Always mark the string returned by File.realpath as tainted
This string can include elements that were not in either string passed to File.realpath, even if one of the strings is an absolute path, due to symlinks:
Dir.mkdir('b')unlessFile.directory?('b')File.write('b/a','')unlessFile.file?('b/a')File.symlink('b','c')unlessFile.symlink?('c')path=File.realpath('c/a'.untaint,Dir.pwd.untaint)path# "/home/testr/ruby/b/a"path.tainted?# should be true, as 'b' comes from file system
Added by jeremyevans (Jeremy Evans) over 6 years ago
Always mark the string returned by File.realpath as tainted
This string can include elements that were not in either string
passed to File.realpath, even if one of the strings is an
absolute path, due to symlinks:
[Bug #15803]