From 60f6d8ec66291fb3e8466b4ae0c7ed3cd19fde51 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Thu, 26 Mar 2020 10:41:48 +0000
Subject: [PATCH] Add latest changes from
 gitlab-org/security/gitlab@12-9-stable-ee

---
 lib/uploaded_file.rb           |  2 +-
 spec/lib/uploaded_file_spec.rb | 10 ++++++++++
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/lib/uploaded_file.rb b/lib/uploaded_file.rb
index 424db653fb8..f8d596b5d14 100644
--- a/lib/uploaded_file.rb
+++ b/lib/uploaded_file.rb
@@ -48,7 +48,7 @@ class UploadedFile
     return if path.blank? && remote_id.blank?
 
     file_path = nil
-    if path
+    if path.present?
       file_path = File.realpath(path)
 
       paths = Array(upload_paths) << Dir.tmpdir
diff --git a/spec/lib/uploaded_file_spec.rb b/spec/lib/uploaded_file_spec.rb
index 2bbbd67b13c..25536c07dd9 100644
--- a/spec/lib/uploaded_file_spec.rb
+++ b/spec/lib/uploaded_file_spec.rb
@@ -59,6 +59,16 @@ describe UploadedFile do
           expect(subject.sha256).to eq('sha256')
           expect(subject.remote_id).to eq('remote_id')
         end
+
+        it 'handles a blank path' do
+          params['file.path'] = ''
+
+          # Not a real file, so can't determine size itself
+          params['file.size'] = 1.byte
+
+          expect { described_class.from_params(params, :file, upload_path) }
+            .not_to raise_error
+        end
       end
     end
 
-- 
GitLab