summaryrefslogtreecommitdiff
path: root/lib/rubygems/core_ext/kernel_require.rb
diff options
context:
space:
mode:
Diffstat (limited to 'lib/rubygems/core_ext/kernel_require.rb')
-rwxr-xr-xlib/rubygems/core_ext/kernel_require.rb4
1 files changed, 3 insertions, 1 deletions
diff --git a/lib/rubygems/core_ext/kernel_require.rb b/lib/rubygems/core_ext/kernel_require.rb
index 5986e356bc..cbd92588c0 100755
--- a/lib/rubygems/core_ext/kernel_require.rb
+++ b/lib/rubygems/core_ext/kernel_require.rb
@@ -39,8 +39,10 @@ module Kernel
resolved_path = begin
rp = nil
$LOAD_PATH[0...Gem.load_path_insert_index || -1].each do |lp|
+ safe_lp = lp.dup.untaint
+ next if File.symlink? safe_lp
Gem.suffixes.each do |s|
- full_path = File.expand_path(File.join(lp, "#{path}#{s}").untaint)
+ full_path = File.expand_path(File.join(safe_lp, "#{path}#{s}"))
if File.file?(full_path)
rp = full_path
break
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-23 13:42:05 +0000