From 076ed9a0d9bde79791741193768ebeb75490606b Mon Sep 17 00:00:00 2001
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
Date: Wed, 12 Dec 2018 14:38:09 +0900
Subject: [PATCH] Fix for wrong fnmatch patttern

Origin: https://github.com/ruby/ruby/commit/a0a2640b398cffd351f87d3f6243103add66575b
Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2019-15845

* dir.c (file_s_fnmatch): ensure that pattern does not contain a
  NUL character.  https://hackerone.com/reports/449617

Gbp-Pq: Name Fix-for-wrong-fnmatch-patttern.patch
---
 dir.c                     | 2 +-
 test/ruby/test_fnmatch.rb | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/dir.c b/dir.c
index ed72b76..7db7714 100644
--- a/dir.c
+++ b/dir.c
@@ -2529,7 +2529,7 @@ file_s_fnmatch(int argc, VALUE *argv, VALUE obj)
     else
 	flags = 0;
 
-    StringValue(pattern);
+    StringValueCStr(pattern);
     FilePathStringValue(path);
 
     if (flags & FNM_EXTGLOB) {
diff --git a/test/ruby/test_fnmatch.rb b/test/ruby/test_fnmatch.rb
index ca01a28..30250b5 100644
--- a/test/ruby/test_fnmatch.rb
+++ b/test/ruby/test_fnmatch.rb
@@ -129,4 +129,10 @@ class TestFnmatch < Test::Unit::TestCase
     assert_file.fnmatch("[a-\u3042]*", "\u3042")
     assert_file.not_fnmatch("[a-\u3042]*", "\u3043")
   end
+
+  def test_nullchar
+    assert_raise(ArgumentError) {
+      File.fnmatch("a\0z", "a")
+    }
+  end
 end
-- 
2.30.2