pike.git / src / interpret.c

version» Context lines:

pike.git/src/interpret.c:1:   /*\   ||| This file a part of Pike, and is copyright by Fredrik Hubinette   ||| Pike is distributed as GPL (General Public License)   ||| See the files COPYING and DISCLAIMER for more information.   \*/   #include "global.h" - RCSID("$Id: interpret.c,v 1.111 1998/11/22 11:02:53 hubbe Exp $"); + RCSID("$Id: interpret.c,v 1.112 1999/01/21 09:15:01 hubbe Exp $");   #include "interpret.h"   #include "object.h"   #include "program.h"   #include "svalue.h"   #include "array.h"   #include "mapping.h"   #include "error.h"   #include "language.h"   #include "stralloc.h"   #include "constants.h"
pike.git/src/interpret.c:21:   #include "operators.h"   #include "opcodes.h"   #include "main.h"   #include "lex.h"   #include "builtin_functions.h"   #include "signal_handler.h"   #include "gc.h"   #include "threads.h"   #include "callback.h"   #include "fd_control.h" + #include "security.h"      #include <fcntl.h>   #include <errno.h>      #ifdef HAVE_MMAP   #ifdef HAVE_SYS_TYPES_H   #include <sys/types.h>   #endif      #ifdef HAVE_SYS_MMAN_H
pike.git/src/interpret.c:187:    }   #endif   #ifdef PROFILING   #ifdef HAVE_GETHRTIME    time_base = gethrtime();    accounted_time =0;   #endif   #endif   }    - void check_stack(INT32 size) - { -  if(sp - evaluator_stack + size >= stack_size) -  error("Stack overflow.\n"); - } +     - void check_mark_stack(INT32 size) - { -  if(mark_sp - mark_stack + size >= stack_size) -  error("Mark stack overflow.\n"); - } +     - void check_c_stack(INT32 size) - { -  long x=((char *)&size) + STACK_DIRECTION * size - stack_top ; -  x*=STACK_DIRECTION; -  if(x>0) -  error("C stack overflow.\n"); - } -  -  +    static int eval_instruction(unsigned char *pc);         /*    * lvalues are stored in two svalues in one of these formats:    * array[index] : { array, index }    * mapping[index] : { mapping, index }    * multiset[index] : { multiset, index }    * object[index] : { object, index }    * local variable : { svalue_pointer, nothing }    * global variable : { svalue_pointer/short_svalue_pointer, nothing }    */      void lvalue_to_svalue_no_free(struct svalue *to,struct svalue *lval)   { -  + #ifdef PIKE_SECURITY +  if(lval->type <= MAX_COMPLEX) +  if(!CHECK_DATA_SECURITY(lval->u.array, SECURITY_BIT_INDEX)) +  error("Index permission denied.\n"); + #endif    switch(lval->type)    {    case T_ARRAY_LVALUE:    {    INT32 e;    struct array *a;    ONERROR err;    a=allocate_array(lval[1].u.array->size>>1);    SET_ONERROR(err, do_free_array, a);    for(e=0;e<a->size;e++)
pike.git/src/interpret.c:282:    default:    if(IS_ZERO(lval))    error("Indexing the NULL value.\n"); /* Per */    else    error("Indexing a basic type.\n");    }   }      void assign_lvalue(struct svalue *lval,struct svalue *from)   { + #ifdef PIKE_SECURITY +  if(lval->type <= MAX_COMPLEX) +  if(!CHECK_DATA_SECURITY(lval->u.array, SECURITY_BIT_SET_INDEX)) +  error("Assign index permission denied.\n"); + #endif +     switch(lval->type)    {    case T_ARRAY_LVALUE:    {    INT32 e;    if(from->type != T_ARRAY)    error("Trying to assign combined lvalue from non-array.\n");       if(from->u.array->size < (lval[1].u.array->size>>1))    error("Not enough values for multiple assign.\n");
pike.git/src/interpret.c:335:    default:    if(IS_ZERO(lval))    error("Indexing the NULL value.\n"); /* Per */    else    error("Indexing a basic type.\n");    }   }      union anything *get_pointer_if_this_type(struct svalue *lval, TYPE_T t)   { + #ifdef PIKE_SECURITY +  if(lval->type <= MAX_COMPLEX) +  if(!CHECK_DATA_SECURITY(lval->u.array, SECURITY_BIT_SET_INDEX)) +  error("Assign index permission denied.\n"); + #endif +     switch(lval->type)    {    case T_ARRAY_LVALUE:    return 0;       case T_LVALUE:    if(lval->u.lval->type == t) return & ( lval->u.lval->u );    return 0;       case T_SHORT_LVALUE:
pike.git/src/interpret.c:1790:    file=get_line(fp->pc,fp->context.prog,&linep);    while((f=STRCHR(file,'/'))) file=f+1;    }else{    linep=0;    file="-";    }    fprintf(stderr,"- %s:%4ld: %s\n",file,(long)linep,s);    free(s);   }    + #ifdef PIKE_SECURITY + static void restore_creds(struct object *creds) + { +  if(current_creds) free_object(current_creds); +  current_creds=creds; + }    - void mega_apply(enum apply_type type, INT32 args, void *arg1, void *arg2) + /* Magic trick */ + static +  + #else + #define mega_apply2 mega_apply + #endif +  + void mega_apply2(enum apply_type type, INT32 args, void *arg1, void *arg2)   {    struct object *o;    int fun, tailrecurse=-1;    struct svalue *save_sp=sp-args; -  +    #ifdef PROFILING   #ifdef HAVE_GETHRTIME    long long children_base = accounted_time;    long long start_time = gethrtime() - time_base;    unsigned INT32 self_time_base;    if(start_time < 0)    {    fatal("gethrtime() shrunk\n start_time=%ld\n gethrtime()=%ld\n time_base=%ld\n",    (long)(start_time/100000),    (long)(gethrtime()/100000),
pike.git/src/interpret.c:1971:    fatal("Inherit offset out of range in program.\n");   #endif       /* init a new evaluation frame */    new_frame.parent_frame = fp;    new_frame.current_object = o;    new_frame.context = p->inherits[ ref->inherit_offset ];       function = new_frame.context.prog->identifiers + ref->identifier_offset;    + #ifdef PIKE_SECURITY +  CHECK_DATA_SECURITY_OR_ERROR(o, SECURITY_BIT_CALL, ("Function call permission denied.\n")); +  +  if(!CHECK_DATA_SECURITY(o, SECURITY_BIT_NOT_SETUID)) +  SET_CURRENT_CREDS(o->prot); + #endif +  +    #ifdef PROFILING    function->num_calls++;   #endif       new_frame.locals = sp - args;    new_frame.expendible = new_frame.locals;    new_frame.args = args;    new_frame.fun = fun;    new_frame.current_storage = o->storage+new_frame.context.storage_offset;    new_frame.pc = 0;
pike.git/src/interpret.c:2179:       if(save_sp+1 > sp)    {    if(type != APPLY_SVALUE)    push_int(0);    }else{    if(t_flag>1) trace_return_value();    }   }    + #ifdef PIKE_SECURITY + void mega_apply(enum apply_type type, INT32 args, void *arg1, void *arg2) + { +  ONERROR tmp; +  if(current_creds) +  add_ref(current_creds);    -  +  SET_ONERROR(tmp, restore_creds, current_creds); +  mega_apply2(type,args,arg1,arg2); +  CALL_AND_UNSET_ONERROR(tmp); + } + #endif +  +    /* Put catch outside of eval_instruction, so    * the setjmp won't affect the optimization of    * eval_instruction    */   static int o_catch(unsigned char *pc)   {    JMP_BUF tmp;    struct svalue *expendible=fp->expendible;    if(SETJMP(tmp))    {