
| 1867 |
} |
|
| 1868 | ||
| 1865 |
rb_check_frozen(obj); |
|
| 1869 | 1866 |
klass = rb_singleton_class(obj); |
| 1870 | 1867 |
noex = NOEX_PUBLIC; |
| 1871 | 1868 |
} |
| b/vm_insnhelper.c | ||
|---|---|---|
| 1290 | 1290 |
if (!OBJ_UNTRUSTED(obj) && rb_safe_level() >= 4) {
|
| 1291 | 1291 |
rb_raise(rb_eSecurityError, "Insecure: can't modify instance variable"); |
| 1292 | 1292 |
} |
| 1293 |
if (OBJ_FROZEN(obj)) {
|
|
| 1294 |
rb_error_frozen("object");
|
|
| 1295 |
} |
|
| 1293 |
|
|
| 1294 |
rb_check_frozen(obj); |
|
| 1296 | 1295 | |
| 1297 | 1296 |
if (TYPE(obj) == T_OBJECT) {
|
| 1298 | 1297 |
VALUE klass = RBASIC(obj)->klass; |
| b/vm_method.c | ||
|---|---|---|
| 211 | 211 |
rb_class2name(rb_ivar_get(klass, attached))); |
| 212 | 212 |
mid = ID_ALLOCATOR; |
| 213 | 213 |
} |
| 214 |
if (OBJ_FROZEN(klass)) {
|
|
| 215 |
rb_error_frozen("class/module");
|
|
| 216 |
} |
|
| 217 | 214 | |
| 215 |
rb_check_frozen(klass); |
|
| 218 | 216 |
mtbl = RCLASS_M_TBL(klass); |
| 219 | 217 | |
| 220 | 218 |
/* check re-definition */ |
| ... | ... | |
| 463 | 461 |
if (rb_safe_level() >= 4 && !OBJ_UNTRUSTED(klass)) {
|
| 464 | 462 |
rb_raise(rb_eSecurityError, "Insecure: can't remove method"); |
| 465 | 463 |
} |
| 466 |
if (OBJ_FROZEN(klass)) |
|
| 467 |
rb_error_frozen("class/module");
|
|
| 464 |
rb_check_frozen(klass); |
|
| 468 | 465 |
if (mid == object_id || mid == id__send__ || mid == idInitialize) {
|
| 469 | 466 |
rb_warn("removing `%s' may cause serious problems", rb_id2name(mid));
|
| 470 | 467 |
} |