whimsical-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sam Ruby <ru...@apache.org>
Subject [whimsy.git] [1/1] Commit 8e0634e: avoid Tempfile problems with Ruby 2.3.0
Date Mon, 11 Jan 2016 16:28:26 GMT
Commit 8e0634ee01776b55fc0a2bfc1369552e9f06ca66:
    avoid Tempfile problems with Ruby 2.3.0


Branch: refs/heads/master
Author: Sam Ruby <rubys@intertwingly.net>
Committer: Sam Ruby <rubys@intertwingly.net>
Pusher: rubys <rubys@apache.org>

------------------------------------------------------------
www/secmail/models/attachment.rb                             | +++ ---
www/secmail/models/safetemp.rb                               | ++++++++++++++ 
www/secmail/server.rb                                        | + 
www/secmail/views/actions/burst.json.rb                      | + -
www/secmail/views/actions/check-signature.json.rb            | ++ --
www/secmail/views/actions/drop.json.rb                       | ++++ ----
www/secmail/views/actions/rotate-attachment.json.rb          | + -
------------------------------------------------------------
51 changes: 40 additions, 11 deletions.
------------------------------------------------------------


diff --git a/www/secmail/models/attachment.rb b/www/secmail/models/attachment.rb
index fb26513..28f13e8 100644
--- a/www/secmail/models/attachment.rb
+++ b/www/secmail/models/attachment.rb
@@ -28,14 +28,14 @@ def safe_name
   end
 
   def as_file
-    file = Tempfile.new([safe_name, '.pdf'], encoding: Encoding::BINARY)
+    file = SafeTempFile.new([safe_name, '.pdf'])
     file.write(body)
     file.rewind
     file
   end
 
   def as_pdf
-    file = Tempfile.new([safe_name, '.pdf'], encoding: Encoding::BINARY)
+    file = SafeTempFile.new([safe_name, '.pdf'])
     file.write(body)
     file.rewind
 
@@ -45,7 +45,7 @@ def as_pdf
     ext = File.extname(name).downcase
 
     if IMAGE_TYPES.include? ext or content_type.start_with? 'image/'
-      pdf = Tempfile.new([safe_name, '.pdf'], encoding: Encoding::BINARY)
+      pdf = SafeTempFile.new([safe_name, '.pdf'])
       system 'convert', file.path, pdf.path
       file.unlink
       return pdf
diff --git a/www/secmail/models/safetemp.rb b/www/secmail/models/safetemp.rb
new file mode 100644
index 0000000..24bc7e9
--- /dev/null
+++ b/www/secmail/models/safetemp.rb
@@ -0,0 +1,28 @@
+#
+# Tempfile in Ruby 2.3.0 has the unfortunate behavior of returning
+# an unsafe path and even blowing up when unlink is called in a $SAFE
+# environment.  This avoids those two problems, while forwarding all all other
+# method calls.
+#
+
+require 'tempfile'
+
+class SafeTempFile
+  def initialize *args
+    args << {} unless args.last.instance_of? Hash
+    args.last[:encoding] = Encoding::BINARY
+    @tempfile = Tempfile.new *args
+  end
+
+  def path
+    @tempfile.path.untaint
+  end
+
+  def unlink
+    File.unlink path
+  end
+
+  def method_missing symbol, *args
+    @tempfile.send symbol, *args
+  end
+end
diff --git a/www/secmail/server.rb b/www/secmail/server.rb
index fde3fe1..bb95918 100644
--- a/www/secmail/server.rb
+++ b/www/secmail/server.rb
@@ -11,6 +11,7 @@
 
 require_relative 'helpers'
 require_relative 'models/mailbox'
+require_relative 'models/safetemp'
 
 # list of messages
 get '/' do
diff --git a/www/secmail/views/actions/burst.json.rb b/www/secmail/views/actions/burst.json.rb
index 082f075..802adeb 100644
--- a/www/secmail/views/actions/burst.json.rb
+++ b/www/secmail/views/actions/burst.json.rb
@@ -30,7 +30,7 @@
   message.replace_attachment @selected, attachments
 
 ensure
-  File.unlink source.path.untaint if source
+  source.unlink if source
 end
 
 {
diff --git a/www/secmail/views/actions/check-signature.json.rb b/www/secmail/views/actions/check-signature.json.rb
index 5538bf4..ab96bd5 100644
--- a/www/secmail/views/actions/check-signature.json.rb
+++ b/www/secmail/views/actions/check-signature.json.rb
@@ -40,8 +40,8 @@
   ignore.each {|re| err.gsub! re, ''}
 
 ensure
-  File.unlink attachment.path.untaint if attachment
-  File.unlink signature.path.untaint if signature
+  attachment.unlink if attachment
+  signature.unlink if signature
 end
 
 {output: out, error: err, rc: rc.exitstatus}
diff --git a/www/secmail/views/actions/drop.json.rb b/www/secmail/views/actions/drop.json.rb
index 73c4923..e0218fd 100644
--- a/www/secmail/views/actions/drop.json.rb
+++ b/www/secmail/views/actions/drop.json.rb
@@ -8,7 +8,7 @@
   source = message.find(@source).as_pdf
   target = message.find(@target).as_pdf
 
-  output = Tempfile.new('output')
+  output = SafeTempFile.new('output')
 
   Kernel.system 'pdftk', target.path, source.path, 'cat', 'output',
     output.path
@@ -21,9 +21,9 @@
   message.delete_attachment @source
 
 ensure
-  File.unlink source.path.untaint if source
-  File.unlink target.path.untaint if target
-  File.unlink output.path.untaint if output
+  source.unlink if source
+  target.unlink if target
+  output.unlink if output
 end
 
 {attachments: message.attachments, selected: name}
diff --git a/www/secmail/views/actions/rotate-attachment.json.rb b/www/secmail/views/actions/rotate-attachment.json.rb
index d61000b..03f012d 100644
--- a/www/secmail/views/actions/rotate-attachment.json.rb
+++ b/www/secmail/views/actions/rotate-attachment.json.rb
@@ -11,7 +11,7 @@
   direction = 'Left' if @direction.include? 'left'
   direction = 'Down' if @direction.include? 'flip'
 
-  output = Tempfile.new('output')
+  output = SafeTempFile.new('output')
 
   Kernel.system 'pdftk', selected.path, 'cat', "1-end#{direction}", 'output',
     output.path

Mime
View raw message