Project

General

Profile

Actions
Copy link

Bug #14075

closed

File.dirname("path without dir".taint) returns untainted string

Added by znz (Kazuhiro NISHIYAMA) about 7 years ago. Updated almost 7 years ago.

Status:
Closed
Assignee:
-
Target version:
-
ruby -v:
Backport:
2.3: UNKNOWN, 2.4: UNKNOWN
[ruby-core:83646]

Description

Is this intentional?

% ruby -e 'p [File.dirname("foo/bar".taint).tainted?, File.dirname("hoge".taint).tainted?]'
[true, false]
Actions
Copy link
 #1 [ruby-core:84086]

Updated by hkdnet (Ko Sato) almost 7 years ago

I found that File.split also returns untainted string with a tainted argument.

$ ruby -e 'p File.split("foo/bar".taint).map(&:tainted?); p File.split("hoge".taint).map(&:tainted?)'
[true, true]
[false, true]
Actions
Copy link
 #2

Updated by nobu (Nobuyoshi Nakada) almost 7 years ago

  • Status changed from Open to Closed

I think it is intended.
dirname for a path without directory is ".", and this does not come from the argument string.

Actions
Copy link

Also available in: Atom PDF

Like0
Like0Like0