nobu	2017-11-01 10:51:57 +0900 (Wed, 01 Nov 2017)

  New Revision: 60596

  https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=60596

  Log:
    file.c: infect from arguments
    
    * file.c (rb_check_realpath_internal): infetct the result with
      arguments, no taint if none are tainted and cwd is not used.
      [ruby-core:83583] [Bug #14060]

  Modified files:
    trunk/file.c
    trunk/test/ruby/test_file.rb
Index: test/ruby/test_file.rb
===================================================================
--- test/ruby/test_file.rb	(revision 60595)
+++ test/ruby/test_file.rb	(revision 60596)
@@ -283,6 +283,23 @@ class TestFile < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_file.rb#L283
     }
   end
 
+  def test_realpath_taintedness
+    Dir.mktmpdir('rubytest-realpath') {|tmpdir|
+      realdir = File.realpath(tmpdir)
+      assert_predicate(realdir, :tainted?)
+      dir, base = File.split(realdir)
+      assert_predicate(File.realpath(base, dir), :tainted?)
+      base.untaint
+      assert_predicate(File.realpath(base, dir), :tainted?)
+      base.taint
+      dir.untaint
+      assert_predicate(File.realpath(base, dir), :tainted?)
+      base.untaint
+      assert_not_predicate(File.realpath(base, dir), :tainted?)
+      assert_predicate(Dir.chdir(dir) {File.realpath(base)}, :tainted?)
+    }
+  end
+
   def test_realdirpath
     Dir.mktmpdir('rubytest-realdirpath') {|tmpdir|
       realdir = File.realpath(tmpdir)
Index: file.c
===================================================================
--- file.c	(revision 60595)
+++ file.c	(revision 60596)
@@ -4086,7 +4086,7 @@ rb_check_realpath_internal(VALUE basedir https://github.com/ruby/ruby/blob/trunk/file.c#L4086
 	}
     }
 
-    OBJ_TAINT(resolved);
+    OBJ_INFECT(resolved, unresolved_path);
     RB_GC_GUARD(unresolved_path);
     RB_GC_GUARD(curdir);
     return resolved;

--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/