Skip to content

Commit

Permalink
load.c : add String's subclass to prevent double expansion of load path.
Browse files Browse the repository at this point in the history
  • Loading branch information
@funny-falcon
funny-falcon committed Mar 31, 2012
1 parent a8a212a commit 98bbe30
Show file tree
Hide file tree
Showing 3 changed files with 20 additions and 0 deletions.
14 changes: 14 additions & 0 deletions file.c
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -167,6 +167,10 @@ rb_get_path_check(VALUE obj, int level)
} }
StringValue(tmp); StringValue(tmp);


if (RBASIC(obj)->klass == rb_cExpandedPath) {
return obj;
}

tmp = file_path_convert(tmp); tmp = file_path_convert(tmp);
if (obj != tmp && insecure_obj_p(tmp, level)) { if (obj != tmp && insecure_obj_p(tmp, level)) {
rb_insecure_operation(); rb_insecure_operation();
Expand Down Expand Up @@ -2904,6 +2908,16 @@ file_expand_path(VALUE fname, VALUE dname, int abs_mode, VALUE result)
BUFINIT(); BUFINIT();
tainted = OBJ_TAINTED(fname); tainted = OBJ_TAINTED(fname);


if (RBASIC(fname)->klass == rb_cExpandedPath) {
size_t dlen = RSTRING_LEN(fname);
BUFCHECK(dlen > buflen);
strncpy(buf, RSTRING_PTR(fname), dlen + 1);
rb_str_set_len(result, dlen);
rb_enc_associate(result, rb_enc_check(result, fname));
ENC_CODERANGE_CLEAR(result);
return result;
}

if (s[0] == '~' && abs_mode == 0) { /* execute only if NOT absolute_path() */ if (s[0] == '~' && abs_mode == 0) { /* execute only if NOT absolute_path() */
long userlen = 0; long userlen = 0;
tainted = 1; tainted = 1;
Expand Down
1 change: 1 addition & 0 deletions internal.h
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -120,6 +120,7 @@ VALUE rb_get_load_path(void);
NORETURN(void rb_load_fail(VALUE, const char*)); NORETURN(void rb_load_fail(VALUE, const char*));
void rb_reset_expanded_cache(); void rb_reset_expanded_cache();
void rb_load_path_ary_push(VALUE path); void rb_load_path_ary_push(VALUE path);
extern VALUE rb_cExpandedPath;


/* math.c */ /* math.c */
VALUE rb_math_atan2(VALUE, VALUE); VALUE rb_math_atan2(VALUE, VALUE);
Expand Down
5 changes: 5 additions & 0 deletions load.c
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -32,6 +32,7 @@ static VALUE rb_checked_expanded_cache(int*);
static void rb_set_expanded_cache(VALUE, int); static void rb_set_expanded_cache(VALUE, int);
static VALUE rb_expand_load_paths(long, VALUE*, int*); static VALUE rb_expand_load_paths(long, VALUE*, int*);
static int cached_expanded_load_path = 1; static int cached_expanded_load_path = 1;
VALUE rb_cExpandedPath;


VALUE VALUE
rb_get_expanded_load_path(void) rb_get_expanded_load_path(void)
Expand Down Expand Up @@ -900,6 +901,7 @@ rb_expand_load_paths(long pathc, VALUE* paths, int *has_relative)
p = RSTRING_PTR(path); p = RSTRING_PTR(path);
*has_relative = *has_relative || !rb_is_absolute_path(p); *has_relative = *has_relative || !rb_is_absolute_path(p);
path = rb_file_expand_path(path, Qnil); path = rb_file_expand_path(path, Qnil);
RBASIC(path)->klass = rb_cExpandedPath;
rb_str_freeze(path); rb_str_freeze(path);
rb_ary_push(expanded, path); rb_ary_push(expanded, path);
} }
Expand Down Expand Up @@ -992,6 +994,9 @@ rb_load_path_init(void)
cached_expanded_load_path = atoi(cached_flag); cached_expanded_load_path = atoi(cached_flag);
} }


rb_cExpandedPath = rb_class_new(rb_cString); /* XXX could GC collect it before next line is executed? */
rb_iv_set(rb_cFile, "expanded_path", rb_cExpandedPath); /* prevent from GC */

/* Do all the magick if user did not disable it /* Do all the magick if user did not disable it
* with RUBY_CACHED_LOAD_PATH=0 environment variable * with RUBY_CACHED_LOAD_PATH=0 environment variable
*/ */
Expand Down

0 comments on commit 98bbe30

Please sign in to comment.