ruby-changes:58727
From: Yusuke <ko1@a...>
Date: Tue, 12 Nov 2019 08:42:27 +0900 (JST)
Subject: [ruby-changes:58727] 2407e89725 (master): Revert "Use untaint for File.symlink in kernel_require.rb"
https://git.ruby-lang.org/ruby.git/commit/?id=2407e89725 From 2407e8972561143b34970fb5d9095be32676c685 Mon Sep 17 00:00:00 2001 From: Yusuke Endoh <mame@r...> Date: Tue, 12 Nov 2019 08:39:38 +0900 Subject: Revert "Use untaint for File.symlink in kernel_require.rb" This reverts commit d9978ce5d397866afae536db2aa708af3b7a4b2f. Untaint was tentatively restored due to test failures. But now, the failed tests have been removed, so we can revert the tentative fix. diff --git a/lib/rubygems/core_ext/kernel_require.rb b/lib/rubygems/core_ext/kernel_require.rb index ae0254b..944bb93 100644 --- a/lib/rubygems/core_ext/kernel_require.rb +++ b/lib/rubygems/core_ext/kernel_require.rb @@ -41,10 +41,7 @@ module Kernel https://github.com/ruby/ruby/blob/trunk/lib/rubygems/core_ext/kernel_require.rb#L41 resolved_path = begin rp = nil $LOAD_PATH[0...Gem.load_path_insert_index || -1].each do |lp| - # TODO: - # for test_require.rb of ruby core test suite - # We should use Gem::UNTAINT after https://bugs.ruby-lang.org/issues/16131 - safe_lp = lp.dup.untaint + safe_lp = lp.dup.tap(&Gem::UNTAINT) begin if File.symlink? safe_lp # for backword compatibility next -- cgit v0.10.2 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/