File CVE-2021-31799.patch of Package ruby2.1.36279

Overview Repositories Revisions Requests Users Attributes Meta

File CVE-2021-31799.patch of Package ruby2.1.36279

From d2cdcc34171f89dce3670ce7640bd4bedf993426 Mon Sep 17 00:00:00 2001
From: Ali Abdallah <ali.abdallah@suse.com>
Date: Wed, 6 Oct 2021 17:31:15 +0200
Subject: [PATCH 4/4] Backport upstream fix for CVE-2021-31799

Backport upstream commit b1c73f239fe9af97de837331849f55d67c27561e

[ruby/rdoc] Use File.open to fix the OS Command Injection vulnerability
in CVE-2021-31799

https://github.com/ruby/rdoc/commit/a7f5d6ab88
---
 lib/rdoc/rdoc.rb            |  2 +-
 test/rdoc/test_rdoc_rdoc.rb | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
index b41434ba39..c111882554 100644
--- a/lib/rdoc/rdoc.rb
+++ b/lib/rdoc/rdoc.rb
@@ -433,7 +433,7 @@ The internal error was:
     files.reject do |file|
       file =~ /\.(?:class|eps|erb|scpt\.txt|ttf|yml)$/i or
         (file =~ /tags$/i and
-         open(file, 'rb') { |io|
+           File.open(file, 'rb') { |io|
            io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/
          })
     end
diff --git a/test/rdoc/test_rdoc_rdoc.rb b/test/rdoc/test_rdoc_rdoc.rb
index b36e47398b..c3295c1af0 100644
--- a/test/rdoc/test_rdoc_rdoc.rb
+++ b/test/rdoc/test_rdoc_rdoc.rb
@@ -330,6 +330,19 @@ class TestRDocRDoc < RDoc::TestCase
     end
   end
 
+  def test_remove_unparseable_CVE_2021_31799
+    omit 'for Un*x platforms' if Gem.win_platform?
+    temp_dir do
+      file_list = ['| touch evil.txt && echo tags']
+      file_list.each do |f|
+        FileUtils.touch f
+      end
+
+      assert_equal file_list, @rdoc.remove_unparseable(file_list)
+      assert_equal file_list, Dir.glob('*')
+    end
+  end
+
   def test_setup_output_dir
     Dir.mktmpdir {|d|
       path = File.join d, 'testdir'
-- 
2.32.0

Places

File CVE-2021-31799.patch of Package ruby2.1.36279

Places