mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
dir.c: check NUL bytes
* dir.c (GlobPathValue): should be used in rb_push_glob only. other methods should use FilePathValue. https://hackerone.com/reports/302338 * dir.c (rb_push_glob): expand GlobPathValue git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62989 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
parent
22a4e6ac7a
commit
bd5661a3cb
2 changed files with 20 additions and 14 deletions
26
dir.c
26
dir.c
|
@ -472,15 +472,6 @@ static const rb_data_type_t dir_data_type = {
|
|||
|
||||
static VALUE dir_close(VALUE);
|
||||
|
||||
#define GlobPathValue(str, safe) \
|
||||
/* can contain null bytes as separators */ \
|
||||
(!RB_TYPE_P((str), T_STRING) ? \
|
||||
(void)FilePathValue(str) : \
|
||||
(void)(check_safe_glob((str), (safe)), \
|
||||
check_glob_encoding(str), (str)))
|
||||
#define check_safe_glob(str, safe) ((safe) ? rb_check_safe_obj(str) : (void)0)
|
||||
#define check_glob_encoding(str) rb_enc_check((str), rb_enc_from_encoding(rb_usascii_encoding()))
|
||||
|
||||
static VALUE
|
||||
dir_s_alloc(VALUE klass)
|
||||
{
|
||||
|
@ -551,7 +542,7 @@ dir_initialize(int argc, VALUE *argv, VALUE dir)
|
|||
}
|
||||
}
|
||||
|
||||
GlobPathValue(dirname, FALSE);
|
||||
FilePathValue(dirname);
|
||||
orig = rb_str_dup_frozen(dirname);
|
||||
dirname = rb_str_encode_ospath(dirname);
|
||||
dirname = rb_str_dup_frozen(dirname);
|
||||
|
@ -2545,7 +2536,14 @@ rb_push_glob(VALUE str, VALUE base, int flags) /* '\0' is delimiter */
|
|||
long offset = 0;
|
||||
VALUE ary;
|
||||
|
||||
GlobPathValue(str, TRUE);
|
||||
/* can contain null bytes as separators */
|
||||
if (!RB_TYPE_P((str), T_STRING)) {
|
||||
FilePathValue(str);
|
||||
}
|
||||
else {
|
||||
rb_check_safe_obj(str);
|
||||
rb_enc_check(str, rb_enc_from_encoding(rb_usascii_encoding()));
|
||||
}
|
||||
ary = rb_ary_new();
|
||||
|
||||
while (offset < RSTRING_LEN(str)) {
|
||||
|
@ -2575,7 +2573,7 @@ dir_globs(long argc, const VALUE *argv, VALUE base, int flags)
|
|||
for (i = 0; i < argc; ++i) {
|
||||
int status;
|
||||
VALUE str = argv[i];
|
||||
GlobPathValue(str, TRUE);
|
||||
FilePathValue(str);
|
||||
status = push_glob(ary, str, base, flags);
|
||||
if (status) GLOB_JUMP_TAG(status);
|
||||
}
|
||||
|
@ -2600,7 +2598,7 @@ dir_glob_options(VALUE opt, VALUE *base, int *flags)
|
|||
}
|
||||
#endif
|
||||
else {
|
||||
GlobPathValue(args[0], TRUE);
|
||||
FilePathValue(args[0]);
|
||||
if (!RSTRING_LEN(args[0])) args[0] = Qnil;
|
||||
*base = args[0];
|
||||
}
|
||||
|
@ -3185,7 +3183,7 @@ rb_dir_s_empty_p(VALUE obj, VALUE dirname)
|
|||
const char *path;
|
||||
enum {false_on_notdir = 1};
|
||||
|
||||
GlobPathValue(dirname, FALSE);
|
||||
FilePathValue(dirname);
|
||||
orig = rb_str_dup_frozen(dirname);
|
||||
dirname = rb_str_encode_ospath(dirname);
|
||||
dirname = rb_str_dup_frozen(dirname);
|
||||
|
|
|
@ -156,6 +156,9 @@ class TestDir < Test::Unit::TestCase
|
|||
open(File.join(@root, "}}a"), "wb") {}
|
||||
assert_equal(%w(}}{} }}a).map {|f| File.join(@root, f)}, Dir.glob(File.join(@root, '}}{\{\},a}')))
|
||||
assert_equal(%w(}}{} }}a b c).map {|f| File.join(@root, f)}, Dir.glob(File.join(@root, '{\}\}{\{\},a},b,c}')))
|
||||
assert_raise(ArgumentError) {
|
||||
Dir.glob([[@root, File.join(@root, "*")].join("\0")])
|
||||
}
|
||||
end
|
||||
|
||||
def test_glob_recursive
|
||||
|
@ -229,21 +232,25 @@ class TestDir < Test::Unit::TestCase
|
|||
def test_entries
|
||||
assert_entries(Dir.open(@root) {|dir| dir.entries})
|
||||
assert_entries(Dir.entries(@root).to_a)
|
||||
assert_raise(ArgumentError) {Dir.entries(@root+"\0")}
|
||||
end
|
||||
|
||||
def test_foreach
|
||||
assert_entries(Dir.open(@root) {|dir| dir.each.to_a})
|
||||
assert_entries(Dir.foreach(@root).to_a)
|
||||
assert_raise(ArgumentError) {Dir.foreach(@root+"\0").to_a}
|
||||
end
|
||||
|
||||
def test_children
|
||||
assert_entries(Dir.open(@root) {|dir| dir.children}, true)
|
||||
assert_entries(Dir.children(@root), true)
|
||||
assert_raise(ArgumentError) {Dir.children(@root+"\0")}
|
||||
end
|
||||
|
||||
def test_each_child
|
||||
assert_entries(Dir.open(@root) {|dir| dir.each_child.to_a}, true)
|
||||
assert_entries(Dir.each_child(@root).to_a, true)
|
||||
assert_raise(ArgumentError) {Dir.each_child(@root+"\0").to_a}
|
||||
end
|
||||
|
||||
def test_dir_enc
|
||||
|
@ -400,6 +407,7 @@ class TestDir < Test::Unit::TestCase
|
|||
end
|
||||
assert_raise(Errno::ENOENT) {Dir.empty?(@nodir)}
|
||||
assert_not_send([Dir, :empty?, File.join(@root, "b")])
|
||||
assert_raise(ArgumentError) {Dir.empty?(@root+"\0")}
|
||||
end
|
||||
|
||||
def test_glob_gc_for_fd
|
||||
|
|
Loading…
Reference in a new issue