Bug #20787
closed
IO#readline does not check its arguments like IO#gets and will read more data than limit
Description
In revision d3574c117a637a4456aa3ee78e24d8df510b9355, the implementation of IO#readline was modified and consequently broke argument handling in a subtle way. It no longer checks that the encoding of the separator string is compatible with the internal encoding of the stream. Prior to version 3.3.0, the following script raises an ArgumentError when calling #readline:
require "tempfile"
Tempfile.open(encoding: "utf-8:utf-32le") { |f| f.write("0123456789"); f.rewind; f.readline("\0", 1); }
After 3.3.0, the script will read all the data in the file, in this case 40 bytes, even though the limit argument is 1. Replacing #readline with #gets raises the ArgumentError in all versions.
I'm fairly sure that the failure to check the separator string encoding leads to the incorrect handling of the limit argument.
Updated by nobu (Nobuyoshi Nakada) 4 months ago
- Description updated (diff)
- Backport changed from 3.1: UNKNOWN, 3.2: UNKNOWN, 3.3: UNKNOWN to 3.1: DONTNEED, 3.2: DONTNEED, 3.3: REQUIRED
Updated by mame (Yusuke Endoh) 3 months ago
- Status changed from Open to Closed
Updated by k0kubun (Takashi Kokubun) 21 days ago
- Backport changed from 3.1: DONTNEED, 3.2: DONTNEED, 3.3: REQUIRED to 3.1: DONTNEED, 3.2: DONTNEED, 3.3: DONE
ruby_3_3 commit:233014639793cb6c8650a9b17d37bc09c662d430 merged revision(s) 773d140f65c1c8b726e107915bc003c186f38677.