merge revision(s) 60596,60599: [Backport #14060]

file.c: infect from arguments

	* file.c (rb_check_realpath_internal): infetct the result with
	  arguments, no taint if none are tainted and cwd is not used.
	  [ruby-core:83583] [Bug #14060]

	file.c: infect from arguments

	* file.c (rb_check_realpath_internal): infetct the result with
	  arguments, no taint if none are tainted and cwd is not used.
	  [ruby-core:83583] [Bug #14060]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63807 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

file.c

@@ -3979,7 +3979,7 @@ rb_check_realpath_internal(VALUE basedir, VALUE path, enum rb_realpath_mode mode
     if (origenc != enc && rb_enc_str_asciionly_p(resolved))
 	rb_enc_associate(resolved, origenc);
 
-    OBJ_TAINT(resolved);
+    OBJ_INFECT(resolved, unresolved_path);
     return resolved;
 }
 

test/ruby/test_file.rb

@@ -292,6 +292,23 @@ class TestFile < Test::Unit::TestCase
     end
   end
 
+  def test_realpath_taintedness
+    Dir.mktmpdir('rubytest-realpath') {|tmpdir|
+      realdir = File.realpath(tmpdir)
+      assert_predicate(realdir, :tainted?)
+      dir, base = File.split(realdir)
+      assert_predicate(File.realpath(base, dir), :tainted?)
+      base.untaint
+      assert_predicate(File.realpath(base, dir), :tainted?)
+      base.taint
+      dir.untaint
+      assert_predicate(File.realpath(base, dir), :tainted?)
+      base.untaint
+      assert_not_predicate(File.realpath(base, dir), :tainted?)
+      assert_predicate(Dir.chdir(dir) {File.realpath(base)}, :tainted?)
+    }
+  end
+
   def test_realdirpath
     Dir.mktmpdir('rubytest-realdirpath') {|tmpdir|
       realdir = File.realpath(tmpdir)

version.h

@@ -1,6 +1,6 @@
 #define RUBY_VERSION "2.4.5"
 #define RUBY_RELEASE_DATE "2018-06-30"
-#define RUBY_PATCHLEVEL 302
+#define RUBY_PATCHLEVEL 303
 
 #define RUBY_RELEASE_YEAR 2018
 #define RUBY_RELEASE_MONTH 6