Project

General

Profile

Bug #15637 ยป ruby-2.6.1-rubygems-v2.patch

hsbt (Hiroshi SHIBATA), 03/06/2019 05:03 AM

View differences:

lib/rubygems.rb
9 9
require 'rbconfig'
10 10

  
11 11
module Gem
12
  VERSION = "3.0.1".freeze
12
  VERSION = "3.0.3".freeze
13 13
end
14 14

  
15 15
# Must be first since it unloads the prelude from 1.9.2
lib/rubygems/command_manager.rb
7 7

  
8 8
require 'rubygems/command'
9 9
require 'rubygems/user_interaction'
10
require 'rubygems/text'
10 11

  
11 12
##
12 13
# The command manager registers and installs all the individual sub-commands
......
32 33

  
33 34
class Gem::CommandManager
34 35

  
36
  include Gem::Text
35 37
  include Gem::UserInteraction
36 38

  
37 39
  BUILTIN_COMMANDS = [ # :nodoc:
......
145 147
  def run(args, build_args=nil)
146 148
    process_args(args, build_args)
147 149
  rescue StandardError, Timeout::Error => ex
148
    alert_error "While executing gem ... (#{ex.class})\n    #{ex}"
150
    alert_error clean_text("While executing gem ... (#{ex.class})\n    #{ex}")
149 151
    ui.backtrace ex
150 152

  
151 153
    terminate_interaction(1)
152 154
  rescue Interrupt
153
    alert_error "Interrupted"
155
    alert_error clean_text("Interrupted")
154 156
    terminate_interaction(1)
155 157
  end
156 158

  
......
168 170
      say Gem::VERSION
169 171
      terminate_interaction 0
170 172
    when /^-/ then
171
      alert_error "Invalid option: #{args.first}. See 'gem --help'."
173
      alert_error clean_text("Invalid option: #{args.first}. See 'gem --help'.")
172 174
      terminate_interaction 1
173 175
    else
174 176
      cmd_name = args.shift.downcase
......
224 226
    rescue Exception => e
225 227
      e = load_error if load_error
226 228

  
227
      alert_error "Loading command: #{command_name} (#{e.class})\n\t#{e}"
229
      alert_error clean_text("Loading command: #{command_name} (#{e.class})\n\t#{e}")
228 230
      ui.backtrace e
229 231
    end
230 232
  end
lib/rubygems/commands/owner_command.rb
2 2
require 'rubygems/command'
3 3
require 'rubygems/local_remote_options'
4 4
require 'rubygems/gemcutter_utilities'
5
require 'rubygems/text'
5 6

  
6 7
class Gem::Commands::OwnerCommand < Gem::Command
8

  
9
  include Gem::Text
7 10
  include Gem::LocalRemoteOptions
8 11
  include Gem::GemcutterUtilities
9 12

  
......
65 68
    end
66 69

  
67 70
    with_response response do |resp|
68
      owners = Gem::SafeYAML.load resp.body
71
      owners = Gem::SafeYAML.load clean_text(resp.body)
69 72

  
70 73
      say "Owners for gem: #{name}"
71 74
      owners.each do |owner|
lib/rubygems/gemcutter_utilities.rb
1 1
# frozen_string_literal: true
2 2
require 'rubygems/remote_fetcher'
3
require 'rubygems/text'
3 4

  
4 5
##
5 6
# Utility methods for using the RubyGems API.
6 7

  
7 8
module Gem::GemcutterUtilities
8 9

  
10
  include Gem::Text
11

  
9 12
  # TODO: move to Gem::Command
10 13
  OptionParser.accept Symbol do |value|
11 14
    value.to_sym
......
162 165
      if block_given?
163 166
        yield response
164 167
      else
165
        say response.body
168
        say clean_text(response.body)
166 169
      end
167 170
    else
168 171
      message = response.body
169 172
      message = "#{error_prefix}: #{message}" if error_prefix
170 173

  
171
      say message
174
      say clean_text(message)
172 175
      terminate_interaction 1 # TODO: question this
173 176
    end
174 177
  end
lib/rubygems/install_update_options.rb
30 30
      options[:bin_dir] = File.expand_path(value)
31 31
    end
32 32

  
33
    add_option(:"Install/Update",       '--[no-]document [TYPES]', Array,
33
    add_option(:"Install/Update",       '--document [TYPES]', Array,
34 34
               'Generate documentation for installed gems',
35 35
               'List the documentation types you wish to',
36 36
               'generate.  For example: rdoc,ri') do |value, options|
lib/rubygems/installer.rb
725 725
      unpack or File.writable?(gem_home)
726 726
  end
727 727

  
728
  def verify_spec_name
729
    return if spec.name =~ Gem::Specification::VALID_NAME_PATTERN
730
    raise Gem::InstallError, "#{spec} has an invalid name"
728
  def verify_spec
729
    unless spec.name =~ Gem::Specification::VALID_NAME_PATTERN
730
      raise Gem::InstallError, "#{spec} has an invalid name"
731
    end
732

  
733
    if spec.raw_require_paths.any?{|path| path =~ /\R/ }
734
      raise Gem::InstallError, "#{spec} has an invalid require_paths"
735
    end
736

  
737
    if spec.extensions.any?{|ext| ext =~ /\R/ }
738
      raise Gem::InstallError, "#{spec} has an invalid extensions"
739
    end
740

  
741
    unless spec.specification_version.to_s =~ /\A\d+\z/
742
      raise Gem::InstallError, "#{spec} has an invalid specification_version"
743
    end
744

  
745
    if spec.dependencies.any? {|dep| dep.type =~ /\R/ || dep.name =~ /\R/ }
746
      raise Gem::InstallError, "#{spec} has an invalid dependencies"
747
    end
731 748
  end
732 749

  
733 750
  ##
......
876 893
  def pre_install_checks
877 894
    verify_gem_home options[:unpack]
878 895

  
896
    # The name and require_paths must be verified first, since it could contain
897
    # ruby code that would be eval'ed in #ensure_loadable_spec
898
    verify_spec
899

  
879 900
    ensure_loadable_spec
880 901

  
881
    verify_spec_name
882

  
883 902
    if options[:install_as_default]
884 903
      Gem.ensure_default_gem_subdirectories gem_home
885 904
    else
lib/rubygems/package.rb
456 456
    raise Gem::Package::PathError.new(destination, destination_dir) unless
457 457
      destination.start_with? destination_dir + '/'
458 458

  
459
    begin
460
      real_destination = File.expand_path(File.realpath(destination))
461
    rescue
462
      # it's fine if the destination doesn't exist, because rm -rf'ing it can't cause any damage
463
      nil
464
    else
465
      raise Gem::Package::PathError.new(real_destination, destination_dir) unless
466
        real_destination.start_with? destination_dir + '/'
467
    end
468

  
459 469
    destination.untaint
460 470
    destination
461 471
  end
lib/rubygems/requirement.rb
267 267

  
268 268
  def ==(other) # :nodoc:
269 269
    return unless Gem::Requirement === other
270
    requirements == other.requirements
270

  
271
    # An == check is always necessary
272
    return false unless requirements == other.requirements
273

  
274
    # An == check is sufficient unless any requirements use ~>
275
    return true unless _tilde_requirements.any?
276

  
277
    # If any requirements use ~> we use the stricter `#eql?` that also checks
278
    # that version precision is the same
279
    _tilde_requirements.eql?(other._tilde_requirements)
280
  end
281

  
282
  protected
283

  
284
  def _tilde_requirements
285
    requirements.select { |r| r.first == "~>" }
271 286
  end
272 287

  
273 288
  private
lib/rubygems/test_case.rb
254 254
    @orig_gem_env_requirements = ENV.to_hash
255 255

  
256 256
    ENV['GEM_VENDOR'] = nil
257
    ENV['SOURCE_DATE_EPOCH'] = nil
257 258

  
258 259
    @current_dir = Dir.pwd
259 260
    @fetcher     = nil
lib/rubygems/user_interaction.rb
7 7

  
8 8
require 'rubygems/util'
9 9
require 'rubygems/deprecate'
10
require 'rubygems/text'
10 11

  
11 12
##
12 13
# Module that defines the default UserInteraction.  Any class including this
......
14 15

  
15 16
module Gem::DefaultUserInteraction
16 17

  
18
  include Gem::Text
19

  
17 20
  ##
18 21
  # The default UI is a class variable of the singleton class for this
19 22
  # module.
......
162 165
  # is true.
163 166

  
164 167
  def verbose(msg = nil)
165
    say(msg || yield) if Gem.configuration.really_verbose
168
    say(clean_text(msg || yield)) if Gem.configuration.really_verbose
166 169
  end
167 170
end
168 171

  
test/rubygems/test_gem.rb
150 150
    File.umask(umask)
151 151
  end
152 152

  
153
  def test_self_install_permissions_with_format_executable
154
    @format_executable = true
155
    assert_self_install_permissions
156
  end
157

  
153 158
  def assert_self_install_permissions
154 159
    mask = /mingw|mswin/ =~ RUBY_PLATFORM ? 0700 : 0777
155 160
    options = {
......
157 162
      :prog_mode => 0510,
158 163
      :data_mode => 0640,
159 164
      :wrappers => true,
165
      :format_executable => !!(@format_executable if defined?(@format_executable))
160 166
    }
161 167
    Dir.chdir @tempdir do
162 168
      Dir.mkdir 'bin'
......
182 188
    prog_mode = (options[:prog_mode] & mask).to_s(8)
183 189
    dir_mode = (options[:dir_mode] & mask).to_s(8)
184 190
    data_mode = (options[:data_mode] & mask).to_s(8)
191
    prog_name = 'foo.cmd'
192
    prog_name = RUBY_INSTALL_NAME.sub('ruby', 'foo.cmd') if options[:format_executable]
185 193
    expected = {
186
      "bin/#{RUBY_INSTALL_NAME.sub('ruby', 'foo.cmd')}" => prog_mode,
194
      "bin/#{prog_name}" => prog_mode,
187 195
      'gems/foo-1' => dir_mode,
188 196
      'gems/foo-1/bin' => dir_mode,
189 197
      'gems/foo-1/data' => dir_mode,
test/rubygems/test_gem_installer.rb
1446 1446
    end
1447 1447
  end
1448 1448

  
1449
  def test_pre_install_checks_malicious_name_before_eval
1450
    spec = util_spec "malicious\n::Object.const_set(:FROM_EVAL, true)#", '1'
1451
    def spec.full_name # so the spec is buildable
1452
      "malicious-1"
1453
    end
1454
    def spec.validate(*args); end
1455

  
1456
    util_build_gem spec
1457

  
1458
    gem = File.join(@gemhome, 'cache', spec.file_name)
1459

  
1460
    use_ui @ui do
1461
      @installer = Gem::Installer.at gem
1462
      e = assert_raises Gem::InstallError do
1463
        @installer.pre_install_checks
1464
      end
1465
      assert_equal "#<Gem::Specification name=malicious\n::Object.const_set(:FROM_EVAL, true)# version=1> has an invalid name", e.message
1466
    end
1467
    refute defined?(::Object::FROM_EVAL)
1468
  end
1469

  
1470
  def test_pre_install_checks_malicious_require_paths_before_eval
1471
    spec = util_spec "malicious", '1'
1472
    def spec.full_name # so the spec is buildable
1473
      "malicious-1"
1474
    end
1475
    def spec.validate(*args); end
1476
    spec.require_paths = ["malicious\n``"]
1477

  
1478
    util_build_gem spec
1479

  
1480
    gem = File.join(@gemhome, 'cache', spec.file_name)
1481

  
1482
    use_ui @ui do
1483
      @installer = Gem::Installer.at gem
1484
      e = assert_raises Gem::InstallError do
1485
        @installer.pre_install_checks
1486
      end
1487
      assert_equal "#<Gem::Specification name=malicious version=1> has an invalid require_paths", e.message
1488
    end
1489
  end
1490

  
1491
  def test_pre_install_checks_malicious_extensions_before_eval
1492
    skip "mswin environment disallow to create file contained the carriage return code." if Gem.win_platform?
1493

  
1494
    spec = util_spec "malicious", '1'
1495
    def spec.full_name # so the spec is buildable
1496
      "malicious-1"
1497
    end
1498
    def spec.validate(*args); end
1499
    spec.extensions = ["malicious\n``"]
1500

  
1501
    util_build_gem spec
1502

  
1503
    gem = File.join(@gemhome, 'cache', spec.file_name)
1504

  
1505
    use_ui @ui do
1506
      @installer = Gem::Installer.at gem
1507
      e = assert_raises Gem::InstallError do
1508
        @installer.pre_install_checks
1509
      end
1510
      assert_equal "#<Gem::Specification name=malicious version=1> has an invalid extensions", e.message
1511
    end
1512
  end
1513

  
1514
  def test_pre_install_checks_malicious_specification_version_before_eval
1515
    spec = util_spec "malicious", '1'
1516
    def spec.full_name # so the spec is buildable
1517
      "malicious-1"
1518
    end
1519
    def spec.validate(*args); end
1520
    spec.specification_version = "malicious\n``"
1521

  
1522
    util_build_gem spec
1523

  
1524
    gem = File.join(@gemhome, 'cache', spec.file_name)
1525

  
1526
    use_ui @ui do
1527
      @installer = Gem::Installer.at gem
1528
      e = assert_raises Gem::InstallError do
1529
        @installer.pre_install_checks
1530
      end
1531
      assert_equal "#<Gem::Specification name=malicious version=1> has an invalid specification_version", e.message
1532
    end
1533
  end
1534

  
1535
  def test_pre_install_checks_malicious_dependencies_before_eval
1536
    spec = util_spec "malicious", '1'
1537
    def spec.full_name # so the spec is buildable
1538
      "malicious-1"
1539
    end
1540
    def spec.validate(*args); end
1541
    spec.add_dependency "b\nfoo", '> 5'
1542

  
1543
    util_build_gem spec
1544

  
1545
    gem = File.join(@gemhome, 'cache', spec.file_name)
1546

  
1547
    use_ui @ui do
1548
      @installer = Gem::Installer.at gem
1549
      @installer.ignore_dependencies = true
1550
      e = assert_raises Gem::InstallError do
1551
        @installer.pre_install_checks
1552
      end
1553
      assert_equal "#<Gem::Specification name=malicious version=1> has an invalid dependencies", e.message
1554
    end
1555
  end
1556

  
1449 1557
  def test_shebang
1450 1558
    util_make_exec @spec, "#!/usr/bin/ruby"
1451 1559

  
test/rubygems/test_gem_package.rb
105 105
  end
106 106

  
107 107
  def test_build_time_source_date_epoch
108
    epoch = ENV["SOURCE_DATE_EPOCH"]
108 109
    ENV["SOURCE_DATE_EPOCH"] = "123456789"
109 110

  
110 111
    spec = Gem::Specification.new 'build', '1'
......
118 119
    package = Gem::Package.new spec.file_name
119 120

  
120 121
    assert_equal Time.at(ENV["SOURCE_DATE_EPOCH"].to_i).utc, package.build_time
122
  ensure
123
    ENV["SOURCE_DATE_EPOCH"] = epoch
121 124
  end
122 125

  
123 126
  def test_add_files
......
526 529
    end
527 530
  end
528 531

  
532
  def test_extract_symlink_parent_doesnt_delete_user_dir
533
    package = Gem::Package.new @gem
534

  
535
    # Extract into a subdirectory of @destination; if this test fails it writes
536
    # a file outside destination_subdir, but we want the file to remain inside
537
    # @destination so it will be cleaned up.
538
    destination_subdir = File.join @destination, 'subdir'
539
    FileUtils.mkdir_p destination_subdir
540

  
541
    destination_user_dir = File.join @destination, 'user'
542
    destination_user_subdir = File.join destination_user_dir, 'dir'
543
    FileUtils.mkdir_p destination_user_subdir
544

  
545
    tgz_io = util_tar_gz do |tar|
546
      tar.add_symlink 'link', destination_user_dir, 16877
547
      tar.add_symlink 'link/dir', '.', 16877
548
    end
549

  
550
    e = assert_raises(Gem::Package::PathError, Errno::EACCES) do
551
      package.extract_tar_gz tgz_io, destination_subdir
552
    end
553

  
554
    assert_path_exists destination_user_subdir
555

  
556
    if Gem::Package::PathError === e
557
      assert_equal("installing into parent path #{destination_user_subdir} of " +
558
                  "#{destination_subdir} is not allowed", e.message)
559
    elsif win_platform?
560
      skip "symlink - must be admin with no UAC on Windows"
561
    else
562
      raise e
563
    end
564
  end
565

  
529 566
  def test_extract_tar_gz_directory
530 567
    package = Gem::Package.new @gem
531 568

  
test/rubygems/test_gem_package_tar_writer.rb
11 11
    @data = 'abcde12345'
12 12
    @io = TempIO.new
13 13
    @tar_writer = Gem::Package::TarWriter.new @io
14
    @epoch = ENV["SOURCE_DATE_EPOCH"]
15
    ENV["SOURCE_DATE_EPOCH"] = nil
14 16
  end
15 17

  
16 18
  def teardown
19
    ENV["SOURCE_DATE_EPOCH"] = @epoch
17 20
    @tar_writer.close unless @tar_writer.closed?
18 21
    @io.close!
19 22

  
test/rubygems/test_gem_requirement.rb
20 20
    refute_requirement_equal "= 1.2", "= 1.3"
21 21
    refute_requirement_equal "= 1.3", "= 1.2"
22 22

  
23
    refute_requirement_equal "~> 1.3", "~> 1.3.0"
24
    refute_requirement_equal "~> 1.3.0", "~> 1.3"
25

  
26
    assert_requirement_equal ["> 2", "~> 1.3"], ["> 2.0", "~> 1.3"]
27
    assert_requirement_equal ["> 2.0", "~> 1.3"], ["> 2", "~> 1.3"]
28

  
23 29
    refute_equal Object.new, req("= 1.2")
24 30
    refute_equal req("= 1.2"), Object.new
25 31
  end
test/rubygems/test_gem_specification.rb
1719 1719
  end
1720 1720

  
1721 1721
  def test_date_use_env_source_date_epoch
1722
    epoch = ENV["SOURCE_DATE_EPOCH"]
1722 1723
    ENV["SOURCE_DATE_EPOCH"] = "123456789"
1723 1724
    assert_equal Time.utc(1973,11,29,0,0,0), @a1.date
1725
  ensure
1726
    ENV["SOURCE_DATE_EPOCH"] = epoch
1724 1727
  end
1725 1728

  
1726 1729
  def test_dependencies
test/rubygems/test_gem_text.rb
89 89
    s = "ab" * 500_001
90 90
    assert_equal "Truncating desc to 1,000,000 characters:\n#{s[0, 1_000_000]}", truncate_text(s, "desc", 1_000_000)
91 91
  end
92

  
93
  def test_clean_text
94
    assert_equal ".]2;nyan.", clean_text("\e]2;nyan\a")
95
  end
96

  
92 97
end