diff options
| -rw-r--r-- | ChangeLog | 5 | ||||
| -rw-r--r-- | ext/etc/etc.c | 7 | ||||
| -rw-r--r-- | test/test_tempfile.rb | 4 |
3 files changed, 14 insertions, 2 deletions
@@ -1,3 +1,8 @@ +Fri Sep 10 07:29:14 2010 Nobuyoshi Nakada <nobu@ruby-lang.org> + + * ext/etc/etc.c (etc_systmpdir): assume system default tmpdir + safe. [ruby-dev:42089] + Fri Sep 10 07:03:23 2010 Tanaka Akira <akr@fsij.org> * ext/pathname/pathname.c (path_size_p): Pathname#size? translated from diff --git a/ext/etc/etc.c b/ext/etc/etc.c index 0a01acf47d..9f2b4590b6 100644 --- a/ext/etc/etc.c +++ b/ext/etc/etc.c @@ -584,14 +584,17 @@ etc_sysconfdir(VALUE obj) static VALUE etc_systmpdir(void) { + VALUE tmpdir; #ifdef _WIN32 WCHAR path[_MAX_PATH]; UINT len = rb_w32_system_tmpdir(path, numberof(path)); if (!len) return Qnil; - return rb_w32_conv_from_wchar(path, rb_filesystem_encoding()); + tmpdir = rb_w32_conv_from_wchar(path, rb_filesystem_encoding()); #else - return rb_filesystem_str_new_cstr("/tmp"); + tmpdir = rb_filesystem_str_new_cstr("/tmp"); #endif + FL_UNSET(tmpdir, FL_TAINT|FL_UNTRUSTED); + return tmpdir; } /* diff --git a/test/test_tempfile.rb b/test/test_tempfile.rb index b0c0703a6a..1055bd45d8 100644 --- a/test/test_tempfile.rb +++ b/test/test_tempfile.rb @@ -30,6 +30,10 @@ class TestTempfile < Test::Unit::TestCase def test_saves_in_dir_tmpdir_by_default t = tempfile("foo") assert_equal Dir.tmpdir, File.dirname(t.path) + bug3733 = '[ruby-dev:42089]' + assert_nothing_raised(SecurityError, bug3733) { + proc {$SAFE = 1; File.expand_path(Dir.tmpdir)}.call + } end def test_saves_in_given_directory |