Fixed command Injection

* resolv.rb (Resolv::Hosts#lazy_initialize): fixed potential command Injection in Hosts::new() by use of Kernel#open. [Fix GH-1777] [ruby-core:84347] [Bug #14205] From: Drigg3r <drigg3r@yandex.com> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61349 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-12-20 04:18:31 +0000
committer: nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-12-20 04:18:31 +0000
commit: e7464561b5151501beb356fc750d5dd1a88014f7 (patch)
tree: 15849a76283d2b8f31bf84085b0d1e5d47466f63 /lib
parent: 6df552eaee02153121c91b3c8e0671503f7ac1a2 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/resolv.rb b/lib/resolv.rb
index 1044b95e68..56183b837d 100644
--- a/lib/resolv.rb
+++ b/lib/resolv.rb
@@ -188,7 +188,7 @@ class Resolv
         unless @initialized
           @name2addr = {}
           @addr2name = {}
-          open(@filename, 'rb') {|f|
+          File.open(@filename, 'rb') {|f|
             f.each {|line|
               line.sub!(/#.*/, '')
               addr, hostname, *aliases = line.split(/\s+/)
author	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-12-20 04:18:31 +0000
committer	nobu <nobu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-12-20 04:18:31 +0000
commit	e7464561b5151501beb356fc750d5dd1a88014f7 (patch)
tree	15849a76283d2b8f31bf84085b0d1e5d47466f63 /lib
parent	6df552eaee02153121c91b3c8e0671503f7ac1a2 (diff)