From ab42e5a486a5b27107296fa34056f03ac878e306 Mon Sep 17 00:00:00 2001
From: Jeremy Evans <code@jeremyevans.net>
Date: Thu, 14 Nov 2019 18:54:13 -0800
Subject: More fixes for $SAFE/taint post merging

---
 test/bigdecimal/test_bigdecimal.rb | 16 +++++++++-------
 test/fiddle/test_func.rb           | 12 ------------
 test/fiddle/test_handle.rb         | 23 -----------------------
 test/readline/test_readline.rb     | 35 ++++++++++++++++++++---------------
 4 files changed, 29 insertions(+), 57 deletions(-)

(limited to 'test')

diff --git a/test/bigdecimal/test_bigdecimal.rb b/test/bigdecimal/test_bigdecimal.rb
index f6ef88e3f5..0e76081431 100644
--- a/test/bigdecimal/test_bigdecimal.rb
+++ b/test/bigdecimal/test_bigdecimal.rb
@@ -155,13 +155,15 @@ class TestBigDecimal < Test::Unit::TestCase
     end
   end
 
-  def test_BigDecimal_with_tainted_string
-    Thread.new {
-      $SAFE = 1
-      BigDecimal('1'.taint)
-    }.join
-  ensure
-    $SAFE = 0
+  if RUBY_VERSION < '2.7'
+    def test_BigDecimal_with_tainted_string
+      Thread.new {
+        $SAFE = 1
+        BigDecimal('1'.taint)
+      }.join
+    ensure
+      $SAFE = 0
+    end
   end
 
   def test_BigDecimal_with_exception_keyword
diff --git a/test/fiddle/test_func.rb b/test/fiddle/test_func.rb
index d170c59a75..ca89173766 100644
--- a/test/fiddle/test_func.rb
+++ b/test/fiddle/test_func.rb
@@ -11,18 +11,6 @@ module Fiddle
       assert_nil f.call(10)
     end
 
-    def test_syscall_with_tainted_string
-      f = Function.new(@libc['system'], [TYPE_VOIDP], TYPE_INT)
-      Thread.new {
-        $SAFE = 1
-        assert_raise(SecurityError) do
-          f.call("uname -rs".dup.taint)
-        end
-      }.join
-    ensure
-      $SAFE = 0
-    end
-
     def test_sinf
       begin
         f = Function.new(@libm['sinf'], [TYPE_FLOAT], TYPE_FLOAT)
diff --git a/test/fiddle/test_handle.rb b/test/fiddle/test_handle.rb
index c0fac39908..17f9c92a11 100644
--- a/test/fiddle/test_handle.rb
+++ b/test/fiddle/test_handle.rb
@@ -8,29 +8,6 @@ module Fiddle
   class TestHandle < TestCase
     include Fiddle
 
-    def test_safe_handle_open
-      Thread.new do
-        $SAFE = 1
-        assert_raise(SecurityError) {
-          Fiddle::Handle.new(LIBC_SO.dup.taint)
-        }
-      end.join
-    ensure
-      $SAFE = 0
-    end
-
-    def test_safe_function_lookup
-      Thread.new do
-        h = Fiddle::Handle.new(LIBC_SO)
-        $SAFE = 1
-        assert_raise(SecurityError) {
-          h["qsort".dup.taint]
-        }
-      end.join
-    ensure
-      $SAFE = 0
-    end
-
     def test_to_i
       handle = Fiddle::Handle.new(LIBC_SO)
       assert_kind_of Integer, handle.to_i
diff --git a/test/readline/test_readline.rb b/test/readline/test_readline.rb
index 4e82d46d91..e1c299c3c2 100644
--- a/test/readline/test_readline.rb
+++ b/test/readline/test_readline.rb
@@ -43,19 +43,22 @@ module BasetestReadline
       assert_equal("hello", Readline::HISTORY[0])
 
       # Work around lack of SecurityError in Reline
-      # test mode with tainted prompt
-      return if kind_of?(TestRelineAsReadline)
-
-      Thread.start {
-        $SAFE = 1
-        assert_raise(SecurityError) do
-          replace_stdio(stdin.path, stdout.path) do
-            Readline.readline("> ".taint)
-          end
+      # test mode with tainted prompt.
+      # Also skip test on Ruby 2.7+, where $SAFE/taint is deprecated.
+      if RUBY_VERSION < '2.7' && !kind_of?(TestRelineAsReadline)
+        begin
+          Thread.start {
+            $SAFE = 1
+            assert_raise(SecurityError) do
+              replace_stdio(stdin.path, stdout.path) do
+                Readline.readline("> ".taint)
+              end
+            end
+          }.join
+        ensure
+          $SAFE = 0
         end
-      }.join
-    ensure
-      $SAFE = 0
+      end
     end
   end
 
@@ -96,7 +99,8 @@ module BasetestReadline
       assert_equal(12, actual_point)
       assert_equal("first complete  finish", Readline.line_buffer)
       assert_equal(Encoding.find("locale"), Readline.line_buffer.encoding)
-      assert_equal(true, Readline.line_buffer.tainted?)
+      assert_equal(true, Readline.line_buffer.tainted?) if RUBY_VERSION < '2.7'
+
       assert_equal(22, Readline.point)
 
       stdin.rewind
@@ -113,7 +117,8 @@ module BasetestReadline
       assert_equal(12, actual_point)
       assert_equal("first complete finish", Readline.line_buffer)
       assert_equal(Encoding.find("locale"), Readline.line_buffer.encoding)
-      assert_equal(true, Readline.line_buffer.tainted?)
+      assert_equal(true, Readline.line_buffer.tainted?) if RUBY_VERSION < '2.7'
+
       assert_equal(21, Readline.point)
     end
   end
@@ -526,7 +531,7 @@ module BasetestReadline
     end
 
     assert_equal('second\\ third', passed_text)
-    assert_equal('first completion', line)
+    assert_equal('first completion', line.chomp(' '))
   ensure
     Readline.completer_quote_characters = saved_completer_quote_characters
     Readline.completer_word_break_characters = saved_completer_word_break_characters
-- 
cgit v1.2.3