kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

win32/file.c:rb_file_expand_path_internal: delete OBJ_TAINT

Browse source 
Makes no sense any longer.
This commit is contained in:
卜部昌平 2021-01-20 11:59:05 +09:00
parent 3f4f10bb60
commit a2c069fca9
Notes: git 2021-01-27 09:30:41 +09:00 
Merged: https://github.com/ruby/ruby/pull/4100
1 changed files with 0 additions and 24 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

24
win32/file.c
View file

@ -37,8 +37,6 @@ IS_ABSOLUTE_PATH_P(const WCHAR *path, size_t len)
#define INVALID_CODE_PAGE 51932 #define INVALID_CODE_PAGE 51932
#define PATH_BUFFER_SIZE MAX_PATH * 2 #define PATH_BUFFER_SIZE MAX_PATH * 2
#define insecure_obj_p(obj, level) ((level) > 0 && OBJ_TAINTED(obj))
/* defined in win32/win32.c */ /* defined in win32/win32.c */
#define system_code_page rb_w32_filecp #define system_code_page rb_w32_filecp
#define mbstr_to_wstr rb_w32_mbstr_to_wstr #define mbstr_to_wstr rb_w32_mbstr_to_wstr
@ -288,10 +286,6 @@ rb_file_expand_path_internal(VALUE fname, VALUE dname, int abs_mode, int long_na
wchar_t path_drive = L'\0', dir_drive = L'\0'; wchar_t path_drive = L'\0', dir_drive = L'\0';
int ignore_dir = 0; int ignore_dir = 0;
rb_encoding *path_encoding; rb_encoding *path_encoding;
int tainted = 0;
/* tainted if path is tainted */
tainted = OBJ_TAINTED(path);
/* get path encoding */ /* get path encoding */
if (NIL_P(dir)) { if (NIL_P(dir)) {
@ -328,9 +322,6 @@ rb_file_expand_path_internal(VALUE fname, VALUE dname, int abs_mode, int long_na
/* expand '~' only if NOT rb_file_absolute_path() where `abs_mode` is 1 */ /* expand '~' only if NOT rb_file_absolute_path() where `abs_mode` is 1 */
if (abs_mode == 0 && wpath_len > 0 && wpath_pos[0] == L'~' && if (abs_mode == 0 && wpath_len > 0 && wpath_pos[0] == L'~' &&
(wpath_len == 1 || IS_DIR_SEPARATOR_P(wpath_pos[1]))) { (wpath_len == 1 || IS_DIR_SEPARATOR_P(wpath_pos[1]))) {
/* tainted if expanding '~' */
tainted = 1;
whome = rb_w32_home_dir(); whome = rb_w32_home_dir();
if (whome == NULL) { if (whome == NULL) {
free(wpath); free(wpath);
@ -409,9 +400,6 @@ rb_file_expand_path_internal(VALUE fname, VALUE dname, int abs_mode, int long_na
if (abs_mode == 0 && wdir_len > 0 && wdir_pos[0] == L'~' && if (abs_mode == 0 && wdir_len > 0 && wdir_pos[0] == L'~' &&
(wdir_len == 1 || IS_DIR_SEPARATOR_P(wdir_pos[1]))) { (wdir_len == 1 || IS_DIR_SEPARATOR_P(wdir_pos[1]))) {
/* tainted if expanding '~' */
tainted = 1;
whome = rb_w32_home_dir(); whome = rb_w32_home_dir();
if (whome == NULL) { if (whome == NULL) {
free(wpath); free(wpath);
@ -516,10 +504,6 @@ rb_file_expand_path_internal(VALUE fname, VALUE dname, int abs_mode, int long_na
} }
if (wdir_len) { if (wdir_len) {
/* tainted if dir is used and dir is tainted */
if (!tainted && OBJ_TAINTED(dir))
tainted = 1;
wcsncpy(buffer_pos, wdir_pos, wdir_len); wcsncpy(buffer_pos, wdir_pos, wdir_len);
buffer_pos += wdir_len; buffer_pos += wdir_len;
} }
@ -545,10 +529,6 @@ rb_file_expand_path_internal(VALUE fname, VALUE dname, int abs_mode, int long_na
/* Ensure buffer is NULL terminated */ /* Ensure buffer is NULL terminated */
buffer_pos[0] = L'\0'; buffer_pos[0] = L'\0';
/* tainted if path is relative */
if (!tainted && !IS_ABSOLUTE_PATH_P(buffer, buffer_len))
tainted = 1;
/* FIXME: Make this more robust */ /* FIXME: Make this more robust */
/* Determine require buffer size */ /* Determine require buffer size */
size = GetFullPathNameW(buffer, PATH_BUFFER_SIZE, wfullpath_buffer, NULL); size = GetFullPathNameW(buffer, PATH_BUFFER_SIZE, wfullpath_buffer, NULL);
@ -591,10 +571,6 @@ rb_file_expand_path_internal(VALUE fname, VALUE dname, int abs_mode, int long_na
rb_str_set_len(result, 0); rb_str_set_len(result, 0);
result = append_wstr(result, wfullpath, size, path_cp, path_encoding); result = append_wstr(result, wfullpath, size, path_cp, path_encoding);
/* makes the result object tainted if expanding tainted strings or returning modified path */
if (tainted)
OBJ_TAINT(result);
/* TODO: better cleanup */ /* TODO: better cleanup */
if (buffer) if (buffer)
xfree(buffer); xfree(buffer);