https://git.ruby-lang.org/ruby.git/commit/?id=e9a4cc02b4

From e9a4cc02b491fc8a2936f51b9f94ddcd77dd67f7 Mon Sep 17 00:00:00 2001
From: Yusuke Endoh <mame@r...>
Date: Tue, 4 Jan 2022 23:18:34 +0900
Subject: [ruby/error_highlight] Add a test to check if it is robust against a
 spoofed filename

Previously, RubyVM::AST.of opened a wrong file if the iseq's file path is spoofed.

```
module Dummy
  binding.irb
end
```

```
$ ruby test.rb

From: test.rb @ line 2 :

    1: module Dummy
 => 2:   binding.irb
    3: end

irb(Dummy):001:0> foo
/home/mame/work/ruby/local/lib/ruby/3.1.0/error_highlight/base.rb:412:in `spot_colon2': undefined method `last_lineno' for nil:NilClass (NoMethodError)

      if nd_parent.last_lineno == @node.last_lineno
                  ^^^^^^^^^^^^
```

Found by @kateinoigakukun

This issue is already fixed in the interpreter side.
This change just adds a test for the case.

https://github.com/ruby/error_highlight/commit/f3626b9032
---
 test/error_highlight/test_error_highlight.rb | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/test/error_highlight/test_error_highlight.rb b/test/error_highlight/test_error_highlight.rb
index d31e394e780..a3cc7aa1496 100644
--- a/test/error_highlight/test_error_highlight.rb
+++ b/test/error_highlight/test_error_highlight.rb
@@ -1207,4 +1207,21 @@ undefined method `foo' for nil:NilClass https://github.com/ruby/ruby/blob/trunk/test/error_highlight/test_error_highlight.rb#L1207
     end
   end
 
+  def test_spoofed_filename
+    Tempfile.create(["error_highlight_test", ".rb"], binmode: true) do |tmp|
+      tmp << "module Dummy\nend\n"
+      tmp.close
+
+      assert_error_message(NameError, <<~END) do
+        undefined local variable or method `foo' for "dummy":String
+      END
+
+        "dummy".instance_eval do
+          eval <<-END, nil, tmp.path
+            foo
+          END
+        end
+      end
+    end
+  end
 end
-- 
cgit v1.2.1


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/