From 68e41d2218f599ea28dd7f2a44c1dabb50567bbc Mon Sep 17 00:00:00 2001
From: Pere Joan Martorell Calaf <pj.martorell@gmail.com>
Date: Wed, 14 Apr 2021 12:14:18 +0200
Subject: [PATCH] Fix bug when reading content_type from a CSV object linked to
 a file

---
 lib/carrierwave/sanitized_file.rb | 2 +-
 spec/fixtures/addresses.csv       | 6 ++++++
 spec/sanitized_file_spec.rb       | 8 ++++++++
 spec/spec_helper.rb               | 1 +
 4 files changed, 16 insertions(+), 1 deletion(-)
 create mode 100644 spec/fixtures/addresses.csv

diff --git a/lib/carrierwave/sanitized_file.rb b/lib/carrierwave/sanitized_file.rb
index 6ca023d51..3a954b627 100644
--- a/lib/carrierwave/sanitized_file.rb
+++ b/lib/carrierwave/sanitized_file.rb
@@ -335,7 +335,7 @@ def marcel_magic_content_type
         end
 
         if type.nil?
-          type = Marcel::Magic.by_path(file).try(:type)
+          type = Marcel::Magic.by_path(path).try(:type)
           type = 'invalid/invalid' unless type.nil? || type.start_with?('text/')
         end
 
diff --git a/spec/fixtures/addresses.csv b/spec/fixtures/addresses.csv
new file mode 100644
index 000000000..e7bba0d3d
--- /dev/null
+++ b/spec/fixtures/addresses.csv
@@ -0,0 +1,6 @@
+John,Doe,120 jefferson st.,Riverside, NJ, 08075
+Jack,McGinnis,220 hobo Av.,Phila, PA,09119
+"John ""Da Man""",Repici,120 Jefferson St.,Riverside, NJ,08075
+Stephen,Tyler,"7452 Terrace ""At the Plaza"" road",SomeTown,SD, 91234
+,Blankman,,SomeTown, SD, 00298
+"Joan ""the bone"", Anne",Jet,"9th, at Terrace plc",Desert City,CO,00123
diff --git a/spec/sanitized_file_spec.rb b/spec/sanitized_file_spec.rb
index 4f33bd748..6c94d08da 100644
--- a/spec/sanitized_file_spec.rb
+++ b/spec/sanitized_file_spec.rb
@@ -221,6 +221,14 @@
       expect(sanitized_file.content_type).to eq("image/jpeg")
     end
 
+    it "reads content type of a CSV linked to a file" do
+      file = File.open(file_path('addresses.csv'))
+      csv_file = CSV.new(file)
+      sanitized_file = CarrierWave::SanitizedFile.new(csv_file)
+
+      expect(sanitized_file.content_type).to eq("text/csv")
+    end
+
     it "does not allow spoofing of the mime type" do
       file = File.open(file_path("zip.png"))
 
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index a99000428..59f4201e2 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -11,6 +11,7 @@
 require 'tempfile'
 require 'time'
 require 'logger'
+require 'csv'
 
 require 'carrierwave'
 require 'timecop'