Skip to content

Commit bd5661a

Browse files
nobunobu
committed
dir.c: check NUL bytes
* dir.c (GlobPathValue): should be used in rb_push_glob only. other methods should use FilePathValue. https://hackerone.com/reports/302338 * dir.c (rb_push_glob): expand GlobPathValue git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62989 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
1 parent 22a4e6a commit bd5661a

File tree

2 files changed

+20
-14
lines changed

2 files changed

+20
-14
lines changed

dir.c

+12-14
Original file line numberDiff line numberDiff line change
@@ -472,15 +472,6 @@ static const rb_data_type_t dir_data_type = {
472472

473473
static VALUE dir_close(VALUE);
474474

475-
#define GlobPathValue(str, safe) \
476-
/* can contain null bytes as separators */ \
477-
(!RB_TYPE_P((str), T_STRING) ? \
478-
(void)FilePathValue(str) : \
479-
(void)(check_safe_glob((str), (safe)), \
480-
check_glob_encoding(str), (str)))
481-
#define check_safe_glob(str, safe) ((safe) ? rb_check_safe_obj(str) : (void)0)
482-
#define check_glob_encoding(str) rb_enc_check((str), rb_enc_from_encoding(rb_usascii_encoding()))
483-
484475
static VALUE
485476
dir_s_alloc(VALUE klass)
486477
{
@@ -551,7 +542,7 @@ dir_initialize(int argc, VALUE *argv, VALUE dir)
551542
}
552543
}
553544

554-
GlobPathValue(dirname, FALSE);
545+
FilePathValue(dirname);
555546
orig = rb_str_dup_frozen(dirname);
556547
dirname = rb_str_encode_ospath(dirname);
557548
dirname = rb_str_dup_frozen(dirname);
@@ -2545,7 +2536,14 @@ rb_push_glob(VALUE str, VALUE base, int flags) /* '\0' is delimiter */
25452536
long offset = 0;
25462537
VALUE ary;
25472538

2548-
GlobPathValue(str, TRUE);
2539+
/* can contain null bytes as separators */
2540+
if (!RB_TYPE_P((str), T_STRING)) {
2541+
FilePathValue(str);
2542+
}
2543+
else {
2544+
rb_check_safe_obj(str);
2545+
rb_enc_check(str, rb_enc_from_encoding(rb_usascii_encoding()));
2546+
}
25492547
ary = rb_ary_new();
25502548

25512549
while (offset < RSTRING_LEN(str)) {
@@ -2575,7 +2573,7 @@ dir_globs(long argc, const VALUE *argv, VALUE base, int flags)
25752573
for (i = 0; i < argc; ++i) {
25762574
int status;
25772575
VALUE str = argv[i];
2578-
GlobPathValue(str, TRUE);
2576+
FilePathValue(str);
25792577
status = push_glob(ary, str, base, flags);
25802578
if (status) GLOB_JUMP_TAG(status);
25812579
}
@@ -2600,7 +2598,7 @@ dir_glob_options(VALUE opt, VALUE *base, int *flags)
26002598
}
26012599
#endif
26022600
else {
2603-
GlobPathValue(args[0], TRUE);
2601+
FilePathValue(args[0]);
26042602
if (!RSTRING_LEN(args[0])) args[0] = Qnil;
26052603
*base = args[0];
26062604
}
@@ -3185,7 +3183,7 @@ rb_dir_s_empty_p(VALUE obj, VALUE dirname)
31853183
const char *path;
31863184
enum {false_on_notdir = 1};
31873185

3188-
GlobPathValue(dirname, FALSE);
3186+
FilePathValue(dirname);
31893187
orig = rb_str_dup_frozen(dirname);
31903188
dirname = rb_str_encode_ospath(dirname);
31913189
dirname = rb_str_dup_frozen(dirname);

test/ruby/test_dir.rb

+8
Original file line numberDiff line numberDiff line change
@@ -156,6 +156,9 @@ def test_glob
156156
open(File.join(@root, "}}a"), "wb") {}
157157
assert_equal(%w(}}{} }}a).map {|f| File.join(@root, f)}, Dir.glob(File.join(@root, '}}{\{\},a}')))
158158
assert_equal(%w(}}{} }}a b c).map {|f| File.join(@root, f)}, Dir.glob(File.join(@root, '{\}\}{\{\},a},b,c}')))
159+
assert_raise(ArgumentError) {
160+
Dir.glob([[@root, File.join(@root, "*")].join("\0")])
161+
}
159162
end
160163

161164
def test_glob_recursive
@@ -229,21 +232,25 @@ def assert_entries(entries, children_only = false)
229232
def test_entries
230233
assert_entries(Dir.open(@root) {|dir| dir.entries})
231234
assert_entries(Dir.entries(@root).to_a)
235+
assert_raise(ArgumentError) {Dir.entries(@root+"\0")}
232236
end
233237

234238
def test_foreach
235239
assert_entries(Dir.open(@root) {|dir| dir.each.to_a})
236240
assert_entries(Dir.foreach(@root).to_a)
241+
assert_raise(ArgumentError) {Dir.foreach(@root+"\0").to_a}
237242
end
238243

239244
def test_children
240245
assert_entries(Dir.open(@root) {|dir| dir.children}, true)
241246
assert_entries(Dir.children(@root), true)
247+
assert_raise(ArgumentError) {Dir.children(@root+"\0")}
242248
end
243249

244250
def test_each_child
245251
assert_entries(Dir.open(@root) {|dir| dir.each_child.to_a}, true)
246252
assert_entries(Dir.each_child(@root).to_a, true)
253+
assert_raise(ArgumentError) {Dir.each_child(@root+"\0").to_a}
247254
end
248255

249256
def test_dir_enc
@@ -400,6 +407,7 @@ def test_empty?
400407
end
401408
assert_raise(Errno::ENOENT) {Dir.empty?(@nodir)}
402409
assert_not_send([Dir, :empty?, File.join(@root, "b")])
410+
assert_raise(ArgumentError) {Dir.empty?(@root+"\0")}
403411
end
404412

405413
def test_glob_gc_for_fd

0 commit comments

Comments
 (0)