[ruby-core:91812] [Ruby trunk Bug#15662] Fix CSV delegation to missing StringIO

[ruby-core:91812] [Ruby trunk Bug#15662] Fix CSV delegation to missing StringIO

[gsamokovarov]

Issue #15662 has been reported by gsamokovarov (Genadi Samokovarov).

----------------------------------------
Bug #15662: Fix CSV delegation to missing StringIO
https://bugs.ruby-lang.org/issues/15662

* Author: gsamokovarov (Genadi Samokovarov)
* Status: Open
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: 
* Backport: 2.4: UNKNOWN, 2.5: UNKNOWN, 2.6: UNKNOWN
----------------------------------------
If you create a CSV from raw content like:

      csv = CSV.new("h1,h2")

You'll get method missing when calling `csv.path` but still, get `true` when you call `csv.respond_to?(:path)`.

This tricks 3rd party libraries like carrierwave which try to call `path` on their input if it responds to it.

See https://github.com/carrierwaveuploader/carrierwave/blob/a91ab69fdd8052cdf5a5e48ef8baf40939e441fb/lib/carrierwave/sanitized_file.rb#L109-L123

This stops me from passing CSV objects as StringIO's into carrierwave uploads, for example, but the problem can also be manifested in other 3rd party libraries, as responding to a method and returning a `NoMethodError` when calling it is still an unexpected behavior.

I have gone through the CSV delegation scheme and made sure that every method that StringIO doesn't respond to returns a meaningful zero value and does not raise a `NoMethodError` while used through a CSV Instance.



-- 
https://bugs.ruby-lang.org/

[ruby-core:91813] [Ruby trunk Bug#15662] Fix CSV delegation to missing StringIO

[gsamokovarov]

Issue #15662 has been updated by gsamokovarov (Genadi Samokovarov).


I have opened a PR on GitHub's tracker with the changes: https://github.com/ruby/ruby/pull/2094

----------------------------------------
Bug #15662: Fix CSV delegation to missing StringIO
https://bugs.ruby-lang.org/issues/15662#change-77086

* Author: gsamokovarov (Genadi Samokovarov)
* Status: Open
* Priority: Normal
* Assignee: 
* Target version: 
* ruby -v: 
* Backport: 2.4: UNKNOWN, 2.5: UNKNOWN, 2.6: UNKNOWN
----------------------------------------
If you create a CSV from raw content like:

      csv = CSV.new("h1,h2")

You'll get method missing when calling `csv.path` but still, get `true` when you call `csv.respond_to?(:path)`.

This tricks 3rd party libraries like carrierwave which try to call `path` on their input if it responds to it.

See https://github.com/carrierwaveuploader/carrierwave/blob/a91ab69fdd8052cdf5a5e48ef8baf40939e441fb/lib/carrierwave/sanitized_file.rb#L109-L123

This stops me from passing CSV objects as StringIO's into carrierwave uploads, for example, but the problem can also be manifested in other 3rd party libraries, as responding to a method and returning a `NoMethodError` when calling it is still an unexpected behavior.

I have gone through the CSV delegation scheme and made sure that every method that StringIO doesn't respond to returns a meaningful zero value and does not raise a `NoMethodError` while used through a CSV Instance.



-- 
https://bugs.ruby-lang.org/

[ruby-core:91818] [Ruby trunk Bug#15662] Fix CSV delegation to missing StringIO

[kou]

Issue #15662 has been updated by kou (Kouhei Sutou).

Assignee set to kou (Kouhei Sutou)
Status changed from Open to Assigned

Could you use https://github.com/ruby/csv instead of ruby/ruby?
ruby/csv is the upstream repository.

----------------------------------------
Bug #15662: Fix CSV delegation to missing StringIO
https://bugs.ruby-lang.org/issues/15662#change-77090

* Author: gsamokovarov (Genadi Samokovarov)
* Status: Assigned
* Priority: Normal
* Assignee: kou (Kouhei Sutou)
* Target version: 
* ruby -v: 
* Backport: 2.4: UNKNOWN, 2.5: UNKNOWN, 2.6: UNKNOWN
----------------------------------------
If you create a CSV from raw content like:

      csv = CSV.new("h1,h2")

You'll get method missing when calling `csv.path` but still, get `true` when you call `csv.respond_to?(:path)`.

This tricks 3rd party libraries like carrierwave which try to call `path` on their input if it responds to it.

See https://github.com/carrierwaveuploader/carrierwave/blob/a91ab69fdd8052cdf5a5e48ef8baf40939e441fb/lib/carrierwave/sanitized_file.rb#L109-L123

This stops me from passing CSV objects as StringIO's into carrierwave uploads, for example, but the problem can also be manifested in other 3rd party libraries, as responding to a method and returning a `NoMethodError` when calling it is still an unexpected behavior.

I have gone through the CSV delegation scheme and made sure that every method that StringIO doesn't respond to returns a meaningful zero value and does not raise a `NoMethodError` while used through a CSV Instance.



-- 
https://bugs.ruby-lang.org/

[ruby-core:91856] [Ruby trunk Bug#15662] Fix CSV delegation to missing StringIO

[gsamokovarov]

Issue #15662 has been updated by gsamokovarov (Genadi Samokovarov).


We resolved it in https://github.com/ruby/csv/pull/80. Thank you @kou 🙇‍♂️!

----------------------------------------
Bug #15662: Fix CSV delegation to missing StringIO
https://bugs.ruby-lang.org/issues/15662#change-77127

* Author: gsamokovarov (Genadi Samokovarov)
* Status: Assigned
* Priority: Normal
* Assignee: kou (Kouhei Sutou)
* Target version: 
* ruby -v: 
* Backport: 2.4: UNKNOWN, 2.5: UNKNOWN, 2.6: UNKNOWN
----------------------------------------
If you create a CSV from raw content like:

      csv = CSV.new("h1,h2")

You'll get method missing when calling `csv.path` but still, get `true` when you call `csv.respond_to?(:path)`.

This tricks 3rd party libraries like carrierwave which try to call `path` on their input if it responds to it.

See https://github.com/carrierwaveuploader/carrierwave/blob/a91ab69fdd8052cdf5a5e48ef8baf40939e441fb/lib/carrierwave/sanitized_file.rb#L109-L123

This stops me from passing CSV objects as StringIO's into carrierwave uploads, for example, but the problem can also be manifested in other 3rd party libraries, as responding to a method and returning a `NoMethodError` when calling it is still an unexpected behavior.

I have gone through the CSV delegation scheme and made sure that every method that StringIO doesn't respond to returns a meaningful zero value and does not raise a `NoMethodError` while used through a CSV Instance.



-- 
https://bugs.ruby-lang.org/

[ruby-core:91857] [Ruby trunk Bug#15662] Fix CSV delegation to missing StringIO

[kou]

Issue #15662 has been updated by kou (Kouhei Sutou).

Status changed from Assigned to Closed

Thanks!

----------------------------------------
Bug #15662: Fix CSV delegation to missing StringIO
https://bugs.ruby-lang.org/issues/15662#change-77128

* Author: gsamokovarov (Genadi Samokovarov)
* Status: Closed
* Priority: Normal
* Assignee: kou (Kouhei Sutou)
* Target version: 
* ruby -v: 
* Backport: 2.4: UNKNOWN, 2.5: UNKNOWN, 2.6: UNKNOWN
----------------------------------------
If you create a CSV from raw content like:

      csv = CSV.new("h1,h2")

You'll get method missing when calling `csv.path` but still, get `true` when you call `csv.respond_to?(:path)`.

This tricks 3rd party libraries like carrierwave which try to call `path` on their input if it responds to it.

See https://github.com/carrierwaveuploader/carrierwave/blob/a91ab69fdd8052cdf5a5e48ef8baf40939e441fb/lib/carrierwave/sanitized_file.rb#L109-L123

This stops me from passing CSV objects as StringIO's into carrierwave uploads, for example, but the problem can also be manifested in other 3rd party libraries, as responding to a method and returning a `NoMethodError` when calling it is still an unexpected behavior.

I have gone through the CSV delegation scheme and made sure that every method that StringIO doesn't respond to returns a meaningful zero value and does not raise a `NoMethodError` while used through a CSV Instance.



-- 
https://bugs.ruby-lang.org/