diff options
author | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-03-28 10:24:57 +0000 |
---|---|---|
committer | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2018-03-28 10:24:57 +0000 |
commit | 89133fafe70c7a3b5d04cf2be028e1eacc6e0447 (patch) | |
tree | f57ba2b0af109c4854b4d61c07bbb47a07e9c11f /ChangeLog | |
parent | eb2aca18dcb4baccf0de494f53fed4ec68e9af27 (diff) |
merge revision(s) 62989:
dir.c: check NUL bytes
* dir.c (GlobPathValue): should be used in rb_push_glob only.
other methods should use FilePathValue.
https://hackerone.com/reports/302338
* dir.c (rb_push_glob): expand GlobPathValue
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_3@62994 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'ChangeLog')
-rw-r--r-- | ChangeLog | 10 |
1 files changed, 10 insertions, 0 deletions
@@ -1,3 +1,13 @@ +Wed Mar 28 19:24:20 2018 Nobuyoshi Nakada <nobu@ruby-lang.org> + + dir.c: check NUL bytes + + * dir.c (GlobPathValue): should be used in rb_push_glob only. + other methods should use FilePathValue. + https://hackerone.com/reports/302338 + + * dir.c (rb_push_glob): expand GlobPathValue + Wed Mar 28 18:04:37 2018 Eric Wong <normalperson@yhbt.net> webrick: prevent response splitting and header injection |