File CVE-2020-8184.patch of Package rubygem-rack.16422

From a2435106dc1216d8785fcac68ef53030bb484b92 Mon Sep 17 00:00:00 2001
From: Matt Langlois <fletchto99@gmail.com>
Date: Fri, 12 Jun 2020 15:59:05 -0400
Subject: [PATCH] When parsing cookies, only decode the values

[CVE-2020-8184]
---
 lib/rack/request.rb  | 8 ++++++--
 test/spec_request.rb | 6 ++++
 2 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/lib/rack/utils.rb b/lib/rack/utils.rb
index ace4407..492f9bc 100644
--- a/lib/rack/request.rb
+++ b/lib/rack/request.rb
@@ -304,8 +304,12 @@ def cookies
       #   the Cookie header such that those with more specific Path attributes
       #   precede those with less specific.  Ordering with respect to other
       #   attributes (e.g., Domain) is unspecified.
-      cookies = Utils.parse_query(string, ';,') { |s| Rack::Utils.unescape(s) rescue s }
-      cookies.each { |k,v| hash[k] = Array === v ? v.first : v }
+      return {} unless string
+      string.split(/[;,] */n).each do |cookie|
+        next if cookie.empty?
+        key, value = cookie.split('=', 2)
+        hash[key] = (Rack::Utils.unescape(value) rescue value) unless hash.key?(key)
+      end
       @env["rack.request.cookie_string"] = string
       hash
     end
diff --git a/test/spec_request.rb b/test/spec_request.rb
index 8025613..68880da 100644
--- a/test/spec_request.rb
+++ b/test/spec_request.rb
@@ -439,6 +439,12 @@ describe Rack::Request do
     req.cookies.should.equal({})
   end
 
+  should "parse cookies with encoded names" do
+    req = Rack::Request.new \
+      Rack::MockRequest.env_for("", "HTTP_COOKIE" => "%66oo=baz;foo=bar")
+    req.cookies.should.equal "%66oo" => "baz", "foo" => "bar"
+  end
+
   should "always return the same hash object" do
     req = Rack::Request.new \
       Rack::MockRequest.env_for("", "HTTP_COOKIE" => "foo=bar;quux=h&m")
-- 
2.26.2