* lib/irb.rb (IRB::Irb::eval_input): warn and exit if $SAFE >=3

after input evaluation.

* lib/irb.rb (IRB::Irb::eval_input): untaint input string.  now
  irb works for levels 1 and 2.

* ext/syck/rubyext.c (syck_loader_transfer): should not use
  rb_cProc directly, since type_proc may be Proc, Block, or
  Method.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@3931 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

ChangeLog

@@ -1,3 +1,11 @@
+Tue Jun 10 01:07:54 2003  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* lib/irb.rb (IRB::Irb::eval_input): warn and exit if $SAFE >=3
+	  after input evaluation.
+
+	* lib/irb.rb (IRB::Irb::eval_input): untaint input string.  now
+	  irb works for levels 1 and 2.
+
 Mon Jun  9 19:02:33 2003  Nobuyoshi Nakada  <nobu.nokada@softhome.net>
 
 	* configure.in: checks presence of grp.h and setgroups().
@@ -13,6 +21,10 @@ Sun Jun  8 13:37:21 2003  Takaaki Uematsu  <uema2x@jcom.home.ne.jp>
 
 Sat Jun  7 22:22:03 2003  Yukihiro Matsumoto  <matz@ruby-lang.org>
 
+	* ext/syck/rubyext.c (syck_loader_transfer): should not use
+	  rb_cProc directly, since type_proc may be Proc, Block, or
+	  Method.
+
 	* parse.y (value_expr0): class and module statements should not be
 	  warned for "void value expression". [ruby-talk:72989]
 

ext/syck/rubyext.c

@@ -773,7 +773,7 @@ syck_loader_transfer( self, type, val )
                    // rb_funcall(rb_mKernel, rb_intern("p"), 2, name, type_proc);
         }
 
-        if ( rb_obj_is_instance_of( type_proc, rb_cProc ) )
+        if ( rb_respond_to( type_proc, rb_intern("call") ) )
         {
                    val = rb_funcall(type_proc, rb_intern("call"), 2, type_uri, val);
         }

lib/irb.rb

@@ -141,10 +141,10 @@ module IRB
 	end
       end
 
-      @scanner.each_top_level_statement do
-	|line, line_no|
+      @scanner.each_top_level_statement do |line, line_no|
 	signal_status(:IN_EVAL) do
 	  begin
+            line.untaint
 	    @context.evaluate(line, line_no)
 	    output_value if @context.echo?
 	  rescue StandardError, ScriptError, Abort
@@ -180,6 +180,10 @@ module IRB
 	    end
 	    print "Maybe IRB bug!!\n" if irb_bug
 	  end
+          if $SAFE > 2
+            warn "Error: irb does not work for $SAFE level higher than 2"
+            exit 1
+          end
 	end
       end
     end

lib/irb/ruby-lex.rb

@@ -69,12 +69,12 @@ class RubyLex
   # io functions
   def set_input(io, p = nil)
     @io = io
-    if p.kind_of?(Proc)
+    if p.respond_to?(:call)
       @input = p
     elsif iterator?
-      @input = proc
+      @input = Block.new
     else
-      @input = proc{@io.gets}
+      @input = Block.new{@io.gets}
     end
   end
 
@@ -183,11 +183,11 @@ class RubyLex
   end
   private :buf_input
 
-  def set_prompt(p = proc)
-    if p.kind_of?(Proc)
+  def set_prompt(p = Block.new)
+    if p.respond_to?(:call)
       @prompt = p
     else
-      @prompt = proc{print p}
+      @prompt = Block.new{print p}
     end
   end
 

lib/irb/slex.rb

@@ -33,13 +33,13 @@ class SLex
   
   def def_rule(token, preproc = nil, postproc = nil)
     #      print node.inspect, "\n" if SLex.debug?
-    postproc = proc if iterator?
+    postproc = Block.new if iterator?
     node = create(token, preproc, postproc)
   end
   
   def def_rules(*tokens)
     if iterator?
-      p = proc
+      p = Block.new
     end
     for token in tokens
       def_rule(token, nil, p)

process.c

@@ -1283,6 +1283,9 @@ proc_setgroups(VALUE obj, VALUE ary)
 	    }
 	    else {
 		gr = getgrnam(RSTRING(g)->ptr);
+		if (gr == NULL)
+		    rb_raise(rb_eArgError, "can't find group for %s", RSTRING(g)->ptr);
+		groups[i] = gr->gr_gid;
 	    }
 	}
     }