Branch: Tag:

1999-01-21

1999-01-21 09:15:55 by Fredrik Hübinette (Hubbe) <hubbe@hubbe.net>

security system v1.0E-100 checked in... (lots of work left to do)

Rev: src/array.c:1.43
Rev: src/array.h:1.15
Rev: src/builtin_functions.c:1.145
Rev: src/error.h:1.26
Rev: src/interpret.c:1.112
Rev: src/interpret.h:1.25
Rev: src/main.c:1.61
Rev: src/mapping.c:1.38
Rev: src/mapping.h:1.13
Rev: src/modules/files/file.c:1.133
Rev: src/modules/system/system.c:1.61
Rev: src/multiset.c:1.13
Rev: src/multiset.h:1.8
Rev: src/object.c:1.54
Rev: src/object.h:1.20
Rev: src/opcodes.c:1.35
Rev: src/otable.h:1.3(DEAD)
Rev: src/program.c:1.106
Rev: src/program.h:1.47
Rev: src/security.c:1.1
Rev: src/security.h:1.1
Rev: src/svalue.h:1.20
Rev: src/testsuite.in:1.139
Rev: src/threads.c:1.86

4:   ||| See the files COPYING and DISCLAIMER for more information.   \*/   #include "global.h" - RCSID("$Id: builtin_functions.c,v 1.144 1999/01/16 02:57:05 grubba Exp $"); + RCSID("$Id: builtin_functions.c,v 1.145 1999/01/21 09:14:58 hubbe Exp $");   #include "interpret.h"   #include "svalue.h"   #include "pike_macros.h"
353:      void f_add_constant(INT32 args)   { -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("add_constant: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("add_constant: permission denied.\n"));    if(args<1)    PIKE_ERROR("add_constant", "Too few arguments.\n", sp, args);   
1086:      void f_exit(INT32 args)   { -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("exit: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("exit: permission denied.\n"));    if(args < 1)    PIKE_ERROR("exit", "Too few arguments.\n", sp, args);   
1100:      void f__exit(INT32 args)   { -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("_exit: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("_exit: permission denied.\n"));    if(args < 1)    PIKE_ERROR("_exit", "Too few arguments.\n", sp, args);   
1451:      struct tupel   { -  struct pike_string *ind,*val; +  int prefix; +  struct pike_string *ind; +  struct pike_string *val;   };    - static int replace_sortfun(void *a,void *b) + static int replace_sortfun(struct tupel *a,struct tupel *b)   { -  return my_quick_strcmp( ((struct tupel *)a)->ind, ((struct tupel *)b)->ind); +  return my_quick_strcmp(a->ind,b->ind);   }    -  + /* Magic, magic and more magic */ + static int find_longest_prefix(char *str, +  INT32 len, +  int size_shift, +  struct tupel *v, +  INT32 a, +  INT32 b) + { +  INT32 tmp,c,match=-1; +  while(a<b) +  { +  c=(a+b)/2; +  +  tmp=generic_quick_binary_strcmp(v[c].ind->str, +  v[c].ind->len, +  v[c].ind->size_shift, +  str, +  MINIMUM(len,v[c].ind->len), +  size_shift); +  if(tmp<0) +  { +  INT32 match2=find_longest_prefix(str, +  len, +  size_shift, +  v, +  c+1, +  b); +  if(match2!=-1) return match2; +  +  while(1) +  { +  if(v[c].prefix==-2) +  { +  v[c].prefix=find_longest_prefix(v[c].ind->str, +  v[c].ind->len, +  v[c].ind->size_shift, +  v, +  0 /* can this be optimized? */, +  c); +  } +  c=v[c].prefix; +  if(c<a || c<match) return match; +  +  if(!generic_quick_binary_strcmp(v[c].ind->str, +  v[c].ind->len, +  v[c].ind->size_shift, +  str, +  MINIMUM(len,v[c].ind->len), +  size_shift)) +  return c; +  } +  } +  else if(tmp>0) +  { +  b=c; +  } +  else +  { +  a=c+1; /* There might still be a better match... */ +  match=c; +  } +  } +  return match; + } +  +    static struct pike_string * replace_many(struct pike_string *str,    struct array *from,    struct array *to)
1501:       v[num].ind=ITEM(from)[e].u.string;    v[num].val=ITEM(to)[e].u.string; +  v[num].prefix=-2; /* Uninitialized */    num++;    }   
1524:       for(s=0;length > 0;)    { -  INT32 a,b,c,ch; +  INT32 a,b,ch;       ch=index_shared_string(str,s);    if(ch<(INT32)NELEM(set_end)) b=set_end[ch]; else b=num;
1533:    {    if(ch<(INT32)NELEM(set_start)) a=set_start[ch]; else a=0;    -  while(a<b) -  { -  c=(a+b)/2; -  -  if(generic_quick_binary_strcmp(v[c].ind->str, -  v[c].ind->len, -  v[c].ind->size_shift, -  str->str+(s << str->size_shift), +  a=find_longest_prefix(str->str+(s << str->size_shift),    length, -  str->size_shift) <=0) +  str->size_shift, +  v, a, b); +  +  if(a!=-1)    { -  if(a==c) break; -  a=c; -  }else{ -  b=c; -  } -  } -  if(a<num && -  length >= v[a].ind->len && -  !generic_quick_binary_strcmp(v[a].ind->str, -  v[a].ind->len, -  v[a].ind->size_shift, -  str->str+(s<<str->size_shift), -  v[a].ind->len, -  str->size_shift)) -  { -  c=v[a].ind->len; -  if(!c) c=1; -  s+=c; -  length-=c; +  ch=v[a].ind->len; +  if(!ch) ch=1; +  s+=ch; +  length-=ch;    string_builder_shared_strcat(&ret,v[a].val);    continue;    }
1906: Inside #if defined(PIKE_DEBUG)
  void f__verify_internals(INT32 args)   {    INT32 tmp=d_flag; -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("_verify_internals: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("_verify_internals: permission denied.\n"));    d_flag=0x7fffffff;    do_debug();    d_flag=tmp;
1917: Inside #if defined(PIKE_DEBUG)
  void f__debug(INT32 args)   {    INT32 i=d_flag; -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("_debug: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("_debug: permission denied.\n"));    get_all_args("_debug",args,"%i",&d_flag);    pop_n_elems(args);    push_int(i);
1929: Inside #if defined(PIKE_DEBUG) and #if defined(YYDEBUG)
  {    extern int yydebug;    INT32 i = yydebug; -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("_compiler_trace: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("_compiler_trace: permission denied.\n"));    get_all_args("_compiler_trace", args, "%i", &yydebug);    pop_n_elems(args);    push_int(i);
3265:   {    struct svalue tmp;    -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("_next: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("_next: permission denied.\n"));       if(!args)    PIKE_ERROR("_next", "Too few arguments.\n", sp, args);
3296:   {    struct svalue tmp;    -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("_prev: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("_prev: permission denied.\n"));       if(!args)    PIKE_ERROR("_prev", "Too few arguments.\n", sp, args);
3352:      void f_replace_master(INT32 args)   { -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("replace_master: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("replace_master: permission denied.\n"));       if(!args)    PIKE_ERROR("replace_master", "Too few arguments.\n", sp, 0);
3618: Inside #if defined(DEBUG_MALLOC)
  #ifdef DEBUG_MALLOC   void f__reset_dmalloc(INT32 args)   { -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("replace_master: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("replace_master: permission denied.\n"));    pop_n_elems(args);    reset_debug_malloc();   }
3627: Inside #if defined(PIKE_DEBUG)
  #ifdef PIKE_DEBUG   void f__locate_references(INT32 args)   { -  CHECK_SECURITY(0,SECURITY_BIT_SECURITY, ("replace_master: permission denied.\n")); +  CHECK_SECURITY_OR_ERROR(SECURITY_BIT_SECURITY, ("replace_master: permission denied.\n"));    if(args)    locate_references(sp[-args].u.refs);    pop_n_elems(args-1);