Project

General

Profile

Bug #9588

program name variables tainted

Added by Jan Rusnacko over 2 years ago. Updated over 2 years ago.

Status:
Open
Priority:
Normal
Assignee:
-
ruby -v:
1.8.7, 1.9.3, 2.0.0
[ruby-core:61250]

Description

I have noticed inconsistency in taint flag of program name:

[jrusnack@dhcp-31-42 ruby-safe]$ cat tainted.rb
#!/usr/bin/env ruby
puts "$0: #{$0}, tainted? #{$0.tainted?}"
puts "FILE: #{FILE}, tainted? #{FILE.tainted?}"
puts "$PROGRAM_NAME: #{$PROGRAM_NAME}, tainted? #{$PROGRAM_NAME.tainted?}"

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.8.7
Using /home/jrusnack/.rvm/gems/ruby-1.8.7-p374

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0: ./tainted.rb, tainted? true
FILE: ./tainted.rb, tainted? false
$PROGRAM_NAME: ./tainted.rb, tainted? true

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 1.9.3
Using /home/jrusnack/.rvm/gems/ruby-1.9.3-p484

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0: ./tainted.rb, tainted? false
FILE: ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

[jrusnack@dhcp-31-42 ruby-safe]$ rvm use 2.0.0
Using /home/jrusnack/.rvm/gems/ruby-2.0.0-p353

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0: ./tainted.rb, tainted? false
FILE: ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

History

#1 [ruby-core:61251] Updated by Shugo Maeda over 2 years ago

Jan Rusnacko wrote:

[jrusnack@dhcp-31-42 ruby-safe]$ ./tainted.rb
$0: ./tainted.rb, tainted? false
FILE: ./tainted.rb, tainted? true
$PROGRAM_NAME: ./tainted.rb, tainted? false

I guess it's a regression introduced in r20656.
Or did you mean not to taint $0, Yugui?

#2 [ruby-core:61252] Updated by Shyouhei Urabe over 2 years ago

My expectation to tainted.rb output is what 1.8.7 outputs. This seems like a regression to me.

Also available in: Atom PDF