summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorNicholas Clark <nick@ccl4.org>2012-02-27 15:21:38 +0100
committerNicholas Clark <nick@ccl4.org>2012-03-13 17:39:44 +0100
commit3ea1fc5156d287c1946f337eedc80efd2ccbb842 (patch)
tree6c3027bc7ac7132ed5e6f1425bc650f5e4f16ba9
parent4b53f9ae30a19c4c0d18a058fa72ef71604db9ed (diff)
downloadperl-smoke-me/kick-FAKE_BIT_BUCKET.tar.gz
In perl.c, only compile S_forbid_setid() if it's needed.smoke-me/kick-FAKE_BIT_BUCKET
If SETUID_SCRIPTS_ARE_SECURE_NOW is defined, S_forbid_setid() is a no-op, so don't compile it. Move the declaration and definition of S_forbid_setid() into the same pre-processor blocks as are used for S_validate_suid(), which is a no-op when SETUID_SCRIPTS_ARE_SECURE_NOW is /not/ defined.
-rw-r--r--embed.fnc1
-rw-r--r--embed.h1
-rw-r--r--perl.c34
-rw-r--r--proto.h1
4 files changed, 17 insertions, 20 deletions
diff --git a/embed.fnc b/embed.fnc
index b0fb7c3267..a73deb0e48 100644
--- a/embed.fnc
+++ b/embed.fnc
@@ -1772,7 +1772,6 @@ s |void |Slab_to_rw |NN void *op
#if defined(PERL_IN_PERL_C)
s |void |find_beginning |NN SV* linestr_sv|NN PerlIO *rsfp
-s |void |forbid_setid |const char flag
s |void |incpush |NN const char *const dir|STRLEN len \
|U32 flags
s |SV* |mayberelocate |NN const char *const dir|STRLEN len \
diff --git a/embed.h b/embed.h
index 700bb62662..4e154c17fc 100644
--- a/embed.h
+++ b/embed.h
@@ -1429,7 +1429,6 @@
# endif
# if defined(PERL_IN_PERL_C)
#define find_beginning(a,b) S_find_beginning(aTHX_ a,b)
-#define forbid_setid(a) S_forbid_setid(aTHX_ a)
#define incpush(a,b,c) S_incpush(aTHX_ a,b,c)
#define incpush_use_sep(a,b,c) S_incpush_use_sep(aTHX_ a,b,c)
#define init_ids() S_init_ids(aTHX)
diff --git a/perl.c b/perl.c
index 7c6c36ebfb..a9f380bc46 100644
--- a/perl.c
+++ b/perl.c
@@ -77,9 +77,13 @@ char *getenv (char *); /* Usually in <stdlib.h> */
static I32 read_e_script(pTHX_ int idx, SV *buf_sv, int maxlen);
#ifdef SETUID_SCRIPTS_ARE_SECURE_NOW
+static void S_forbid_setid(pTHX_ const char flag);
+
# define validate_suid(rsfp) NOOP
+# define forbid_setid(flag) S_forbid_setid(aTHX_ flag)
#else
# define validate_suid(rsfp) S_validate_suid(aTHX_ rsfp)
+# define forbid_setid(flag) NOOP
#endif
#define CALL_BODY_SUB(myop) \
@@ -3751,7 +3755,19 @@ S_open_script(pTHX_ const char *scriptname, bool dosearch, bool doextract)
#ifdef SETUID_SCRIPTS_ARE_SECURE_NOW
-/* Don't even need this function. */
+static void
+S_forbid_setid(pTHX_ const char flag)
+{
+ dVAR;
+ char what = 0;
+
+ if (PerlProc_getuid() != PerlProc_geteuid())
+ what = 'u';
+ else if (PerlProc_getgid() != PerlProc_getegid())
+ what = 'g';
+ if (what)
+ Perl_croak(aTHX_ "No -%c allowed while running set%cid", flag, what);
+}
#else
STATIC void
S_validate_suid(pTHX_ PerlIO *rsfp)
@@ -3869,22 +3885,6 @@ Perl_doing_taint(int argc, char *argv[], char *envp[])
return 0;
}
-STATIC void
-S_forbid_setid(pTHX_ const char flag)
-{
-#ifdef SETUID_SCRIPTS_ARE_SECURE_NOW
- dVAR;
- char what = 0;
-
- if (PerlProc_getuid() != PerlProc_geteuid())
- what = 'u';
- else if (PerlProc_getgid() != PerlProc_getegid())
- what = 'g';
- if (what)
- Perl_croak(aTHX_ "No -%c allowed while running set%cid", flag, what);
-#endif /* SETUID_SCRIPTS_ARE_SECURE_NOW */
-}
-
void
Perl_init_dbargs(pTHX)
{
diff --git a/proto.h b/proto.h
index 6d59cfbc1a..c086bf8df1 100644
--- a/proto.h
+++ b/proto.h
@@ -5892,7 +5892,6 @@ STATIC void S_find_beginning(pTHX_ SV* linestr_sv, PerlIO *rsfp)
#define PERL_ARGS_ASSERT_FIND_BEGINNING \
assert(linestr_sv); assert(rsfp)
-STATIC void S_forbid_setid(pTHX_ const char flag);
STATIC void S_incpush(pTHX_ const char *const dir, STRLEN len, U32 flags)
__attribute__nonnull__(pTHX_1);
#define PERL_ARGS_ASSERT_INCPUSH \