From 94e6598969b76d613188ae9015e5d02f31c622a0 Mon Sep 17 00:00:00 2001
From: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Mon, 27 Aug 2018 14:15:43 +0000
Subject: merge revision(s) 64071: [Backport #14941]

	ruby.c: taint ARGV on Windows

	* ruby.c (external_str_new_cstr): strings come from the external
	  should be tainted.  [ruby-dev:50596] [Bug #14941]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64563 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ruby.c                        | 4 +++-
 test/ruby/test_rubyoptions.rb | 7 +++++++
 version.h                     | 2 +-
 3 files changed, 11 insertions(+), 2 deletions(-)

diff --git a/ruby.c b/ruby.c
index 4782390a99..1e2579c556 100644
--- a/ruby.c
+++ b/ruby.c
@@ -2069,7 +2069,9 @@ external_str_new_cstr(const char *p)
 {
 #if UTF8_PATH
     VALUE str = rb_utf8_str_new_cstr(p);
-    return str_conv_enc(str, NULL, rb_default_external_encoding());
+    str = str_conv_enc(str, NULL, rb_default_external_encoding());
+    OBJ_TAINT_RAW(str);
+    return str;
 #else
     return rb_external_str_new_cstr(p);
 #endif
diff --git a/test/ruby/test_rubyoptions.rb b/test/ruby/test_rubyoptions.rb
index 1ea1115aa5..d6db01e6a0 100644
--- a/test/ruby/test_rubyoptions.rb
+++ b/test/ruby/test_rubyoptions.rb
@@ -920,4 +920,11 @@ class TestRubyOptions < Test::Unit::TestCase
       end
     end
   end
+
+  def test_argv_tainted
+    assert_separately(%w[- arg], "#{<<~"begin;"}\n#{<<~'end;'}")
+    begin;
+      assert_predicate(ARGV[0], :tainted?, '[ruby-dev:50596] [Bug #14941]')
+    end;
+  end
 end
diff --git a/version.h b/version.h
index a668c14354..57f5b7ff15 100644
--- a/version.h
+++ b/version.h
@@ -1,6 +1,6 @@
 #define RUBY_VERSION "2.4.5"
 #define RUBY_RELEASE_DATE "2018-08-27"
-#define RUBY_PATCHLEVEL 320
+#define RUBY_PATCHLEVEL 321
 
 #define RUBY_RELEASE_YEAR 2018
 #define RUBY_RELEASE_MONTH 8
-- 
cgit v1.2.3