diff options
author | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-10-01 10:59:35 +0000 |
---|---|---|
committer | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2019-10-01 10:59:35 +0000 |
commit | d6adc68dc9c74a33b3ca012af171e2d59f0dea10 (patch) | |
tree | 02733c38f0e7b130bfa050f769d6309a6562979a | |
parent | 8d5d5d5609e94b4ab75512c8d036d049fd1af6c2 (diff) |
lib/shell/command-processor.rb (Shell#[]): prevent unknown command
`FileTest.send(command, ...)` allows to call not only FileTest-related
methods but also any method that belongs to Kernel, Object, etc.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67810 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | lib/shell/command-processor.rb | 3 | ||||
-rw-r--r-- | test/shell/test_command_processor.rb | 18 | ||||
-rw-r--r-- | version.h | 2 |
3 files changed, 22 insertions, 1 deletions
diff --git a/lib/shell/command-processor.rb b/lib/shell/command-processor.rb index 00357e06fd..82af76dd5e 100644 --- a/lib/shell/command-processor.rb +++ b/lib/shell/command-processor.rb @@ -180,6 +180,9 @@ class Shell top_level_test(command, file1) end else + unless FileTest.methods(false).include?(command.to_sym) + raise "unsupported command: #{ command }" + end if file2 FileTest.send(command, file1, file2) else diff --git a/test/shell/test_command_processor.rb b/test/shell/test_command_processor.rb index d0bcf8e349..7e1aa5bce7 100644 --- a/test/shell/test_command_processor.rb +++ b/test/shell/test_command_processor.rb @@ -68,6 +68,24 @@ class TestShell::CommandProcessor < Test::Unit::TestCase Dir.rmdir(path) end + def test_test + name = "foo#{exeext}" + path = File.join(@tmpdir, name) + open(path, "w", 0644) {} + + assert_equal(true, @shell[?e, path]) + assert_equal(true, @shell[:e, path]) + assert_equal(true, @shell["e", path]) + assert_equal(true, @shell[:exist?, path]) + assert_equal(true, @shell["exist?", path]) + assert_raise_with_message(RuntimeError, /unsupported command/) do + assert_equal(true, @shell[:instance_eval, path]) + end + ensure + Process.waitall + File.unlink(path) + end + def test_option_type name = 'foo.cmd' path = File.join(@tmpdir, name) @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.6.5" #define RUBY_RELEASE_DATE RUBY_RELEASE_YEAR_STR"-"RUBY_RELEASE_MONTH_STR"-"RUBY_RELEASE_DAY_STR -#define RUBY_PATCHLEVEL 113 +#define RUBY_PATCHLEVEL 114 #define RUBY_RELEASE_YEAR 2019 #define RUBY_RELEASE_MONTH 10 |