rubygems-update 3.4.19 → 3.4.21

data/test/rubygems/test_gem_installer.rb

@@ -204,8 +204,8 @@ gem 'other', version
       bin_dir = bin_dir.downcase
     end
 
-    orig_PATH, ENV["PATH"] =
-      ENV["PATH"], [ENV["PATH"], bin_dir].join(File::PATH_SEPARATOR)
+    orig_PATH = ENV["PATH"]
+    ENV["PATH"] = [ENV["PATH"], bin_dir].join(File::PATH_SEPARATOR)
 
     use_ui @ui do
       installer.check_that_user_bin_dir_is_in_path
@@ -229,8 +229,8 @@ gem 'other', version
   def test_check_that_user_bin_dir_is_in_path_tilde
     pend "Tilde is PATH is not supported under MS Windows" if win_platform?
 
-    orig_PATH, ENV["PATH"] =
-      ENV["PATH"], [ENV["PATH"], "~/bin"].join(File::PATH_SEPARATOR)
+    orig_PATH = ENV["PATH"]
+    ENV["PATH"] = [ENV["PATH"], "~/bin"].join(File::PATH_SEPARATOR)
 
     installer = setup_base_installer
     installer.bin_dir.replace File.join @userhome, "bin"
@@ -467,14 +467,14 @@ gem 'other', version
     elsif Process.uid.zero?
       pend("test_generate_bin_script_no_perms skipped in root privilege")
     else
-      FileUtils.chmod 0000, util_inst_bindir
+      FileUtils.chmod 0o000, util_inst_bindir
 
       assert_raise Gem::FilePermissionError do
         installer.generate_bin
       end
     end
   ensure
-    FileUtils.chmod 0755, util_inst_bindir unless ($DEBUG || win_platform?)
+    FileUtils.chmod 0o755, util_inst_bindir unless ($DEBUG || win_platform?)
   end
 
   def test_generate_bin_script_no_shebang
@@ -571,14 +571,14 @@ gem 'other', version
     elsif Process.uid.zero?
       pend("test_user_install_disabled_read_only test skipped in root privilege")
     else
-      FileUtils.chmod 0000, util_inst_bindir
+      FileUtils.chmod 0o000, util_inst_bindir
 
       assert_raise Gem::FilePermissionError do
         installer.generate_bin
       end
     end
   ensure
-    FileUtils.chmod 0755, util_inst_bindir unless ($DEBUG || win_platform?)
+    FileUtils.chmod 0o755, util_inst_bindir unless ($DEBUG || win_platform?)
   end
 
   def test_generate_bin_symlink_update_newer
@@ -816,7 +816,7 @@ gem 'other', version
 
     util_build_gem spec
 
-    File.chmod(0555, Gem.plugindir)
+    File.chmod(0o555, Gem.plugindir)
     system_path = File.join(Gem.plugindir, "a_plugin.rb")
     user_path = File.join(Gem.plugindir(Gem.user_dir), "a_plugin.rb")
     installer = util_installer spec, Gem.dir, :user
@@ -838,7 +838,7 @@ gem 'other', version
 
     util_build_gem spec
 
-    File.chmod(0555, Gem.plugindir)
+    File.chmod(0o555, Gem.plugindir)
     system_path = File.join(Gem.plugindir, "a_plugin.rb")
 
     build_root = File.join(@tempdir, "build_root")
@@ -1032,8 +1032,8 @@ end
     exe = File.join gemdir, "bin", "executable"
     assert_path_exist exe
 
-    exe_mode = File.stat(exe).mode & 0111
-    assert_equal 0111, exe_mode, "0%o" % exe_mode unless win_platform?
+    exe_mode = File.stat(exe).mode & 0o111
+    assert_equal 0o111, exe_mode, "0%o" % exe_mode unless win_platform?
 
     assert_path_exist File.join gemdir, "lib", "code.rb"
 
@@ -1617,7 +1617,7 @@ end
         installer.install
       end
       assert_path_exist so
-    rescue
+    rescue StandardError
       puts "-" * 78
       puts File.read File.join(@gemhome, "gems", "a-2", "Makefile")
       puts "-" * 78
@@ -2021,7 +2021,7 @@ end
 
     bin_env = get_bin_env
 
-    assert_equal("#!#{bin_env} #{RbConfig::CONFIG['ruby_install_name']}",
+    assert_equal("#!#{bin_env} #{RbConfig::CONFIG["ruby_install_name"]}",
                  shebang)
   end
 
@@ -2498,7 +2498,7 @@ end
   end
 
   def mask
-    0100755
+    0o100755
   end
 
   def load_relative(value)

data/test/rubygems/test_gem_package.rb

@@ -205,7 +205,8 @@ class TestGemPackage < Gem::Package::TarTestCase
 
     tar.rewind
 
-    files, symlinks = [], []
+    files = []
+    symlinks = []
 
     Gem::Package::TarReader.new tar do |tar_io|
       tar_io.each_entry do |entry|
@@ -441,11 +442,11 @@ class TestGemPackage < Gem::Package::TarTestCase
     data_tgz = util_tar_gz {}
 
     gem = util_tar do |tar|
-      tar.add_file "data.tar.gz", 0644 do |io|
+      tar.add_file "data.tar.gz", 0o644 do |io|
         io.write data_tgz.string
       end
 
-      tar.add_file "metadata.gz", 0644 do |io|
+      tar.add_file "metadata.gz", 0o644 do |io|
         Zlib::GzipWriter.wrap io do |gzio|
           gzio.write @spec.to_yaml
         end
@@ -478,7 +479,7 @@ class TestGemPackage < Gem::Package::TarTestCase
     extracted = File.join @destination, "lib/code.rb"
     assert_path_exist extracted
 
-    mask = 0100666 & (~File.umask)
+    mask = 0o100666 & (~File.umask)
 
     assert_equal mask.to_s(8), File.stat(extracted).mode.to_s(8) unless
       win_platform?
@@ -488,11 +489,11 @@ class TestGemPackage < Gem::Package::TarTestCase
     data_tgz = util_tar_gz {}
 
     gem = util_tar do |tar|
-      tar.add_file "data.tar.gz", 0644 do |io|
+      tar.add_file "data.tar.gz", 0o644 do |io|
         io.write data_tgz.string
       end
 
-      tar.add_file "metadata.gz", 0644 do |io|
+      tar.add_file "metadata.gz", 0o644 do |io|
         Zlib::GzipWriter.wrap io do |gzio|
           gzio.write @spec.to_yaml
         end
@@ -522,14 +523,14 @@ class TestGemPackage < Gem::Package::TarTestCase
     filepath = File.join @destination, "README.rdoc"
     assert_path_exist filepath
 
-    assert_equal 0104444, File.stat(filepath).mode
+    assert_equal 0o104444, File.stat(filepath).mode
   end
 
   def test_extract_tar_gz_absolute
     package = Gem::Package.new @gem
 
     tgz_io = util_tar_gz do |tar|
-      tar.add_file "/absolute.rb", 0644 do |io|
+      tar.add_file "/absolute.rb", 0o644 do |io|
         io.write "hi"
       end
     end
@@ -547,12 +548,12 @@ class TestGemPackage < Gem::Package::TarTestCase
     package.verify
 
     tgz_io = util_tar_gz do |tar|
-      tar.add_file "relative.rb", 0644 do |io|
+      tar.add_file "relative.rb", 0o644 do |io|
         io.write "hi"
       end
 
-      tar.mkdir       "lib", 0755
-      tar.add_symlink "lib/foo.rb", "../relative.rb", 0644
+      tar.mkdir       "lib", 0o755
+      tar.add_symlink "lib/foo.rb", "../relative.rb", 0o644
     end
 
     begin
@@ -573,13 +574,39 @@ class TestGemPackage < Gem::Package::TarTestCase
                  File.read(extracted)
   end
 
+  def test_extract_symlink_into_symlink_dir
+    package = Gem::Package.new @gem
+    tgz_io = util_tar_gz do |tar|
+      tar.mkdir       "lib", 0o755
+      tar.add_symlink "lib/link", "./inside.rb", 0o644
+      tar.add_file    "lib/inside.rb", 0o644 do |io|
+        io.write "hi"
+      end
+    end
+
+    destination_subdir = File.join @destination, "subdir"
+    FileUtils.mkdir_p destination_subdir
+
+    destination_linkdir = File.join @destination, "linkdir"
+    File.symlink(destination_subdir, destination_linkdir)
+
+    package.extract_tar_gz tgz_io, destination_linkdir
+
+    extracted = File.join destination_subdir, "lib/link"
+    assert_path_exist extracted
+    assert_equal "./inside.rb",
+                 File.readlink(extracted)
+    assert_equal "hi",
+                 File.read(extracted)
+  end
+
   def test_extract_tar_gz_symlink_broken_relative_path
     package = Gem::Package.new @gem
     package.verify
 
     tgz_io = util_tar_gz do |tar|
-      tar.mkdir       "lib", 0755
-      tar.add_symlink "lib/foo.rb", "../broken.rb", 0644
+      tar.mkdir       "lib", 0o755
+      tar.add_symlink "lib/foo.rb", "../broken.rb", 0o644
     end
 
     ui = Gem::MockGemUi.new
@@ -598,9 +625,9 @@ class TestGemPackage < Gem::Package::TarTestCase
     package = Gem::Package.new @gem
 
     tgz_io = util_tar_gz do |tar|
-      tar.mkdir       "lib",               0755
-      tar.add_symlink "lib/link", "../..", 0644
-      tar.add_file    "lib/link/outside.txt", 0644 do |io|
+      tar.mkdir       "lib",               0o755
+      tar.add_symlink "lib/link", "../..", 0o644
+      tar.add_file    "lib/link/outside.txt", 0o644 do |io|
         io.write "hi"
       end
     end
@@ -642,8 +669,8 @@ class TestGemPackage < Gem::Package::TarTestCase
     pend "TMPDIR seems too long to add it as symlink into tar" if destination_user_dir.size > 90
 
     tgz_io = util_tar_gz do |tar|
-      tar.add_symlink "link", destination_user_dir, 16877
-      tar.add_symlink "link/dir", ".", 16877
+      tar.add_symlink "link", destination_user_dir, 16_877
+      tar.add_symlink "link/dir", ".", 16_877
     end
 
     expected_exceptions = win_platform? ? [Gem::Package::SymlinkError, Errno::EACCES] : [Gem::Package::SymlinkError]
@@ -666,11 +693,11 @@ class TestGemPackage < Gem::Package::TarTestCase
     package = Gem::Package.new @gem
 
     tgz_io = util_tar_gz do |tar|
-      tar.mkdir    "lib",        0755
-      tar.add_file "lib/foo.rb", 0644 do |io|
+      tar.mkdir    "lib",        0o755
+      tar.add_file "lib/foo.rb", 0o644 do |io|
         io.write "hi"
       end
-      tar.mkdir    "lib/foo", 0755
+      tar.mkdir    "lib/foo", 0o755
     end
 
     package.extract_tar_gz tgz_io, @destination
@@ -686,7 +713,7 @@ class TestGemPackage < Gem::Package::TarTestCase
     package = Gem::Package.new @gem
 
     tgz_io = util_tar_gz do |tar|
-      tar.add_file "./dot_slash.rb", 0644 do |io|
+      tar.add_file "./dot_slash.rb", 0o644 do |io|
         io.write "hi"
       end
     end
@@ -701,7 +728,7 @@ class TestGemPackage < Gem::Package::TarTestCase
     package = Gem::Package.new @gem
 
     tgz_io = util_tar_gz do |tar|
-      tar.add_file ".dot_file.rb", 0644 do |io|
+      tar.add_file ".dot_file.rb", 0o644 do |io|
         io.write "hi"
       end
     end
@@ -717,7 +744,7 @@ class TestGemPackage < Gem::Package::TarTestCase
       package = Gem::Package.new @gem
 
       tgz_io = util_tar_gz do |tar|
-        tar.add_file "foo/file.rb", 0644 do |io|
+        tar.add_file "foo/file.rb", 0o644 do |io|
           io.write "hi"
         end
       end
@@ -831,7 +858,7 @@ class TestGemPackage < Gem::Package::TarTestCase
 
   def test_verify_checksum_bad
     data_tgz = util_tar_gz do |tar|
-      tar.add_file "lib/code.rb", 0444 do |io|
+      tar.add_file "lib/code.rb", 0o444 do |io|
         io.write "# lib/code.rb"
       end
     end
@@ -841,11 +868,11 @@ class TestGemPackage < Gem::Package::TarTestCase
     gem = util_tar do |tar|
       metadata_gz = Gem::Util.gzip @spec.to_yaml
 
-      tar.add_file "metadata.gz", 0444 do |io|
+      tar.add_file "metadata.gz", 0o444 do |io|
         io.write metadata_gz
       end
 
-      tar.add_file "data.tar.gz", 0444 do |io|
+      tar.add_file "data.tar.gz", 0o444 do |io|
         io.write data_tgz
       end
 
@@ -855,7 +882,7 @@ class TestGemPackage < Gem::Package::TarTestCase
           "metadata.gz" => "bogus",
         },
       }
-      tar.add_file "checksums.yaml.gz", 0444 do |io|
+      tar.add_file "checksums.yaml.gz", 0o444 do |io|
         Zlib::GzipWriter.wrap io do |gz_io|
           gz_io.write Psych.dump bogus_checksums
         end
@@ -878,7 +905,7 @@ class TestGemPackage < Gem::Package::TarTestCase
 
   def test_verify_checksum_missing
     data_tgz = util_tar_gz do |tar|
-      tar.add_file "lib/code.rb", 0444 do |io|
+      tar.add_file "lib/code.rb", 0o444 do |io|
         io.write "# lib/code.rb"
       end
     end
@@ -888,7 +915,7 @@ class TestGemPackage < Gem::Package::TarTestCase
     gem = util_tar do |tar|
       metadata_gz = Gem::Util.gzip @spec.to_yaml
 
-      tar.add_file "metadata.gz", 0444 do |io|
+      tar.add_file "metadata.gz", 0o444 do |io|
         io.write metadata_gz
       end
 
@@ -901,13 +928,13 @@ class TestGemPackage < Gem::Package::TarTestCase
         },
       }
 
-      tar.add_file "checksums.yaml.gz", 0444 do |io|
+      tar.add_file "checksums.yaml.gz", 0o444 do |io|
         Zlib::GzipWriter.wrap io do |gz_io|
           gz_io.write Psych.dump checksums
         end
       end
 
-      tar.add_file "data.tar.gz", 0444 do |io|
+      tar.add_file "data.tar.gz", 0o444 do |io|
         io.write data_tgz
       end
     end
@@ -926,7 +953,7 @@ class TestGemPackage < Gem::Package::TarTestCase
     tf = Tempfile.open "corrupt" do |io|
       data = Gem::Util.gzip "a" * 10
       io.write \
-        tar_file_header("metadata.gz", "\000x", 0644, data.length, Time.now)
+        tar_file_header("metadata.gz", "\000x", 0o644, data.length, Time.now)
       io.write data
       io.rewind
 
@@ -943,6 +970,95 @@ class TestGemPackage < Gem::Package::TarTestCase
     tf.close!
   end
 
+  def test_verify_corrupt_tar_metadata_entry
+    gem = tar_file_header("metadata.gz", "", 0, 999, Time.now)
+
+    File.open "corrupt.gem", "wb" do |io|
+      io.write gem
+    end
+
+    package = Gem::Package.new "corrupt.gem"
+
+    e = nil
+    out_err = capture_output do
+      e = assert_raise Gem::Package::FormatError do
+        package.verify
+      end
+    end
+
+    assert_match(/(EOFError|end of file reached) in corrupt.gem/i, e.message)
+    assert_equal(["", "Exception while verifying corrupt.gem\n"], out_err)
+  end
+
+  def test_verify_corrupt_tar_checksums_entry
+    gem = tar_file_header("checksums.yaml.gz", "", 0, 100, Time.now)
+
+    File.open "corrupt.gem", "wb" do |io|
+      io.write gem
+    end
+
+    package = Gem::Package.new "corrupt.gem"
+
+    e = assert_raise Gem::Package::FormatError do
+      package.verify
+    end
+
+    assert_equal "not in gzip format in corrupt.gem", e.message
+  end
+
+  def test_verify_corrupt_tar_data_entry
+    gem = tar_file_header("data.tar.gz", "", 0, 100, Time.now)
+
+    File.open "corrupt.gem", "wb" do |io|
+      io.write gem
+    end
+
+    package = Gem::Package.new "corrupt.gem"
+
+    e = nil
+    out_err = capture_output do
+      e = assert_raise Gem::Package::FormatError do
+        package.verify
+      end
+    end
+
+    assert_match(/(EOFError|end of file reached) in corrupt.gem/i, e.message)
+    assert_equal(["", "Exception while verifying corrupt.gem\n"], out_err)
+  end
+
+  def test_corrupt_data_tar_gz
+    data_tgz = util_gzip tar_file_header("lib/code.rb", "", 0, 100, Time.now)
+    metadata_gz = util_gzip @spec.to_yaml
+
+    gem = util_tar do |tar|
+      tar.add_file "data.tar.gz", 0o444 do |io|
+        io.write data_tgz
+      end
+
+      tar.add_file "metadata.gz", 0o644 do |io|
+        io.write metadata_gz
+      end
+    end
+
+    File.open "corrupt.gem", "wb" do |io|
+      io.write gem.string
+    end
+
+    package = Gem::Package.new "corrupt.gem"
+
+    e = assert_raise Gem::Package::FormatError do
+      package.contents
+    end
+
+    assert_match(/(EOFError|end of file reached) in corrupt.gem/i, e.message)
+
+    e = assert_raise Gem::Package::FormatError do
+      package.extract_files @destination
+    end
+
+    assert_match(/(EOFError|end of file reached) in corrupt.gem/i, e.message)
+  end
+
   def test_verify_empty
     FileUtils.touch "empty.gem"
 
@@ -978,8 +1094,8 @@ class TestGemPackage < Gem::Package::TarTestCase
         build.add_metadata gem
         build.add_contents gem
 
-        gem.add_file_simple "a.sig", 0444, 0
-        gem.add_file_simple "a.sig", 0444, 0
+        gem.add_file_simple "a.sig", 0o444, 0
+        gem.add_file_simple "a.sig", 0o444, 0
       end
     end
 
@@ -1055,7 +1171,7 @@ class TestGemPackage < Gem::Package::TarTestCase
           def key; "key"; end
           def sign(*); "fake_sig"; end
         end
-        gem.add_file_signed "data2.tar.gz", 0444, fake_signer.new do |io|
+        gem.add_file_signed "data2.tar.gz", 0o444, fake_signer.new do |io|
           io.write bogus_data
         end
 

data/test/rubygems/test_gem_package_old.rb

@@ -39,7 +39,7 @@ unless Gem.java_platform? # jruby can't require the simple_gem file
       extracted = File.join @destination, "lib/foo.rb"
       assert_path_exist extracted
 
-      mask = 0100644 & (~File.umask)
+      mask = 0o100644 & (~File.umask)
 
       assert_equal mask, File.stat(extracted).mode unless win_platform?
     end

data/test/rubygems/test_gem_package_tar_header.rb

@@ -9,11 +9,11 @@ class TestGemPackageTarHeader < Gem::Package::TarTestCase
 
     header = {
       :name => "x",
-      :mode => 0644,
+      :mode => 0o644,
       :uid => 1000,
-      :gid => 10000,
+      :gid => 10_000,
       :size => 100,
-      :mtime => 12345,
+      :mtime => 12_345,
       :typeflag => "0",
       :linkname => "link",
       :uname => "user",
@@ -40,12 +40,12 @@ class TestGemPackageTarHeader < Gem::Package::TarTestCase
     assert_equal "",      @tar_header.checksum, "checksum"
     assert_equal 1,       @tar_header.devmajor, "devmajor"
     assert_equal 2,       @tar_header.devminor, "devminor"
-    assert_equal 10000,   @tar_header.gid,      "gid"
+    assert_equal 10_000, @tar_header.gid, "gid"
     assert_equal "group", @tar_header.gname,    "gname"
     assert_equal "link",  @tar_header.linkname, "linkname"
     assert_equal "ustar", @tar_header.magic,    "magic"
-    assert_equal 0644,    @tar_header.mode,     "mode"
-    assert_equal 12345,   @tar_header.mtime,    "mtime"
+    assert_equal 0o644, @tar_header.mode, "mode"
+    assert_equal 12_345, @tar_header.mtime, "mtime"
     assert_equal "x",     @tar_header.name,     "name"
     assert_equal "y",     @tar_header.prefix,   "prefix"
     assert_equal 100,     @tar_header.size,     "size"
@@ -195,13 +195,13 @@ tjmather\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00
 
     tar_header = Gem::Package::TarHeader.from stream
 
-    assert_equal 1991400094, tar_header.uid
-    assert_equal 1991400094, tar_header.gid
+    assert_equal 1_991_400_094, tar_header.uid
+    assert_equal 1_991_400_094, tar_header.gid
 
     assert_equal "GeoIP2-City_20190528/", tar_header.name
-    assert_equal 0755, tar_header.mode
+    assert_equal 0o755, tar_header.mode
     assert_equal 0, tar_header.size
-    assert_equal 1559064640, tar_header.mtime
+    assert_equal 1_559_064_640, tar_header.mtime
     assert_equal 6932, tar_header.checksum
   end
 

data/test/rubygems/test_gem_package_tar_reader.rb

@@ -29,7 +29,7 @@ class TestGemPackageTarReader < Gem::Package::TarTestCase
     content = ("a".."z").to_a.join(" ")
 
     str =
-      tar_file_header("lib/foo", "", 010644, content.size, Time.now) +
+      tar_file_header("lib/foo", "", 0o10644, content.size, Time.now) +
       content + "\0" * (512 - content.size)
     str << "\0" * 1024
 
@@ -90,7 +90,7 @@ class TestGemPackageTarReader < Gem::Package::TarTestCase
 
   def test_read_in_gem_data
     gem_tar = util_gem_data_tar do |tar|
-      tar.add_file "lib/code.rb", 0444 do |io|
+      tar.add_file "lib/code.rb", 0o444 do |io|
         io.write "# lib/code.rb"
       end
     end
@@ -112,10 +112,10 @@ class TestGemPackageTarReader < Gem::Package::TarTestCase
 
   def test_seek_in_gem_data
     gem_tar = util_gem_data_tar do |tar|
-      tar.add_file "lib/code.rb", 0444 do |io|
+      tar.add_file "lib/code.rb", 0o444 do |io|
         io.write "# lib/code.rb"
       end
-      tar.add_file "lib/foo.rb", 0444 do |io|
+      tar.add_file "lib/foo.rb", 0o444 do |io|
         io.write "# lib/foo.rb"
       end
     end

data/test/rubygems/test_gem_package_tar_reader_entry.rb

@@ -177,10 +177,15 @@ class TestGemPackageTarReaderEntry < Gem::Package::TarTestCase
     assert_equal @contents[100..-1], @entry.read
   end
 
-  def test_read_partial
+  def test_readpartial
     assert_equal @contents[0...100], @entry.readpartial(100)
   end
 
+  def test_readpartial_to_eof
+    assert_equal @contents, @entry.readpartial(4096)
+    assert @entry.eof?
+  end
+
   def test_read_partial_buffer
     buffer = "".b
     @entry.readpartial(100, buffer)
@@ -189,11 +194,42 @@ class TestGemPackageTarReaderEntry < Gem::Package::TarTestCase
 
   def test_readpartial_past_eof
     @entry.readpartial(@contents.size)
+    assert @entry.eof?
     assert_raise(EOFError) do
       @entry.readpartial(1)
     end
   end
 
+  def test_read_corrupted_tar
+    corrupt_tar = String.new
+    corrupt_tar << tar_file_header("lib/foo", "", 0, 100, Time.now)
+    corrupt_tar << tar_file_contents("")
+    corrupt_entry = util_entry corrupt_tar
+
+    assert_equal "", corrupt_entry.read(0)
+    assert_equal "", corrupt_entry.read, "IO.read without len should return empty string (even though it's at an unpexpected EOF)"
+
+    corrupt_entry.rewind
+
+    assert_nil corrupt_entry.read(100), "IO.read with len should return nil as per IO.read docs"
+  ensure
+    close_util_entry(corrupt_entry) if corrupt_entry
+  end
+
+  def test_readpartial_corrupted_tar
+    corrupt_tar = String.new
+    corrupt_tar << tar_file_header("lib/foo", "", 0, 100, Time.now)
+    corrupt_tar << tar_file_contents("")
+
+    corrupt_entry = util_entry corrupt_tar
+
+    assert_raise EOFError do
+      corrupt_entry.readpartial(100)
+    end
+  ensure
+    close_util_entry(corrupt_entry) if corrupt_entry
+  end
+
   def test_rewind
     char = @entry.getc
 
@@ -295,4 +331,20 @@ class TestGemPackageTarReaderEntry < Gem::Package::TarTestCase
       assert_equal contents2.size, entry.pos
     end
   end
+
+  def test_seek_in_gzip_io_corrupted
+    @tar << tar_file_header("lib/bar", "", 0, 100, Time.now)
+    @tar << tar_file_contents("")
+
+    tgz = util_gzip(@tar)
+
+    Zlib::GzipReader.wrap StringIO.new(tgz) do |gzio|
+      util_entry(gzio).close # skip the first entry so io.pos is not 0
+      entry = util_entry(gzio)
+
+      assert_raise EOFError do
+        entry.seek(50)
+      end
+    end
+  end
 end