[rubygems/rubygems] Restrict what schemes are acceptable in the remote fetcher

The remote fetcher only works with certain schemes (`http`, `https`,
`s3`, and `file`).  It's possible for other schemes to show up in this
code and it can cause bugs.

Before this patch, doing `gem install path:///hello` would result in an
infinite loop because this function would do `send "fetch_path"`,
calling itself forever.  Now we see an exception.

I think we should validate gem names earlier, but it's really best
practice to restrict the possible strings passed to `send`.

ruby/rubygems@54e2781b73

Author: tenderlove

lib/rubygems/remote_fetcher.rb

@@ -245,11 +245,14 @@ def fetch_http(uri, last_modified = nil, head = false, depth = 0)
   def fetch_path(uri, mtime = nil, head = false)
     uri = Gem::Uri.new uri
 
-    unless uri.scheme
-      raise ArgumentError, "uri scheme is invalid: #{uri.scheme.inspect}"
-    end
-
-    data = send "fetch_#{uri.scheme}", uri, mtime, head
+    method = {
+      "http" => "fetch_http",
+      "https" => "fetch_http",
+      "s3" => "fetch_s3",
+      "file" => "fetch_file",
+    }.fetch(uri.scheme) { raise ArgumentError, "uri scheme is invalid: #{uri.scheme.inspect}" }
+
+    data = send method, uri, mtime, head
 
     if data && !head && uri.to_s.end_with?(".gz")
       begin