summary refs log tree commit homepage
diff options
context:
space:
mode:
authorTerry Scheingeld <tscheingeld32@gmail.com>2019-12-11 11:24:59 -0500
committerEric Wong <e@80x24.org>2019-12-11 22:54:59 +0000
commit024f7a8c8c780b6eae4f952dd6ef86dca8036cb6 (patch)
tree8c1b54ba331d68eaeb75d9dadd48af3db8a6b43e
parent08ba2e67d356c46ace310ce9a483511e68e9d6d6 (diff)
Ruby mistakenly taints the file path, causing File.unlink
to fail: https://bugs.ruby-lang.org/issues/14485

Workaround the Ruby bug by keeping the path as a local
variable and passing that to File.unlink, instead of the
return value of File#path.

Link: https://bogomips.org/unicorn-public/CABg1sXrvGv9G6CDQxePDUqTe6N-5UpLXm7eG3YQO=dda-Cgg7A@mail.gmail.com/
-rw-r--r--lib/unicorn/tmpio.rb10
1 files changed, 8 insertions, 2 deletions
diff --git a/lib/unicorn/tmpio.rb b/lib/unicorn/tmpio.rb
index db88ed3..0bbf6ec 100644
--- a/lib/unicorn/tmpio.rb
+++ b/lib/unicorn/tmpio.rb
@@ -11,12 +11,18 @@ class Unicorn::TmpIO < File
   # immediately, switched to binary mode, and userspace output
   # buffering is disabled
   def self.new
+    path = nil
+
+    # workaround File#path being tainted:
+    # https://bugs.ruby-lang.org/issues/14485
     fp = begin
-      super("#{Dir::tmpdir}/#{rand}", RDWR|CREAT|EXCL, 0600)
+      path = "#{Dir::tmpdir}/#{rand}"
+      super(path, RDWR|CREAT|EXCL, 0600)
     rescue Errno::EEXIST
       retry
     end
-    unlink(fp.path)
+
+    unlink(path)
     fp.binmode
     fp.sync = true
     fp