* lib/cgi.rb (CGI::QueryExtension::read_multipart): check

  multipart boundary end.  a patch from Fujioka <fuj at rabbix.jp>
  [ruby-dev:28470]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@10602 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

2 files changed, 9 insertions, 0 deletions

diff --git a/ChangeLog b/ChangeLog
index 0df37bff17..58e6e8c5ef 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+Wed Jul 26 16:06:03 2006  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* lib/cgi.rb (CGI::QueryExtension::read_multipart): check
+	  multipart boundary end.  a patch from Fujioka <fuj at rabbix.jp>
+	  [ruby-dev:28470]
+
 Wed Jul 26 01:02:59 2006  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* configure.in: suppress warnings by automake 1.8 or later.
diff --git a/lib/cgi.rb b/lib/cgi.rb
index 54dc07a5a3..8ea9c3def0 100644
--- a/lib/cgi.rb
+++ b/lib/cgi.rb
@@ -971,6 +971,7 @@ class CGI
       boundary = "--" + boundary
       buf = ""
       bufsize = 10 * 1024
+      boundary_end=""
 
       # start multipart/form-data
       stdinput.binmode if defined? stdinput.binmode
@@ -1031,6 +1032,7 @@ class CGI
           if "--" == $2
             content_length = -1
           end
+         boundary_end = $2.dup
           ""
         end
 
@@ -1064,6 +1066,7 @@ class CGI
         break if buf.size == 0
         break if content_length === -1
       end
+      raise EOFError, "bad boundary end of body part" unless boundary_end=~/--/
 
       params
     end # read_multipart