Project

General

Profile

Actions

Bug #8612

closed

nil in ERB::Util.url_encode

Added by fotos (Fotos Georgiadis) over 11 years ago. Updated almost 10 years ago.

Status:
Rejected
Target version:
-
ruby -v:
1.9.3p448, 2.0.0p255
[ruby-core:55855]

Description

=begin
We hit a bug while using Rails and trying to URL encode an ActiveSupport::SafeBuffer. I have managed to reproduce it using a small test case for Ruby 1.9.3 and Ruby 2.0.0 (both attached) that shows a minimum set of requirements to trigger the bug. The issue seems to be fixed in trunk (2.1) but I couldn't find the relevant commit(s).

To reproduce:
require 'erb'

class MyString < String
def to_s
self
end

def gsub(*args, &block)
  to_str.gsub(*args, &block)
end

end

string = "\xCE\x94\xCE\xBF\xCE\xBA\xCE\xB9\xCE\xBC\xCE\xAE".force_encoding("UTF-8")

ERB::Util.u(MyString.new(string))

Expected outcome:

The URL encoding should work and it should encode the characters properly (according to the spec).

Actual outcome:

NoMethodError: undefined method unpack' for nil:NilClass /Users/fotos/Playground/OpenSource/ruby/lib/erb.rb:952:in block in url_encode'
/Users/fotos/Playground/OpenSource/ruby/test/erb/test_erb.rb:71:in gsub' /Users/fotos/Playground/OpenSource/ruby/test/erb/test_erb.rb:71:in gsub'
/Users/fotos/Playground/OpenSource/ruby/lib/erb.rb:951:in url_encode' /Users/fotos/Playground/OpenSource/ruby/test/erb/test_erb.rb:491:in test_url_encode_string_subclass'

Using

Workaround:

Yielding the match and using it instead of $& (last match) seems to work properly as demonstrated in the patch.

Thanks

PS. Some credits go out to Aggelos Orfanakos (@agorf) for triggering the bug! :-)
=end


Files

ruby_1_9_3_url_encode_issue.patch (1.49 KB) ruby_1_9_3_url_encode_issue.patch Ruby 1.9.3 patch for ERB::Util.url_encode fotos (Fotos Georgiadis), 07/09/2013 12:58 AM
ruby_2_0_0_url_encode_issue.patch (1.49 KB) ruby_2_0_0_url_encode_issue.patch Ruby 2.0.3 patch for ERB::Util.url_encode fotos (Fotos Georgiadis), 07/09/2013 12:58 AM
ruby_1_9_3_cgi_escape_issue.patch (1.03 KB) ruby_1_9_3_cgi_escape_issue.patch Ruby 1.9.3 patch for CGI::escape / unescape fotos (Fotos Georgiadis), 07/11/2013 11:08 PM
ruby_2_0_0_cgi_escape_issue.patch (1.09 KB) ruby_2_0_0_cgi_escape_issue.patch Ruby 2.0.0 patch for CGI::escape / unescape fotos (Fotos Georgiadis), 07/11/2013 11:08 PM

Related issues 1 (0 open1 closed)

Related to Ruby master - Feature #8648: unuse special global variable in erb/cgi methodsClosedxibbar (Takeyuki FUJIOKA)07/17/2013Actions
Actions

Also available in: Atom PDF

Like0
Like0Like0Like0Like0Like0Like0Like0