From 646b83af2a8f9320b6cb7c6ee729e3d780324510 Mon Sep 17 00:00:00 2001
From: normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Fri, 22 Dec 2017 01:07:45 +0000
Subject: [PATCH] webrick/httpservlet/cgi_runner.rb: remove unnecessary open

IO#reopen already takes string path names as well as IO objects
(but not "| command" strings)

This makes further auditing for inadvertant code execution
easier.  There's no actual bugfix or behavior change here,
as no external data is passed to cgi_runner.rb.

* lib/webrick/httpservlet/cgi_runner.rb: remove Kernel#open call
  [Misc #14216]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@61398 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 lib/webrick/httpservlet/cgi_runner.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/lib/webrick/httpservlet/cgi_runner.rb b/lib/webrick/httpservlet/cgi_runner.rb
index 597f48936b..3ebbcebb26 100644
--- a/lib/webrick/httpservlet/cgi_runner.rb
+++ b/lib/webrick/httpservlet/cgi_runner.rb
@@ -23,11 +23,11 @@ STDIN.binmode
 
 len = sysread(STDIN, 8).to_i
 out = sysread(STDIN, len)
-STDOUT.reopen(open(out, "w"))
+STDOUT.reopen(out, "w")
 
 len = sysread(STDIN, 8).to_i
 err = sysread(STDIN, len)
-STDERR.reopen(open(err, "w"))
+STDERR.reopen(err, "w")
 
 len  = sysread(STDIN, 8).to_i
 dump = sysread(STDIN, len)