diff options
| author | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-07-25 23:11:57 +0000 |
|---|---|---|
| committer | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-07-25 23:11:57 +0000 |
| commit | c2ce9eb9d88593870f68f5476ecc20cff99669db (patch) | |
| tree | 5854965142188d2a9b21650d2f409f6f5491d5eb /test/ruby | |
| parent | f5022fcf06982ab54fbf32848e3ae6d3234f070d (diff) | |
| download | ruby-c2ce9eb9d88593870f68f5476ecc20cff99669db.tar.gz | |
merge revision(s) a15f7dd1fb1148c3d586238ee6907875f2e40379: [Backport #15803]
Always mark the string returned by File.realpath as tainted
This string can include elements that were not in either string
passed to File.realpath, even if one of the strings is an
absolute path, due to symlinks:
```ruby
Dir.mkdir('b') unless File.directory?('b')
File.write('b/a', '') unless File.file?('b/a')
File.symlink('b', 'c') unless File.symlink?('c')
path = File.realpath('c/a'.untaint, Dir.pwd.untaint)
path # "/home/testr/ruby/b/a"
path.tainted? # should be true, as 'b' comes from file system
```
[Bug #15803]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67713 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/ruby')
| -rw-r--r-- | test/ruby/test_file.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/test/ruby/test_file.rb b/test/ruby/test_file.rb index 5e9574cf32..36c154d36c 100644 --- a/test/ruby/test_file.rb +++ b/test/ruby/test_file.rb @@ -298,7 +298,7 @@ class TestFile < Test::Unit::TestCase assert_predicate(File.realpath(base, dir), :tainted?) base.untaint dir.untaint - assert_not_predicate(File.realpath(base, dir), :tainted?) + assert_predicate(File.realpath(base, dir), :tainted?) assert_predicate(Dir.chdir(dir) {File.realpath(base)}, :tainted?) } end |