diff options
author | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-02-03 05:34:11 +0000 |
---|---|---|
committer | shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2009-02-03 05:34:11 +0000 |
commit | 299a69922c1811df80805197da8131d5da97ab21 (patch) | |
tree | cf390ab2fb1e367f21f832c8f8375ba2bbac990e /lib/net/pop.rb | |
parent | e50a1dc13d0e4e2c41dfe67327463964c3122621 (diff) |
merge revision(s) 19774:
* lib/net/pop.rb: check for invalid APOP timestamp. (CVE-2007-1558)
[ruby-dev:36631]
* test/net/pop/test_pop.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@22000 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'lib/net/pop.rb')
-rw-r--r-- | lib/net/pop.rb | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/net/pop.rb b/lib/net/pop.rb index 6d1343eded..f896464df9 100644 --- a/lib/net/pop.rb +++ b/lib/net/pop.rb @@ -752,7 +752,7 @@ module Net @socket = sock @error_occured = false res = check_response(critical { recv_response() }) - @apop_stamp = res.slice(/<.+>/) + @apop_stamp = res.slice(/<[!-~]+@[!-~]+>/) end def inspect |