-
Notifications
You must be signed in to change notification settings - Fork 106
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Pullup ticket #769 - requested by Takahiro Kambe
security and portability fixes for ruby18-base Revisions pulled up: - pkgsrc/lang/ruby18-base/Makefile 1.7, 1.8 - pkgsrc/lang/ruby18-base/distinfo 1.3, 1.4, 1.5 - pkgsrc/lang/ruby18-base/patches/patch-aa 1.2 - pkgsrc/lang/ruby18-base/patches/patch-ab 1.2 - pkgsrc/lang/ruby18-base/patches/patch-ad 1.1 - pkgsrc/lang/ruby18-base/patches/patch-au 1.1 - pkgsrc/lang/ruby18-base/patches/patch-av 1.1 - pkgsrc/lang/ruby18-base/patches/patch-aw 1.1 - pkgsrc/lang/ruby18-base/patches/patch-ax 1.1 - pkgsrc/lang/ruby18-base/patches/patch-ay 1.1 - pkgsrc/lang/ruby18-base/patches/patch-az 1.1 Module Name: pkgsrc Committed By: taca Date: Sun Sep 18 13:38:50 UTC 2005 Modified Files: pkgsrc/lang/ruby18-base: Makefile distinfo Added Files: pkgsrc/lang/ruby18-base/patches: patch-au patch-av patch-aw patch-ax patch-ay patch-az Log Message: Adding DrafonFly BSD support based on patch provided by Joerg Sonnenberger. Bump PKGREVISION. --- Module Name: pkgsrc Committed By: taca Date: Mon Sep 19 15:19:13 UTC 2005 Modified Files: pkgsrc/lang/ruby18-base: distinfo pkgsrc/lang/ruby18-base/patches: patch-aa patch-ab Log Message: Rearrange configure script a little: - Correct case statement moving "interix3*)" to before "interrix*)" since "interix3*)" wouldn't match and always match to "interix*)". - Remove "interix3*" in the case condition which always "interix*" pattern. This dosen't fix anything bulding on Interix3 (SFU 3.5) and on other platforms, but fix obvious mistake in configure script. --- Module Name: pkgsrc Committed By: taca Date: Wed Sep 21 14:03:22 UTC 2005 Modified Files: pkgsrc/lang/ruby18-base: Makefile distinfo Added Files: pkgsrc/lang/ruby18-base/patches: patch-ad Log Message: Add a patch for fix the security problem which allows an arbitrary code to run bypassing the safe level check. The patch was provided by Yukihiro Matsumoto on ruby-dev mailing list. Bump PKGREVISION.
- Loading branch information
salo
committed
Sep 22, 2005
1 parent
6e57142
commit cff7e31
Showing
11 changed files
with
315 additions
and
49 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,158 @@ | ||
$NetBSD: patch-ad,v 1.1.2.2 2005/09/22 16:45:00 salo Exp $ | ||
|
||
--- eval.c.orig 2004-12-18 11:07:29.000000000 +0900 | ||
+++ eval.c | ||
@@ -252,6 +252,11 @@ struct cache_entry { /* method hash tab | ||
static struct cache_entry cache[CACHE_SIZE]; | ||
static int ruby_running = 0; | ||
|
||
+#define NOEX_TAINTED 8 | ||
+#define NOEX_SAFE(n) ((n) >> 4) | ||
+#define NOEX_WITH(n, v) ((n) | (v) << 4) | ||
+#define NOEX_WITH_SAFE(n) NOEX_WITH(n, ruby_safe_level) | ||
+ | ||
void | ||
rb_clear_cache() | ||
{ | ||
@@ -344,7 +349,7 @@ rb_add_method(klass, mid, node, noex) | ||
} | ||
if (OBJ_FROZEN(klass)) rb_error_frozen("class/module"); | ||
rb_clear_cache_by_id(mid); | ||
- body = NEW_METHOD(node, noex); | ||
+ body = NEW_METHOD(node, NOEX_WITH_SAFE(noex)); | ||
st_insert(RCLASS(klass)->m_tbl, mid, (st_data_t)body); | ||
if (node && mid != ID_ALLOCATOR && ruby_running) { | ||
if (FL_TEST(klass, FL_SINGLETON)) { | ||
@@ -5456,20 +5461,21 @@ call_cfunc(func, recv, len, argc, argv) | ||
} | ||
|
||
static VALUE | ||
-rb_call0(klass, recv, id, oid, argc, argv, body, nosuper) | ||
+rb_call0(klass, recv, id, oid, argc, argv, body, flags) | ||
VALUE klass, recv; | ||
ID id; | ||
ID oid; | ||
int argc; /* OK */ | ||
VALUE *argv; /* OK */ | ||
NODE *body; /* OK */ | ||
- int nosuper; | ||
+ int flags; | ||
{ | ||
NODE *b2; /* OK */ | ||
volatile VALUE result = Qnil; | ||
int itr; | ||
static int tick; | ||
TMP_PROTECT; | ||
+ volatile int safe = -1; | ||
|
||
switch (ruby_iter->iter) { | ||
case ITER_PRE: | ||
@@ -5491,7 +5497,7 @@ rb_call0(klass, recv, id, oid, argc, arg | ||
|
||
ruby_frame->last_func = id; | ||
ruby_frame->orig_func = oid; | ||
- ruby_frame->last_class = nosuper?0:klass; | ||
+ ruby_frame->last_class = (flags & NOEX_UNDEF)?0:klass; | ||
ruby_frame->self = recv; | ||
ruby_frame->argc = argc; | ||
ruby_frame->argv = argv; | ||
@@ -5553,7 +5559,6 @@ rb_call0(klass, recv, id, oid, argc, arg | ||
NODE *saved_cref = 0; | ||
|
||
PUSH_SCOPE(); | ||
- | ||
if (body->nd_rval) { | ||
saved_cref = ruby_cref; | ||
ruby_cref = (NODE*)body->nd_rval; | ||
@@ -5572,9 +5577,16 @@ rb_call0(klass, recv, id, oid, argc, arg | ||
} | ||
b2 = body = body->nd_next; | ||
|
||
+ if (NOEX_SAFE(flags) > ruby_safe_level) { | ||
+ if (!(flags&NOEX_TAINTED) && ruby_safe_level == 0 && NOEX_SAFE(flags) > 2) { | ||
+ rb_raise(rb_eSecurityError, "calling insecure method: %s", | ||
+ rb_id2name(id)); | ||
+ } | ||
+ safe = ruby_safe_level; | ||
+ ruby_safe_level = NOEX_SAFE(flags); | ||
+ } | ||
PUSH_VARS(); | ||
PUSH_TAG(PROT_FUNC); | ||
- | ||
if ((state = EXEC_TAG()) == 0) { | ||
NODE *node = 0; | ||
int i; | ||
@@ -5653,6 +5665,7 @@ rb_call0(klass, recv, id, oid, argc, arg | ||
result = prot_tag->retval; | ||
state = 0; | ||
} | ||
+ if (safe >= 0) ruby_safe_level = safe; | ||
POP_TAG(); | ||
POP_VARS(); | ||
POP_CLASS(); | ||
@@ -5740,7 +5753,7 @@ rb_call(klass, recv, mid, argc, argv, sc | ||
} | ||
} | ||
|
||
- return rb_call0(klass, recv, mid, id, argc, argv, body, noex & NOEX_NOSUPER); | ||
+ return rb_call0(klass, recv, mid, id, argc, argv, body, noex); | ||
} | ||
|
||
VALUE | ||
@@ -8530,6 +8543,7 @@ struct METHOD { | ||
VALUE klass, rklass; | ||
VALUE recv; | ||
ID id, oid; | ||
+ int safe_level; | ||
NODE *body; | ||
}; | ||
|
||
@@ -8577,6 +8591,7 @@ mnew(klass, obj, id, mklass) | ||
data->body = body; | ||
data->rklass = rklass; | ||
data->oid = oid; | ||
+ data->safe_level = NOEX_WITH_SAFE(0); | ||
OBJ_INFECT(method, klass); | ||
|
||
return method; | ||
@@ -8661,6 +8676,7 @@ method_unbind(obj) | ||
data->body = orig->body; | ||
data->rklass = orig->rklass; | ||
data->oid = orig->oid; | ||
+ data->safe_level = NOEX_WITH_SAFE(0); | ||
OBJ_INFECT(method, obj); | ||
|
||
return method; | ||
@@ -8782,26 +8798,21 @@ method_call(argc, argv, method) | ||
{ | ||
VALUE result = Qnil; /* OK */ | ||
struct METHOD *data; | ||
- int state; | ||
- volatile int safe = -1; | ||
+ int safe; | ||
|
||
Data_Get_Struct(method, struct METHOD, data); | ||
if (data->recv == Qundef) { | ||
rb_raise(rb_eTypeError, "you cannot call unbound method; bind first"); | ||
} | ||
- PUSH_ITER(rb_block_given_p()?ITER_PRE:ITER_NOT); | ||
- PUSH_TAG(PROT_NONE); | ||
if (OBJ_TAINTED(method)) { | ||
- safe = ruby_safe_level; | ||
- if (ruby_safe_level < 4) ruby_safe_level = 4; | ||
+ safe = NOEX_WITH(data->safe_level, 4)|NOEX_TAINTED; | ||
} | ||
- if ((state = EXEC_TAG()) == 0) { | ||
- result = rb_call0(data->klass,data->recv,data->id,data->oid,argc,argv,data->body,0); | ||
+ else { | ||
+ safe = data->safe_level; | ||
} | ||
- POP_TAG(); | ||
+ PUSH_ITER(rb_block_given_p()?ITER_PRE:ITER_NOT); | ||
+ result = rb_call0(data->klass,data->recv,data->id,data->oid,argc,argv,data->body,safe); | ||
POP_ITER(); | ||
- if (safe >= 0) ruby_safe_level = safe; | ||
- if (state) JUMP_TAG(state); | ||
return result; | ||
} | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
$NetBSD: patch-au,v 1.1.2.2 2005/09/22 16:45:00 salo Exp $ | ||
|
||
--- error.c.orig 2005-07-15 16:08:36.000000000 +0000 | ||
+++ error.c | ||
@@ -1108,7 +1108,6 @@ void | ||
rb_sys_fail(mesg) | ||
const char *mesg; | ||
{ | ||
- extern int errno; | ||
int n = errno; | ||
VALUE arg; | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,52 @@ | ||
$NetBSD: patch-av,v 1.1.2.2 2005/09/22 16:45:00 salo Exp $ | ||
|
||
--- process.c.orig 2005-07-15 16:12:12.000000000 +0000 | ||
+++ process.c | ||
@@ -2050,7 +2050,6 @@ static VALUE | ||
p_uid_change_privilege(obj, id) | ||
VALUE obj, id; | ||
{ | ||
- extern int errno; | ||
int uid; | ||
|
||
check_uid_switch(); | ||
@@ -2602,7 +2601,6 @@ static VALUE | ||
p_gid_change_privilege(obj, id) | ||
VALUE obj, id; | ||
{ | ||
- extern int errno; | ||
int gid; | ||
|
||
check_gid_switch(); | ||
@@ -3129,7 +3127,6 @@ static VALUE | ||
p_uid_switch(obj) | ||
VALUE obj; | ||
{ | ||
- extern int errno; | ||
int uid, euid; | ||
|
||
check_uid_switch(); | ||
@@ -3171,7 +3168,6 @@ static VALUE | ||
p_uid_switch(obj) | ||
VALUE obj; | ||
{ | ||
- extern int errno; | ||
int uid, euid; | ||
|
||
check_uid_switch(); | ||
@@ -3242,7 +3238,6 @@ static VALUE | ||
p_gid_switch(obj) | ||
VALUE obj; | ||
{ | ||
- extern int errno; | ||
int gid, egid; | ||
|
||
check_gid_switch(); | ||
@@ -3283,7 +3278,6 @@ static VALUE | ||
p_gid_switch(obj) | ||
VALUE obj; | ||
{ | ||
- extern int errno; | ||
int gid, egid; | ||
|
||
check_gid_switch(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,13 @@ | ||
$NetBSD: patch-aw,v 1.1.2.2 2005/09/22 16:45:00 salo Exp $ | ||
|
||
--- ext/pty/pty.c.orig 2005-07-15 16:16:50.000000000 +0000 | ||
+++ ext/pty/pty.c | ||
@@ -103,8 +103,6 @@ char *MasterDevice = "/dev/pty%s", | ||
|
||
static char SlaveName[DEVICELEN]; | ||
|
||
-extern int errno; | ||
- | ||
#ifndef HAVE_SETEUID | ||
# ifdef HAVE_SETREUID | ||
# define seteuid(e) setreuid(-1, (e)) |
Oops, something went wrong.