archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-08-15 13:39:04 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

Validate user input encoding

Browse source 
If the user has the encoding of her system messed up, she may end up
sending us incorrectly encoding input, causing "invalid byte sequence in
UTF-8" errors at random places.

These errors can be forced on a system without encoding issues with
something like:

```
$ gem install$(echo -e "\xFF") foo
/Users/deivid/.asdf/installs/ruby/3.2.1/lib/ruby/site_ruby/3.2.0/rubygems/config_file.rb:534:in `block in set_config_file_name': invalid byte sequence in UTF-8 (ArgumentError)
	from /Users/deivid/.asdf/installs/ruby/3.2.1/lib/ruby/site_ruby/3.2.0/rubygems/config_file.rb:530:in `each'
	from /Users/deivid/.asdf/installs/ruby/3.2.1/lib/ruby/site_ruby/3.2.0/rubygems/config_file.rb:530:in `set_config_file_name'
	from /Users/deivid/.asdf/installs/ruby/3.2.1/lib/ruby/site_ruby/3.2.0/rubygems/config_file.rb:177:in `initialize'
	from /Users/deivid/.asdf/installs/ruby/3.2.1/lib/ruby/site_ruby/3.2.0/rubygems/gem_runner.rb:71:in `new'
	from /Users/deivid/.asdf/installs/ruby/3.2.1/lib/ruby/site_ruby/3.2.0/rubygems/gem_runner.rb:71:in `do_configuration'
	from /Users/deivid/.asdf/installs/ruby/3.2.1/lib/ruby/site_ruby/3.2.0/rubygems/gem_runner.rb:33:in `run'
	from /Users/deivid/.asdf/installs/ruby/3.2.1/bin/gem:10:in `<main>'
```

This commit makes RubyGems print a better error in this case:

```
$ ruby -Ilib bin/gem install$(echo -e "\xFF") foo
/Users/deivid/Code/rubygems/rubygems/lib/rubygems/gem_runner.rb:75:in `validate_encoding': invalid argument: 'install�' has invalid encoding (Gem::OptionParser::InvalidArgument)
	from /Users/deivid/Code/rubygems/rubygems/lib/rubygems/gem_runner.rb:31:in `run'
	from bin/gem:10:in `<main>'
```
This commit is contained in:
David Rodríguez 2023-03-13 14:11:25 +01:00 committed by git
parent 9ce1b5e11f
commit e7518a7859
2 changed files with 15 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

9
lib/rubygems/gem_runner.rb
View file

@ -29,6 +29,7 @@ class Gem::GemRunner
# Run the gem command with the following arguments.
def run(args)
validate_encoding args
build_args = extract_build_args args
do_configuration args
@ -72,6 +73,14 @@ class Gem::GemRunner
private
def validate_encoding(args)
invalid_arg = args.find {|arg| !arg.valid_encoding? }
if invalid_arg
raise Gem::OptionParser::InvalidArgument.new("'#{invalid_arg.scrub}' has invalid encoding")
end
end
def do_configuration(args)
Gem.configuration = @config_file_class.new(args)
Gem.use_paths Gem.configuration[:gemhome], Gem.configuration[:gempath]

6
test/rubygems/test_gem_gem_runner.rb
View file

@ -54,6 +54,12 @@ class TestGemGemRunner < Gem::TestCase
assert_equal %w[--commands], Gem::Command.extra_args
end
def test_validate_encoding
assert_raise Gem::OptionParser::InvalidArgument do
@runner.run(["install\xFF", "foo"])
end
end
def test_extract_build_args
args = %w[]
assert_equal [], @runner.extract_build_args(args)