summaryrefslogtreecommitdiff
path: root/file.c
Commit message (Collapse)AuthorAgeFilesLines
* Removed rb_find_file_ext_safe and rb_find_file_safeHiroshi SHIBATA2020-09-231-14/+0
|
* Get rid of the redundant stat() in rb_check_realpath_internalJean Boussier2020-07-071-1/+3
|
* add UNREACHABLE_RETURN卜部昌平2020-06-291-0/+1
| | | | | | Not every compilers understand that rb_raise does not return. When a function does not end with a return statement, such compilers can issue warnings. We would better tell them about reachabilities.
* rb_f_stat: do not goto into a branch卜部昌平2020-06-291-9/+9
| | | | | I'm not necessarily against every goto in general, but jumping into a branch is definitely a bad idea. Better refactor.
* Removed execpath argument of path_check_0 as always TRUE nowNobuyoshi Nakada2020-06-231-5/+5
|
* Removed fpath_check, no longer used since taint flag was removedNobuyoshi Nakada2020-06-231-6/+0
|
* Allow Dir.home to work for non-login procs when $HOME not setAlan D. Salewski2020-05-231-15/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Allow the 'Dir.home' method to reliably locate the user's home directory when all three of the following are true at the same time: 1. Ruby is running on a Unix-like OS 2. The $HOME environment variable is not set 3. The process is not a descendant of login(1) (or a work-alike) The prior behavior was that the lookup could only work for login-descended processes. This is accomplished by looking up the user's record in the password database by uid (getpwuid_r(3)) as a fallback to the lookup by name (getpwname_r(3)) which is still attempted first (based on the name, if any, returned by getlogin_r(3)). If getlogin_r(3), getpwnam_r(3), and/or getpwuid_r(3) is not available at compile time, will fallback on using their respective non-*_r() variants: getlogin(3), getpwnam(3), and/or getpwuid(3). The rationale for attempting to do the lookup by name prior to doing it by uid is to accommodate the possibility of multiple login names (each with its own record in the password database, so each with a potentially different home directory) being mapped to the same uid (as is explicitly allowed for by POSIX; see getlogin(3posix)). Preserves the existing behavior for login-descended processes, and adds the new capability of having Dir.home being able to find the user's home directory for non-login-descended processes. Fixes [Bug #16787] Related discussion: https://bugs.ruby-lang.org/issues/16787 https://github.com/ruby/ruby/pull/3034
* sed -i 's|ruby/impl|ruby/internal|'卜部昌平2020-05-111-1/+1
| | | | To fix build failures.
* sed -i s|ruby/3|ruby/impl|g卜部昌平2020-05-111-1/+1
| | | | This shall fix compile errors.
* Merge pull request #2991 from shyouhei/ruby.h卜部昌平2020-04-081-2/+16
| | | Split ruby.h
* Show the deprecated name in the warningNobuyoshi Nakada2020-04-071-1/+1
| | | | Fixed up a58bbd6a512d95ca010d8bebae4fe590400c1413.
* [DOC] Removed RDoc of deprecated methods [ci skip]Nobuyoshi Nakada2020-04-061-6/+1
|
* Use `rb_warn_deprecated` for `File.exists?` and `Dir.exists?`Nobuyoshi Nakada2020-04-061-4/+4
|
* decouple internal.h headers卜部昌平2019-12-261-59/+74
| | | | | | | | | | | | | | | | | | Saves comitters' daily life by avoid #include-ing everything from internal.h to make each file do so instead. This would significantly speed up incremental builds. We take the following inclusion order in this changeset: 1. "ruby/config.h", where _GNU_SOURCE is defined (must be the very first thing among everything). 2. RUBY_EXTCONF_H if any. 3. Standard C headers, sorted alphabetically. 4. Other system headers, maybe guarded by #ifdef 5. Everything else, sorted alphabetically. Exceptions are those win32-related headers, which tend not be self- containing (headers have inclusion order dependencies).
* Revert "Should return "." for File.extname("file.") also on Windows"NAKAMURA Usaku2019-12-231-17/+5
| | | | | | | | We want to introduce consistency and better compatibility with unixen, but the Windows APIs doues not have consistency fundamentally and we can not found any logical way... This reverts commit 61aff0cd189e67fa6f2565639ad0128fa33b88fc.
* Should return "." for File.extname("file.") also on WindowsNAKAMURA Usaku2019-12-221-5/+17
| | | | | But not changes another cases, such as "file.rb." [Bug #15267]
* Get rid of infinite recursion at loading transcoderNobuyoshi Nakada2019-12-161-1/+1
| | | | | Disable encoding US-ASCII path to filesystem on Windows too. [Bug #16392]
* Fixed stack overflow [Bug #16382]Nobuyoshi Nakada2019-12-031-17/+16
| | | | | Get rid of infinite recursion in expanding a load path to the real path while loading a transcoder.
* Deprecate taint/trust and related methods, and make the methods no-opsJeremy Evans2019-11-181-16/+0
| | | | | | This removes the related tests, and puts the related specs behind version guards. This affects all code in lib, including some libraries that may want to support older versions of Ruby.
* Warn on access/modify of $SAFE, and remove effects of modifying $SAFEJeremy Evans2019-11-181-46/+18
| | | | | | | | | | | | | | | | | This removes the security features added by $SAFE = 1, and warns for access or modification of $SAFE from Ruby-level, as well as warning when calling all public C functions related to $SAFE. This modifies some internal functions that took a safe level argument to no longer take the argument. rb_require_safe now warns, rb_require_string has been added as a version that takes a VALUE and does not warn. One public C function that still takes a safe level argument and that this doesn't warn for is rb_eval_cmd. We may want to consider adding an alternative method that does not take a safe level argument, and warn for rb_eval_cmd.
* [DOC] no change on Windows [Bug #15267] [ci skip]Nobuyoshi Nakada2019-10-171-1/+4
|
* Fixed File.extname at a name ending with a dotNobuyoshi Nakada2019-10-171-2/+2
| | | | | File.extname now returns a dot string at a name ending with a dot. [Bug #15267]
* Update documentation for File#{readable,writable,executable}{,_real}? [ci skip]Jeremy Evans2019-10-141-1/+19
| | | | | | | | Some OS-level security features cause these methods to not return expected results. For example fs.protected_regular sysctl on Linux, or pledge(2)/unveil(2) on OpenBSD. Fixes [Bug #16002]
* Adjusted spaces [ci skip]Nobuyoshi Nakada2019-09-271-3/+3
|
* Add `File.absolute_path?` (#2198)David Rodríguez2019-09-051-0/+20
| | | | | In order to check whether a path is absolute or not in a portable way. [Feature #15868]
* drop-in type check for rb_define_singleton_method卜部昌平2019-08-291-20/+32
| | | | | | We can check the function pointer passed to rb_define_singleton_method like how we do so in rb_define_method. Doing so revealed many arity mismatches.
* drop-in type check for rb_define_global_function卜部昌平2019-08-291-1/+1
| | | | | | We can check the function pointer passed to rb_define_global_function like we do so in rb_define_method. It turns out that almost anybody is misunderstanding the API.
* Do not always taint the result of File#pathJeremy Evans2019-07-301-1/+1
| | | | | | | | | | | | | | | | | | The result should only be tainted if the path given to the method was tainted. The code to always taint the result was added in a4934a42cbb84b6679912226581c71b435671f55 (svn revision 4892) in 2003 by matz. However, the change wasn't mentioned in the commit message, and it may have been committed by accident. Skip part of a readline test that uses Reline. Reline in general would pass the test, but Reline's test mode doesn't raise a SecurityError if passing a tainted prompt and $SAFE >= 1. This was hidden earlier because File#path was always returning a tainted string. Fixes [Bug #14485]
* Revert "Do not always taint the result of File#path"Jeremy Evans2019-07-291-1/+1
| | | | | | This reverts commit 1a759bfe5d554c22571d2e6e4e5998cf06a7b98f. This fails on some operating systems.
* Do not always taint the result of File#pathJeremy Evans2019-07-291-1/+1
| | | | | | | | | | | | | | | | | | The result should only be tainted if the path given to the method was tainted. The code to always taint the result was added in a4934a42cbb84b6679912226581c71b435671f55 (svn revision 4892) in 2003 by matz. However, the change wasn't mentioned in the commit message, and it may have been committed by accident. Skip part of a readline test that uses Reline. Reline in general would pass the test, but Reline's test mode doesn't raise a SecurityError if passing a tainted prompt and $SAFE >= 1. This was hidden earlier because File#path was always returning a tainted string. Fixes [Bug #14485]
* file.c: add a NORETURN declaration for statx_notimplementYusuke Endoh2019-07-201-0/+2
| | | | clang complains the lack.
* * expand tabs.git2019-07-141-1/+1
|
* Prefer `rb_error_arity` to `rb_check_arity` when it can be usedYusuke Endoh2019-07-141-6/+7
|
* Don't use native realpath(3) on SolarisJeremy Evans2019-07-011-0/+5
| | | | | | CI shows it does work on Solaris 11, but does not work on Solaris 10. However, until I figure out a good way to differentiate between Solaris 10 and 11, this should get CI passing on both.
* * expand tabs.git2019-07-021-27/+27
|
* Use realpath(3) instead of custom realpath implementation if availableJeremy Evans2019-07-011-3/+83
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This approach is simpler than the previous approach which tries to emulate realpath(3). It also performs much better on both Linux and OpenBSD on the included benchmarks. By using realpath(3), we can better integrate with system security features such as OpenBSD's unveil(2) system call. This does not use realpath(3) on Windows even if it exists, as the approach for checking for absolute paths does not work for drive letters. This can be fixed without too much difficultly, though until Windows defines realpath(3), there is no need to do so. For File.realdirpath, where the last element of the path is not required to exist, fallback to the previous approach, as realpath(3) on most operating systems requires the whole path be valid (per POSIX), and the operating systems where this isn't true either plan to conform to POSIX or may change to conform to POSIX in the future. glibc realpath(3) does not handle /path/to/file.rb/../other_file.rb paths, returning ENOTDIR in that case. Fallback to the previous code if realpath(3) returns ENOTDIR. glibc doesn't like realpath(3) usage for paths like /dev/fd/5, returning ENOENT even though the path may appear to exist in the filesystem. If ENOENT is returned and the path exists, then fall back to the default approach.
* Update documentation for File.executable{,_real}? to mention Windows issuesJeremy Evans2019-06-171-0/+8
| | | | Fixes [Bug #15664]
* file.c: fix compile error with MacPorts gccNobuyoshi Nakada2019-06-081-0/+8
| | | | | | | | | | With the SDK of Xcode 10.2.1, `API_AVAILABLE` and so on macros are not defined in <os/availability.h> when using a compiler other than clang (which has `__has_feature` and `__has_attribute`), but `__API_AVAILABLE` macro and so on are defined, which are also defined in <Availability.h>. I suspect this is a bug of the SDK.
* Always mark the string returned by File.realpath as taintedJeremy Evans2019-04-281-1/+1
| | | | | | | | | | | | | | | | | This string can include elements that were not in either string passed to File.realpath, even if one of the strings is an absolute path, due to symlinks: ```ruby Dir.mkdir('b') unless File.directory?('b') File.write('b/a', '') unless File.file?('b/a') File.symlink('b', 'c') unless File.symlink?('c') path = File.realpath('c/a'.untaint, Dir.pwd.untaint) path # "/home/testr/ruby/b/a" path.tainted? # should be true, as 'b' comes from file system ``` [Bug #15803]
* file.c: raise NotImplementedError instread of Errno::ENOSYSglass2019-03-231-1/+11
| | | | | | [Misc #15615] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67338 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* [DOC] fix markups [ci skip]nobu2019-03-221-59/+53
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67337 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Check stx_btime in struct statxnobu2019-02-241-3/+4
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67131 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Support File#birthtime on Linuxnobu2019-02-221-3/+5
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67116 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Unified rb_file_s_birthtimenobu2019-02-221-24/+23
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67115 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Constifiednobu2019-02-211-10/+10
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67108 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Path for AT_EMPTY_PATH must not be NULLnobu2019-02-211-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67107 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Separate fstatx_without_gvl from statx_without_gvlnobu2019-02-211-18/+22
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67105 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* fix r67097 with castko12019-02-201-1/+1
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67099 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Try statx syscallnobu2019-02-201-5/+25
| | | | | | | * file.c (rb_file_s_birthtime): export for pathname to check if birthtime is supported. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67097 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* revert r67093 because it breaks testsko12019-02-201-17/+0
| | | | git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67094 b2dd03c8-39d4-4d8f-98ff-823fe69b080e