Actions
Bug #15417
closedPathname case insensitive comparison
Description
While fixing some issues with Pathname, I noticed the following comparison:
SAME_PATHS = if File::FNM_SYSCASE.nonzero?
# Avoid #zero? here because #casecmp can return nil.
proc {|a, b| a.casecmp(b) == 0}
else
proc {|a, b| a == b}
end
Firstly, this seems wrong to me because case sensitivity is per-mount not a global state for the entire system.
Secondly, it concerns me because sometimes this becomes security bug, e.g. path may or may not be the same, and could slip through some sanity check (e.g. git could checkout files to .git
directory with case insensitive file system).
Unless string match exactly, we should leave it to file system to determine if the path is equivalent or not (e.g. in the case of Pathname#relative_path_from
). Trying to be too clever might cause future pain.
Actions
Like0
Like0Like0Like0Like0