ruby-changes:57269
From: usa <ko1@a...>
Date: Mon, 26 Aug 2019 23:37:43 +0900 (JST)
Subject: [ruby-changes:57269] usa: 920b6e156d (ruby_2_5): merge revision(s) a15f7dd1fb1148c3d586238ee6907875f2e40379: [Backport #15803]
https://git.ruby-lang.org/ruby.git/commit/?id=920b6e156d From 920b6e156d4e452ec1c3551fc2b77d8a06646f75 Mon Sep 17 00:00:00 2001 From: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> Date: Mon, 26 Aug 2019 14:37:29 +0000 Subject: merge revision(s) a15f7dd1fb1148c3d586238ee6907875f2e40379: [Backport #15803] Always mark the string returned by File.realpath as tainted This string can include elements that were not in either string passed to File.realpath, even if one of the strings is an absolute path, due to symlinks: ```ruby Dir.mkdir('b') unless File.directory?('b') File.write('b/a', '') unless File.file?('b/a') File.symlink('b', 'c') unless File.symlink?('c') path = File.realpath('c/a'.untaint, Dir.pwd.untaint) path # "/home/testr/ruby/b/a" path.tainted? # should be true, as 'b' comes from file system ``` [Bug #15803] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@67755 b2dd03c8-39d4-4d8f-98ff-823fe69b080e diff --git a/file.c b/file.c index b9e7a83..3bf092c 100644 --- a/file.c +++ b/file.c @@ -4145,7 +4145,7 @@ rb_check_realpath_internal(VALUE basedir, VALUE path, enum rb_realpath_mode mode https://github.com/ruby/ruby/blob/trunk/file.c#L4145 } } - OBJ_INFECT(resolved, unresolved_path); + rb_obj_taint(resolved); RB_GC_GUARD(unresolved_path); RB_GC_GUARD(curdir); return resolved; diff --git a/test/ruby/test_file.rb b/test/ruby/test_file.rb index ea03b59..9a795ee 100644 --- a/test/ruby/test_file.rb +++ b/test/ruby/test_file.rb @@ -298,7 +298,7 @@ class TestFile < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/ruby/test_file.rb#L298 assert_predicate(File.realpath(base, dir), :tainted?) base.untaint dir.untaint - assert_not_predicate(File.realpath(base, dir), :tainted?) + assert_predicate(File.realpath(base, dir), :tainted?) assert_predicate(Dir.chdir(dir) {File.realpath(base)}, :tainted?) } end diff --git a/version.h b/version.h index 142ea40..f9e5d38 100644 --- a/version.h +++ b/version.h @@ -1,6 +1,6 @@ https://github.com/ruby/ruby/blob/trunk/version.h#L1 #define RUBY_VERSION "2.5.6" #define RUBY_RELEASE_DATE "2019-08-26" -#define RUBY_PATCHLEVEL 174 +#define RUBY_PATCHLEVEL 175 #define RUBY_RELEASE_YEAR 2019 #define RUBY_RELEASE_MONTH 8 -- cgit v0.10.2 -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/