Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make filepaths with null byte fail #2583

Merged
merged 1 commit into from Feb 11, 2015

Conversation

Projects
None yet
2 participants
@lumeet
Copy link
Contributor

commented Feb 9, 2015

This patch applies to several methods that deal with filepaths in Dir,
File, File::Stat, IO, and Kernel. All of these methods now raise an
argument error if a null byte is detected in a path argument.

Some of these methods are also slightly refactored, mostly by replacing
context.runtime with just runtime where applicable.

MRI uses StringValueCstr extensively for this purpose. In JRuby StringSupport.checkEmbeddedNulls seems to do the same job unless I've missed something.

After http://jira.codehaus.org/browse/JRUBY-4828, at least File.read raised a SecurityError with the same message but the current 1.7 branch doesn't seem to have any of these checks.

Make filepaths with null byte fail
This patch applies to several methods that deal with filepaths in Dir,
File, File::Stat, IO, and Kernel. All of these methods now raise an
argument error if a null byte is detected in a path argument.

Some of these methods are also slightly refactored, mostly by replacing
context.runtime with just runtime where applicable.

@enebo enebo added this to the 9.0.0.0.pre2 milestone Feb 11, 2015

enebo added a commit that referenced this pull request Feb 11, 2015

Merge pull request #2583 from lumeet/filename_with_null_byte
Make filepaths with null byte fail

@enebo enebo merged commit ab22fca into jruby:master Feb 11, 2015

1 check passed

continuous-integration/travis-ci The Travis CI build passed
Details

@lumeet lumeet deleted the lumeet:filename_with_null_byte branch Feb 11, 2015

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.