52 lines
1.5 KiB
Diff
52 lines
1.5 KiB
Diff
From a7f5d6ab88632b3b482fe10611382ff73d14eed7 Mon Sep 17 00:00:00 2001
|
|
From: aycabta <aycabta@gmail.com>
|
|
Date: Sun, 2 May 2021 20:52:23 +0900
|
|
Subject: [PATCH] Use File.open to fix the OS Command Injection vulnerability
|
|
in CVE-2021-31799
|
|
|
|
Reference:https://github.com/ruby/rdoc/commit/a7f5d6ab88632b3b482fe10611382ff73d14eed7
|
|
---
|
|
lib/rdoc/rdoc.rb | 2 +-
|
|
test/rdoc/test_rdoc_rdoc.rb | 12 ++++++++++++
|
|
2 files changed, 13 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
|
|
index 68775c8..0095eb7 100644
|
|
--- a/lib/rdoc/rdoc.rb
|
|
+++ b/lib/rdoc/rdoc.rb
|
|
@@ -433,7 +433,7 @@ The internal error was:
|
|
files.reject do |file|
|
|
file =~ /\.(?:class|eps|erb|scpt\.txt|svg|ttf|yml)$/i or
|
|
(file =~ /tags$/i and
|
|
- open(file, 'rb') { |io|
|
|
+ File.open(file, 'rb') { |io|
|
|
io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/
|
|
})
|
|
end
|
|
diff --git a/test/rdoc/test_rdoc_rdoc.rb b/test/rdoc/test_rdoc_rdoc.rb
|
|
index bd47943..07541df 100644
|
|
--- a/test/rdoc/test_rdoc_rdoc.rb
|
|
+++ b/test/rdoc/test_rdoc_rdoc.rb
|
|
@@ -366,6 +366,18 @@ class TestRDocRDoc < RDoc::TestCase
|
|
end
|
|
end
|
|
|
|
+ def test_remove_unparseable_CVE_2021_31799
|
|
+ temp_dir do
|
|
+ file_list = ['| touch evil.txt && echo tags']
|
|
+ file_list.each do |f|
|
|
+ FileUtils.touch f
|
|
+ end
|
|
+
|
|
+ assert_equal file_list, @rdoc.remove_unparseable(file_list)
|
|
+ assert_equal file_list, Dir.children('.')
|
|
+ end
|
|
+ end
|
|
+
|
|
def test_setup_output_dir
|
|
Dir.mktmpdir {|d|
|
|
path = File.join d, 'testdir'
|
|
--
|
|
1.8.3.1
|
|
|