* lib/cgi.rb (CGI::Cookie): should handle multiple values for a

  cookie name.  [ruby-talk:156140]

* string.c (rb_str_substr): should propagate taintness even for
  empty strings.  [ruby-dev:27121]

* string.c (rb_str_aref): should infect result if range argument
  is tainted.  [ruby-dev:27121]


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@9200 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

4 files changed, 27 insertions, 8 deletions

diff --git a/ChangeLog b/ChangeLog
index 5047f0b32f..49d0cb3e35 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Sat Sep 17 23:20:27 2005  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* lib/cgi.rb (CGI::Cookie): should handle multiple values for a
+	  cookie name.  [ruby-talk:156140]
+
 Sat Sep 17 10:42:13 2005  Hidetoshi NAGAI  <nagai@ai.kyutech.ac.jp>
 
 	* ext/tk/lib/multi-tk.rb: MultiTkIp#eval_string and bg_eval_string
@@ -5,6 +10,14 @@ Sat Sep 17 10:42:13 2005  Hidetoshi NAGAI  <nagai@ai.kyutech.ac.jp>
 	  safe-level (Of course, the given script should be evaluated on 
 	  slave's safe-level).
 
+Sat Sep 17 09:45:26 2005  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* string.c (rb_str_substr): should propagate taintness even for
+	  empty strings.  [ruby-dev:27121]
+
+	* string.c (rb_str_aref): should infect result if range argument
+	  is tainted.  [ruby-dev:27121]
+
 Sat Sep 17 08:35:39 2005  Kouhei Sutou  <kou@cozmixng.org>
 
 	* lib/rss/maker/base.rb (RSS::Maker::ItemsBase#normalize): fixed
diff --git a/io.c b/io.c
index 6d5b4f9920..e3bc73a2dd 100644
--- a/io.c
+++ b/io.c
@@ -32,7 +32,7 @@
 # define NO_LONG_FNAME
 #endif
 
-#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(sun) || defined(_nec_ews)
+#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__DragonFly__) || defined(sun) || defined(_nec_ews)
 # define USE_SETVBUF
 #endif
 
diff --git a/lib/cgi.rb b/lib/cgi.rb
index 7c84f64640..b18a03524c 100644
--- a/lib/cgi.rb
+++ b/lib/cgi.rb
@@ -870,15 +870,16 @@ class CGI
     cookies = Hash.new([])
     return cookies unless raw_cookie
 
-    raw_cookie.split(/; /).each do |pairs|
+    raw_cookie.split(/[;,] /).each do |pairs|
       name, values = pairs.split('=',2)
       next unless name and values
       name = CGI::unescape(name)
       values ||= ""
       values = values.split('&').collect{|v| CGI::unescape(v) }
-      unless cookies.has_key?(name)
-        cookies[name] = Cookie::new({ "name" => name, "value" => values })
+      if cookies.has_key?(name)
+        values = cookies[name].value + values
       end
+      cookies[name] = Cookie::new({ "name" => name, "value" => values })
     end
 
     cookies
diff --git a/string.c b/string.c
index 206ef70691..ccfda5c8f4 100644
--- a/string.c
+++ b/string.c
@@ -605,9 +605,10 @@ rb_str_substr(str, beg, len)
     if (len < 0) {
 	len = 0;
     }
-    if (len == 0) return rb_str_new5(str,0,0);
-
-    if (len > sizeof(struct RString)/2 &&
+    if (len == 0) {
+	str2 = rb_str_new5(str,0,0);
+    }
+    else if (len > sizeof(struct RString)/2 &&
 	beg + len == RSTRING(str)->len && !FL_TEST(str, STR_ASSOC)) {
 	str2 = rb_str_new3(rb_str_new4(str));
 	RSTRING(str2)->ptr += RSTRING(str2)->len - len;
@@ -1539,13 +1540,17 @@ rb_str_aref(str, indx)
 	/* check if indx is Range */
 	{
 	    long beg, len;
+	    VALUE tmp;
+
 	    switch (rb_range_beg_len(indx, &beg, &len, RSTRING(str)->len, 0)) {
 	      case Qfalse:
 		break;
 	      case Qnil:
 		return Qnil;
 	      default:
-		return rb_str_substr(str, beg, len);
+		tmp = rb_str_substr(str, beg, len);
+		OBJ_INFECT(tmp, indx);
+		return tmp;
 	    }
 	}
 	idx = NUM2LONG(indx);