diff options
author | Nicholas Clark <nick@ccl4.org> | 2012-02-27 15:21:38 +0100 |
---|---|---|
committer | Nicholas Clark <nick@ccl4.org> | 2012-03-13 17:39:44 +0100 |
commit | 3ea1fc5156d287c1946f337eedc80efd2ccbb842 (patch) | |
tree | 6c3027bc7ac7132ed5e6f1425bc650f5e4f16ba9 | |
parent | 4b53f9ae30a19c4c0d18a058fa72ef71604db9ed (diff) | |
download | perl-smoke-me/kick-FAKE_BIT_BUCKET.tar.gz |
In perl.c, only compile S_forbid_setid() if it's needed.smoke-me/kick-FAKE_BIT_BUCKET
If SETUID_SCRIPTS_ARE_SECURE_NOW is defined, S_forbid_setid() is a no-op,
so don't compile it. Move the declaration and definition of S_forbid_setid()
into the same pre-processor blocks as are used for S_validate_suid(), which
is a no-op when SETUID_SCRIPTS_ARE_SECURE_NOW is /not/ defined.
-rw-r--r-- | embed.fnc | 1 | ||||
-rw-r--r-- | embed.h | 1 | ||||
-rw-r--r-- | perl.c | 34 | ||||
-rw-r--r-- | proto.h | 1 |
4 files changed, 17 insertions, 20 deletions
@@ -1772,7 +1772,6 @@ s |void |Slab_to_rw |NN void *op #if defined(PERL_IN_PERL_C) s |void |find_beginning |NN SV* linestr_sv|NN PerlIO *rsfp -s |void |forbid_setid |const char flag s |void |incpush |NN const char *const dir|STRLEN len \ |U32 flags s |SV* |mayberelocate |NN const char *const dir|STRLEN len \ @@ -1429,7 +1429,6 @@ # endif # if defined(PERL_IN_PERL_C) #define find_beginning(a,b) S_find_beginning(aTHX_ a,b) -#define forbid_setid(a) S_forbid_setid(aTHX_ a) #define incpush(a,b,c) S_incpush(aTHX_ a,b,c) #define incpush_use_sep(a,b,c) S_incpush_use_sep(aTHX_ a,b,c) #define init_ids() S_init_ids(aTHX) @@ -77,9 +77,13 @@ char *getenv (char *); /* Usually in <stdlib.h> */ static I32 read_e_script(pTHX_ int idx, SV *buf_sv, int maxlen); #ifdef SETUID_SCRIPTS_ARE_SECURE_NOW +static void S_forbid_setid(pTHX_ const char flag); + # define validate_suid(rsfp) NOOP +# define forbid_setid(flag) S_forbid_setid(aTHX_ flag) #else # define validate_suid(rsfp) S_validate_suid(aTHX_ rsfp) +# define forbid_setid(flag) NOOP #endif #define CALL_BODY_SUB(myop) \ @@ -3751,7 +3755,19 @@ S_open_script(pTHX_ const char *scriptname, bool dosearch, bool doextract) #ifdef SETUID_SCRIPTS_ARE_SECURE_NOW -/* Don't even need this function. */ +static void +S_forbid_setid(pTHX_ const char flag) +{ + dVAR; + char what = 0; + + if (PerlProc_getuid() != PerlProc_geteuid()) + what = 'u'; + else if (PerlProc_getgid() != PerlProc_getegid()) + what = 'g'; + if (what) + Perl_croak(aTHX_ "No -%c allowed while running set%cid", flag, what); +} #else STATIC void S_validate_suid(pTHX_ PerlIO *rsfp) @@ -3869,22 +3885,6 @@ Perl_doing_taint(int argc, char *argv[], char *envp[]) return 0; } -STATIC void -S_forbid_setid(pTHX_ const char flag) -{ -#ifdef SETUID_SCRIPTS_ARE_SECURE_NOW - dVAR; - char what = 0; - - if (PerlProc_getuid() != PerlProc_geteuid()) - what = 'u'; - else if (PerlProc_getgid() != PerlProc_getegid()) - what = 'g'; - if (what) - Perl_croak(aTHX_ "No -%c allowed while running set%cid", flag, what); -#endif /* SETUID_SCRIPTS_ARE_SECURE_NOW */ -} - void Perl_init_dbargs(pTHX) { @@ -5892,7 +5892,6 @@ STATIC void S_find_beginning(pTHX_ SV* linestr_sv, PerlIO *rsfp) #define PERL_ARGS_ASSERT_FIND_BEGINNING \ assert(linestr_sv); assert(rsfp) -STATIC void S_forbid_setid(pTHX_ const char flag); STATIC void S_incpush(pTHX_ const char *const dir, STRLEN len, U32 flags) __attribute__nonnull__(pTHX_1); #define PERL_ARGS_ASSERT_INCPUSH \ |