summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorshyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2009-02-04 05:27:05 (GMT)
committershyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>2009-02-04 05:27:05 (GMT)
commitfead30adbbfd79090804aad5f74d8a54b7d4ba2c (patch)
tree67524131a816507aaad686ebe7d355b23977747b
parent6249e5f7742f88c7716330b0856da81cd6da74d9 (diff)
merge revision(s) 20072:
* dir.c (dir_globs): need taint check. reported by steve <oksteev at gmail.com> git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@22028 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r--ChangeLog5
-rw-r--r--dir.c2
-rw-r--r--version.h8
3 files changed, 10 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index 38fab47..0f20633 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Wed Feb 4 14:26:58 2009 Yukihiro Matsumoto <matz@ruby-lang.org>
+
+ * dir.c (dir_globs): need taint check. reported by steve
+ <oksteev at gmail.com>
+
Tue Feb 3 14:35:26 2009 Kazuhiro NISHIYAMA <zn@mbf.nifty.com>
* lib/net/pop.rb: check for invalid APOP timestamp. (CVE-2007-1558)
diff --git a/dir.c b/dir.c
index c2c3f94..710299e 100644
--- a/dir.c
+++ b/dir.c
@@ -1660,7 +1660,7 @@ dir_globs(argc, argv, flags)
for (i = 0; i < argc; ++i) {
int status;
VALUE str = argv[i];
- StringValue(str);
+ SafeStringValue(str);
status = push_glob(ary, RSTRING(str)->ptr, flags);
if (status) GLOB_JUMP_TAG(status);
}
diff --git a/version.h b/version.h
index 57c5905..02653b0 100644
--- a/version.h
+++ b/version.h
@@ -1,15 +1,15 @@
#define RUBY_VERSION "1.8.7"
-#define RUBY_RELEASE_DATE "2009-02-03"
+#define RUBY_RELEASE_DATE "2009-02-04"
#define RUBY_VERSION_CODE 187
-#define RUBY_RELEASE_CODE 20090203
-#define RUBY_PATCHLEVEL 104
+#define RUBY_RELEASE_CODE 20090204
+#define RUBY_PATCHLEVEL 105
#define RUBY_VERSION_MAJOR 1
#define RUBY_VERSION_MINOR 8
#define RUBY_VERSION_TEENY 7
#define RUBY_RELEASE_YEAR 2009
#define RUBY_RELEASE_MONTH 2
-#define RUBY_RELEASE_DAY 3
+#define RUBY_RELEASE_DAY 4
#ifdef RUBY_EXTERN
RUBY_EXTERN const char ruby_version[];