3 files changed, 29 insertions, 5 deletions

diff --git a/ChangeLog b/ChangeLog
index 14cd958f5a..a7cae82460 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,12 @@
+Fri Apr 22 11:49:49 2011  NARUSE, Yui  <naruse@ruby-lang.org>
+
+	* lib/xmlrpc/create.rb (XMLRPC::Create#conv2value):
+	  XML-RPC's int is 32bit int, and Fixnum also may be beyond 32bit.
+
+	* lib/xmlrpc/create.rb (XMLRPC::Create#conv2value):
+	  XML-RPC doesn't allow Infinity and NaN.
+	  http://www.xmlrpc.com/spec
+
 Fri Apr 22 04:16:14 2011  Aaron Patterson <aaron@tenderlovemaking.com>
 
 	* ext/psych/parser.c (parse): strings from psych have proper taint
diff --git a/lib/xmlrpc/create.rb b/lib/xmlrpc/create.rb
index 2d38a44b30..4e4a31e890 100644
--- a/lib/xmlrpc/create.rb
+++ b/lib/xmlrpc/create.rb
@@ -178,10 +178,8 @@ module XMLRPC
     def conv2value(param)
 
         val = case param
-        when Fixnum
-          @writer.tag("i4", param.to_s)
-
-        when Bignum
+        when Fixnum, Bignum
+          # XML-RPC's int is 32bit int, and Fixnum also may be beyond 32bit
           if Config::ENABLE_BIGINT
             @writer.tag("i4", param.to_s)
           else
@@ -208,6 +206,8 @@ module XMLRPC
           end
 
         when Float
+          raise "Wrong value Infinity. Not allowed!" if param.infinite?
+          raise "Wrong value NaN. Not allowed!" if param.nan?
           @writer.tag("double", param.to_s)
 
         when Struct
diff --git a/test/xmlrpc/test_marshal.rb b/test/xmlrpc/test_marshal.rb
index 267b43e2e2..ca029d3b06 100644
--- a/test/xmlrpc/test_marshal.rb
+++ b/test/xmlrpc/test_marshal.rb
@@ -43,7 +43,7 @@ class Test_Marshal < Test::Unit::TestCase
 
   def test_parser_values
     v1 = [
-      1, -7778,                        # integers
+      1, -7778, -(2**31), 2**31-1,     # integers
       1.0, 0.0, -333.0, 2343434343.0,  # floats
       false, true, true, false,        # booleans
       "Hallo", "with < and >", ""      # strings
@@ -81,6 +81,21 @@ class Test_Marshal < Test::Unit::TestCase
     # Struct
   end
 
+  def test_parser_invalid_values
+    values = [
+      -1-(2**31), 2**31,
+      Float::INFINITY, -Float::INFINITY, Float::NAN
+    ]
+    XMLRPC::XMLParser.each_installed_parser do |parser|
+      m = XMLRPC::Marshal.new(parser)
+
+      values.each do |v|
+        assert_raise(RuntimeError, "#{v} shouldn't be dumped, but dumped") \
+          { m.dump_response(v) }
+      end
+    end
+  end
+
   def test_no_params_tag
     # bug found by Idan Sofer