From db120f504cdf58b46f68afbcdc0506f6b68e482b Mon Sep 17 00:00:00 2001
From: Nobuyoshi Nakada <nobu@ruby-lang.org>
Date: Mon, 13 Jan 2025 21:24:33 +0900
Subject: [PATCH] Revive path check

Ref #20971
---
 hash.c                |  9 ++++++---
 test/ruby/test_env.rb | 14 ++++++++++++++
 2 files changed, 20 insertions(+), 3 deletions(-)

diff --git a/hash.c b/hash.c
index 45242cee08def9..3a78d54efb019a 100644
--- a/hash.c
+++ b/hash.c
@@ -4937,7 +4937,7 @@ env_name(volatile VALUE *s)
 static VALUE env_aset(VALUE nm, VALUE val);
 
 static void
-reset_by_modified_env(const char *nam)
+reset_by_modified_env(const char *nam, const char *val)
 {
     /*
      * ENV['TZ'] = nil has a special meaning.
@@ -4948,13 +4948,16 @@ reset_by_modified_env(const char *nam)
     if (ENVMATCH(nam, TZ_ENV)) {
         ruby_reset_timezone();
     }
+    else if (val && ENVMATCH(nam, PATH_ENV)) {
+        rb_path_check(val);
+    }
 }
 
 static VALUE
 env_delete(VALUE name)
 {
     const char *nam = env_name(name);
-    reset_by_modified_env(nam);
+    reset_by_modified_env(nam, 0);
     VALUE val = getenv_with_lock(nam);
 
     if (!NIL_P(val)) {
@@ -5360,7 +5363,7 @@ env_aset(VALUE nm, VALUE val)
     get_env_ptr(value, val);
 
     ruby_setenv(name, value);
-    reset_by_modified_env(name);
+    reset_by_modified_env(name, value);
     return val;
 }
 
diff --git a/test/ruby/test_env.rb b/test/ruby/test_env.rb
index c9ec920ea9711d..2614b08fdf3583 100644
--- a/test/ruby/test_env.rb
+++ b/test/ruby/test_env.rb
@@ -189,6 +189,20 @@ def test_aset
     end
   end
 
+  unless windows
+    def test_world_writable_path
+      Dir.mktmpdir do |dir|
+        path = ENV[PATH_ENV]
+        File.chmod(0o777, dir)
+        assert_warn(/Insecure world writable dir/) do
+          ENV[PATH_ENV] = dir
+        ensure
+          ENV[PATH_ENV] = path
+        end
+      end
+    end
+  end
+
   def test_keys
     a = ENV.keys
     assert_kind_of(Array, a)