29c6b9
commit fe3c49c9baeeab58304ede915b7edd18ecf360fc
29c6b9
Author: usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
29c6b9
Date:   Sat Jul 3 17:10:28 2021 +0000
29c6b9
29c6b9
    merge revision(s) b1c73f23,c9ab8fe2: [Backport #17877]
29c6b9
    
29c6b9
            [ruby/rdoc] Use File.open to fix the OS Command Injection vulnerability in CVE-2021-31799
29c6b9
    
29c6b9
            https://github.com/ruby/rdoc/commit/a7f5d6ab88
29c6b9
    
29c6b9
            The test for command injection on Unix platforms should be omitted on Windows
29c6b9
    
29c6b9
    
29c6b9
    git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67947 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
29c6b9
29c6b9
diff --git a/lib/rdoc/rdoc.rb b/lib/rdoc/rdoc.rb
29c6b9
index ca2c1abefd..46aace7839 100644
29c6b9
--- a/lib/rdoc/rdoc.rb
29c6b9
+++ b/lib/rdoc/rdoc.rb
29c6b9
@@ -436,7 +436,7 @@ def remove_unparseable files
29c6b9
     files.reject do |file|
29c6b9
       file =~ /\.(?:class|eps|erb|scpt\.txt|svg|ttf|yml)$/i or
29c6b9
         (file =~ /tags$/i and
29c6b9
-         open(file, 'rb') { |io|
29c6b9
+         File.open(file, 'rb') { |io|
29c6b9
            io.read(100) =~ /\A(\f\n[^,]+,\d+$|!_TAG_)/
29c6b9
          })
29c6b9
     end
663d0d
--- a/lib/rdoc/encoding.rb	2022-02-16 16:51:28.080178281 +0100
663d0d
+++ b/lib/rdoc/encoding.rb	2022-02-16 16:51:37.108160840 +0100
663d0d
@@ -18,7 +18,7 @@
663d0d
   # unknown character in the target encoding will be replaced with '?'
663d0d
 
663d0d
   def self.read_file filename, encoding, force_transcode = false
663d0d
-    content = open filename, "rb" do |f| f.read end
663d0d
+    content = File.open filename, "rb" do |f| f.read end
663d0d
     content.gsub!("\r\n", "\n") if RUBY_PLATFORM =~ /mswin|mingw/
663d0d
 
663d0d
     utf8 = content.sub!(/\A\xef\xbb\xbf/, '')
663d0d
--- a/lib/rdoc/parser.rb	2021-04-05 13:46:35.000000000 +0200
663d0d
+++ b/lib/rdoc/parser.rb	2022-02-16 15:37:17.904822389 +0100
663d0d
@@ -74,7 +74,12 @@
663d0d
   def self.binary?(file)
663d0d
     return false if file =~ /\.(rdoc|txt)$/
663d0d
 
663d0d
-    s = File.read(file, 1024) or return false
663d0d
+    begin
663d0d
+      open_file = File.open(file)
663d0d
+      s = open_file.read(1024) or return false
663d0d
+    ensure
663d0d
+      open_file.close if open_file
663d0d
+    end
663d0d
 
663d0d
     return true if s[0, 2] == Marshal.dump('')[0, 2] or s.index("\x00")
663d0d
 
663d0d
@@ -92,7 +97,8 @@
663d0d
   # http://www.garykessler.net/library/file_sigs.html
663d0d
 
663d0d
   def self.zip? file
663d0d
-    zip_signature = File.read file, 4
663d0d
+    zip_signature = ''
663d0d
+    File.open(file) { |f| zip_signature = f.read(4) }
663d0d
 
663d0d
     zip_signature == "PK\x03\x04" or
663d0d
       zip_signature == "PK\x05\x06" or
29c6b9
diff --git a/test/rdoc/test_rdoc_rdoc.rb b/test/rdoc/test_rdoc_rdoc.rb
29c6b9
index 3bce54b243..123b1a4f87 100644
29c6b9
--- a/test/rdoc/test_rdoc_rdoc.rb
29c6b9
+++ b/test/rdoc/test_rdoc_rdoc.rb
29c6b9
@@ -366,6 +366,18 @@ def test_remove_unparseable_tags_vim
29c6b9
     end
29c6b9
   end
29c6b9
 
29c6b9
+  def test_remove_unparseable_CVE_2021_31799
29c6b9
+    skip 'for Un*x platforms' if Gem.win_platform?
29c6b9
+    temp_dir do
29c6b9
+      file_list = ['| touch evil.txt && echo tags']
29c6b9
+      file_list.each do |f|
29c6b9
+        FileUtils.touch f
29c6b9
+      end
29c6b9
+      assert_equal file_list, @rdoc.remove_unparseable(file_list)
29c6b9
+      assert_equal file_list, Dir.children('.')
29c6b9
+    end
29c6b9
+  end
29c6b9
+
29c6b9
   def test_setup_output_dir
29c6b9
     Dir.mktmpdir {|d|
29c6b9
       path = File.join d, 'testdir'