merge revision(s) 16420,16454:

* file.c (file_expand_path): support for alternative data stream
	  and ignored trailing garbages of NTFS.
	* file.c (rb_file_s_basename): ditto.
	* file.c (rb_file_s_extname): ditto.
	* lib/webrick/httpservlet/filehandler.rb: should normalize path
	  name in path_info to prevent script disclosure vulnerability on
	  DOSISH filesystems. (fix: CVE-2008-1891)
	  Note: NTFS/FAT filesystem should not be published by the platforms
	  other than Windows. Pathname interpretation (including short
	  filename) is less than perfect.
	* lib/webrick/httpservlet/abstract.rb
	  (WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
	  should escape the value of Location: header.
	* lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
	  command line arguments.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@17303 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

ChangeLog

@@ -1,3 +1,28 @@
+Sun Jun 15 23:02:12 2008  GOTOU Yuuzou  <gotoyuzo@notwork.org>
+
+	* lib/webrick/httpservlet/filehandler.rb: should normalize path
+	  name in path_info to prevent script disclosure vulnerability on
+	  DOSISH filesystems. (fix: CVE-2008-1891)
+	  Note: NTFS/FAT filesystem should not be published by the platforms
+	  other than Windows. Pathname interpretation (including short
+	  filename) is less than perfect.
+
+	* lib/webrick/httpservlet/abstract.rb
+	  (WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
+	  should escape the value of Location: header.
+
+	* lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
+	  command line arguments.
+
+Sun Jun 15 23:02:12 2008  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* file.c (file_expand_path): support for alternative data stream
+	  and ignored trailing garbages of NTFS.
+
+	* file.c (rb_file_s_basename): ditto.
+
+	* file.c (rb_file_s_extname): ditto.
+
 Sun Jun 15 22:53:20 2008  Yukihiro Matsumoto  <matz@ruby-lang.org>
 
 	* string.c (rb_str_cat): fixed buffer overrun reported by

defines.h

@@ -251,6 +251,14 @@ void rb_ia64_flushrs(void);
 #define ENV_IGNORECASE
 #endif
 
+#ifndef CASEFOLD_FILESYSTEM
+# if defined DOSISH || defined __VMS
+#   define CASEFOLD_FILESYSTEM 1
+# else
+#   define CASEFOLD_FILESYSTEM 0
+# endif
+#endif
+
 #ifndef DLEXT_MAXLEN
 #define DLEXT_MAXLEN 4
 #endif

file.c

@@ -2315,6 +2315,18 @@ rb_file_s_umask(argc, argv)
 #define isdirsep(x) ((x) == '/')
 #endif
 
+#if defined _WIN32 || defined __CYGWIN__
+#define USE_NTFS 1
+#else
+#define USE_NTFS 0
+#endif
+
+#if USE_NTFS
+#define istrailinggabage(x) ((x) == '.' || (x) == ' ')
+#else
+#define istrailinggabage(x) 0
+#endif
+
 #ifndef CharNext		/* defined as CharNext[AW] on Windows. */
 # if defined(DJGPP)
 #   define CharNext(p) ((p) + mblen(p, MB_CUR_MAX))
@@ -2741,23 +2753,17 @@ file_expand_path(fname, dname, result)
     if (p == skiproot(buf) - 1) p++;
     buflen = p - buf;
 
-    RSTRING(result)->len = buflen;
-    *p = '\0';
 #if USE_NTFS
-    if (1 &&
+    *p = '\0';
-#ifdef __CYGWIN__
+    if (!strpbrk(b = buf, "*?")) {
-	!(buf[0] == '/' && !buf[1]) &&
-#endif
-	!strpbrk(b = buf, "*?")) {
 	size_t len;
 	WIN32_FIND_DATA wfd;
 #ifdef __CYGWIN__
-	int lnk_added = 0, is_symlink = 0;
+	int lnk_added = 0;
 	struct stat st;
 	char w32buf[MAXPATHLEN], sep = 0;
 	p = 0;
 	if (lstat(buf, &st) == 0 && S_ISLNK(st.st_mode)) {
-	    is_symlink = 1;
 	    p = strrdirsep(buf);
 	    if (!p) p = skipprefix(buf);
 	    if (p) {
@@ -2770,7 +2776,8 @@ file_expand_path(fname, dname, result)
 	}
 	if (p) *p = sep;
 	else p = buf;
-	if (is_symlink && b == w32buf) {
+	if (b == w32buf) {
+	    strlcat(w32buf, p, sizeof(w32buf));
 	    len = strlen(p);
 	    if (len > 4 && strcasecmp(p + len - 4, ".lnk") != 0) {
 		lnk_added = 1;
@@ -2798,6 +2805,8 @@ file_expand_path(fname, dname, result)
 #endif
 
     if (tainted) OBJ_TAINT(result);
+    RSTRING(result)->len = buflen;
+    RSTRING(result)->ptr[buflen] = '\0';
     return result;
 }
 
@@ -2860,7 +2869,12 @@ rmext(p, l1, e)
     }
     if (l1 < l2) return l1;
 
-    if (strncmp(p+l1-l2, e, l2) == 0) {
+#if CASEFOLD_FILESYSTEM
+#define fncomp strncasecmp
+#else
+#define fncomp strncmp
+#endif
+    if (fncomp(p+l1-l2, e, l2) == 0) {
 	return l1-l2;
     }
     return 0;
@@ -3023,7 +3037,7 @@ rb_file_s_extname(klass, fname)
     if (!p)
 	p = name;
     else
-	name = ++p;
+	p++;
 
     e = 0;
     while (*p) {
@@ -3053,7 +3067,7 @@ rb_file_s_extname(klass, fname)
 	    break;
 	p = CharNext(p);
     }
-    if (!e || e == name || e+1 == p)	/* no dot, or the only dot is first or end? */
+    if (!e || e+1 == p)	/* no dot, or the only dot is first or end? */
 	return rb_str_new(0, 0);
     extname = rb_str_new(e, p - e);	/* keep the dot, too! */
     OBJ_INFECT(extname, fname);

version.h

@@ -2,7 +2,7 @@
 #define RUBY_RELEASE_DATE "2008-06-15"
 #define RUBY_VERSION_CODE 186
 #define RUBY_RELEASE_CODE 20080615
-#define RUBY_PATCHLEVEL 209
+#define RUBY_PATCHLEVEL 210
 
 #define RUBY_VERSION_MAJOR 1
 #define RUBY_VERSION_MINOR 8