diff options
-rw-r--r-- | ChangeLog | 5 | ||||
-rw-r--r-- | test/net/ftp/test_ftp.rb | 18 | ||||
-rw-r--r-- | version.h | 6 |
3 files changed, 26 insertions, 3 deletions
@@ -1,3 +1,8 @@ +Fri Dec 15 00:08:26 2017 NAKAMURA Usaku <usa@ruby-lang.org> + + * test/net/ftp/test_ftp.rb (process_port_or_eprt): merge a part of + r56973 to pass the test introduced at previous commit. + Thu Dec 14 22:52:11 2017 Shugo Maeda <shugo@ruby-lang.org> Fix a command injection vulnerability in Net::FTP. diff --git a/test/net/ftp/test_ftp.rb b/test/net/ftp/test_ftp.rb index 91a6002c5c..52e5873d61 100644 --- a/test/net/ftp/test_ftp.rb +++ b/test/net/ftp/test_ftp.rb @@ -1081,4 +1081,22 @@ EOF end end end + + def process_port_or_eprt(sock, line) + case line + when /\APORT (.*)/ + port_args = $1.split(/,/) + host = port_args[0, 4].join(".") + port = port_args[4, 2].map(&:to_i).inject {|x, y| (x << 8) + y} + sock.print("200 PORT command successful.\r\n") + return host, port + when /\AEPRT \|2\|(.*?)\|(.*?)\|/ + host = $1 + port = $2.to_i + sock.print("200 EPRT command successful.\r\n") + return host, port + else + flunk "PORT or EPRT expected" + end + end end @@ -1,10 +1,10 @@ #define RUBY_VERSION "2.2.9" -#define RUBY_RELEASE_DATE "2017-12-14" -#define RUBY_PATCHLEVEL 479 +#define RUBY_RELEASE_DATE "2017-12-15" +#define RUBY_PATCHLEVEL 480 #define RUBY_RELEASE_YEAR 2017 #define RUBY_RELEASE_MONTH 12 -#define RUBY_RELEASE_DAY 14 +#define RUBY_RELEASE_DAY 15 #include "ruby/version.h" |