ruby-changes:17209
From: nobu <ko1@a...>
Date: Fri, 10 Sep 2010 07:40:34 +0900 (JST)
Subject: [ruby-changes:17209] Ruby:r29209 (trunk): * ext/etc/etc.c (etc_systmpdir): assume system default tmpdir
nobu 2010-09-10 07:29:16 +0900 (Fri, 10 Sep 2010) New Revision: 29209 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=29209 Log: * ext/etc/etc.c (etc_systmpdir): assume system default tmpdir safe. [ruby-dev:42089] Modified files: trunk/ChangeLog trunk/ext/etc/etc.c trunk/test/test_tempfile.rb Index: ChangeLog =================================================================== --- ChangeLog (revision 29208) +++ ChangeLog (revision 29209) @@ -1,3 +1,8 @@ +Fri Sep 10 07:29:14 2010 Nobuyoshi Nakada <nobu@r...> + + * ext/etc/etc.c (etc_systmpdir): assume system default tmpdir + safe. [ruby-dev:42089] + Fri Sep 10 07:03:23 2010 Tanaka Akira <akr@f...> * ext/pathname/pathname.c (path_size_p): Pathname#size? translated from Index: ext/etc/etc.c =================================================================== --- ext/etc/etc.c (revision 29208) +++ ext/etc/etc.c (revision 29209) @@ -584,14 +584,17 @@ static VALUE etc_systmpdir(void) { + VALUE tmpdir; #ifdef _WIN32 WCHAR path[_MAX_PATH]; UINT len = rb_w32_system_tmpdir(path, numberof(path)); if (!len) return Qnil; - return rb_w32_conv_from_wchar(path, rb_filesystem_encoding()); + tmpdir = rb_w32_conv_from_wchar(path, rb_filesystem_encoding()); #else - return rb_filesystem_str_new_cstr("/tmp"); + tmpdir = rb_filesystem_str_new_cstr("/tmp"); #endif + FL_UNSET(tmpdir, FL_TAINT|FL_UNTRUSTED); + return tmpdir; } /* Index: test/test_tempfile.rb =================================================================== --- test/test_tempfile.rb (revision 29208) +++ test/test_tempfile.rb (revision 29209) @@ -30,6 +30,10 @@ def test_saves_in_dir_tmpdir_by_default t = tempfile("foo") assert_equal Dir.tmpdir, File.dirname(t.path) + bug3733 = '[ruby-dev:42089]' + assert_nothing_raised(SecurityError, bug3733) { + proc {$SAFE = 1; File.expand_path(Dir.tmpdir)}.call + } end def test_saves_in_given_directory -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/