From c03e220cf30d9f4cd8a1cb3d8ebb2d779862c0bc Mon Sep 17 00:00:00 2001
From: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Thu, 29 Jul 2010 23:51:53 +0000
Subject: [PATCH] * file.c (file_expand_path): home directory must be absolute.
   [ruby-core:31537]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@28796 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog                         |  5 +++++
 file.c                            | 16 +++++++++++++---
 test/ruby/test_file_exhaustive.rb | 12 ++++++++++++
 3 files changed, 30 insertions(+), 3 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 3e5afa754e..5afcd733d6 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Fri Jul 30 08:51:51 2010  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* file.c (file_expand_path): home directory must be absolute.
+	  [ruby-core:31537]
+
 Fri Jul 30 08:33:20 2010  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* file.c (file_expand_path): should check if could find user.
diff --git a/file.c b/file.c
index 5abb72ddb8..58cefc39a4 100644
--- a/file.c
+++ b/file.c
@@ -2512,6 +2512,7 @@ file_expand_path(fname, dname, result)
     tainted = OBJ_TAINTED(fname);
 
     if (s[0] == '~') {
+	long userlen = 0;
 	if (isdirsep(s[1]) || s[1] == '\0') {
 	    const char *dir = getenv("HOME");
 
@@ -2539,9 +2540,10 @@ file_expand_path(fname, dname, result)
 	    s++;
 #endif
 	    s = nextdirsep(b = s);
-	    BUFCHECK(bdiff + (s-b) >= buflen);
-	    memcpy(p, b, s-b);
-	    p += s-b;
+	    userlen = s - b;
+	    BUFCHECK(bdiff + userlen >= buflen);
+	    memcpy(p, b, userlen);
+	    p += userlen;
 	    *p = '\0';
 #ifdef HAVE_PWD_H
 	    pwPtr = getpwnam(buf);
@@ -2558,6 +2560,14 @@ file_expand_path(fname, dname, result)
 	    rb_raise(rb_eArgError, "can't find user %s", buf);
 #endif
 	}
+	if (!is_absolute_path(RSTRING_PTR(result))) {
+	    if (userlen) {
+		rb_raise(rb_eArgError, "non-absolute home of %.*s", userlen, s);
+	    }
+	    else {
+		rb_raise(rb_eArgError, "non-absolute home");
+	    }
+	}
     }
 #ifdef DOSISH_DRIVE_LETTER
     /* skip drive letter */
diff --git a/test/ruby/test_file_exhaustive.rb b/test/ruby/test_file_exhaustive.rb
index 22039bafc4..7d3169cc81 100644
--- a/test/ruby/test_file_exhaustive.rb
+++ b/test/ruby/test_file_exhaustive.rb
@@ -356,6 +356,18 @@ class TestFileExhaustive < Test::Unit::TestCase
     assert_kind_of(String, File.expand_path("~"))
     assert_raise(ArgumentError) { File.expand_path("~foo_bar_baz_unknown_user_wahaha") }
     assert_raise(ArgumentError) { File.expand_path("~foo_bar_baz_unknown_user_wahaha", "/") }
+    begin
+      bug3630 = '[ruby-core:31537]'
+      home = ENV["HOME"]
+      ENV["HOME"] = nil
+      assert_raise(ArgumentError) { File.expand_path("~") }
+      ENV["HOME"] = "~"
+      assert_raise(ArgumentError, bug3630) { File.expand_path("~") }
+      ENV["HOME"] = "."
+      assert_raise(ArgumentError, bug3630) { File.expand_path("~") }
+    ensure
+      ENV["HOME"] = home
+    end
   end
 
   def test_basename