1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

Do not always taint the result of File#path

The result should only be tainted if the path given to the method
was tainted.

The code to always taint the result was added in
a4934a42cb (svn revision 4892) in
2003 by matz.  However, the change wasn't mentioned in the
commit message, and it may have been committed by accident.

Skip part of a readline test that uses Reline.  Reline in general
would pass the test, but Reline's test mode doesn't raise a
SecurityError if passing a tainted prompt and $SAFE >= 1. This
was hidden earlier because File#path was always returning a
tainted string.

Fixes [Bug #14485]
This commit is contained in:
Jeremy Evans 2019-06-20 11:50:22 -07:00
parent aa97410b0a
commit 1a759bfe5d
3 changed files with 22 additions and 1 deletions

2
file.c
View file

@ -475,7 +475,7 @@ rb_file_path(VALUE obj)
rb_raise(rb_eIOError, "File is unnamed (TMPFILE?)");
}
return rb_obj_taint(rb_str_dup(fptr->pathv));
return rb_str_dup(fptr->pathv);
}
static size_t

View file

@ -41,6 +41,11 @@ module BasetestReadline
assert_equal("> ", stdout.read(2))
assert_equal(1, Readline::HISTORY.length)
assert_equal("hello", Readline::HISTORY[0])
# Work around lack of SecurityError in Reline
# test mode with tainted prompt
return if kind_of?(TestRelineAsReadline)
Thread.start {
$SAFE = 1
assert_raise(SecurityError) do

View file

@ -187,6 +187,22 @@ class TestFileExhaustive < Test::Unit::TestCase
end
end
def test_path_taint
[regular_file, utf8_file].each do |file|
assert_equal(false, File.open(file) {|f| f.path}.tainted?)
assert_equal(true, File.open(file.dup.taint) {|f| f.path}.tainted?)
o = Object.new
class << o; self; end.class_eval do
define_method(:to_path) { file }
end
assert_equal(false, File.open(o) {|f| f.path}.tainted?)
class << o; self; end.class_eval do
define_method(:to_path) { file.dup.taint }
end
assert_equal(true, File.open(o) {|f| f.path}.tainted?)
end
end
def assert_integer(n)
assert_kind_of(Integer, n)
end