Age | Commit message (Collapse) | Author |
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/tags/v2_4_5@65137 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65134 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
infect taint flag on Array#pack and String#unpack
with the directives "B", "b", "H" and "h".
* pack.c (pack_pack, pack_unpack_internal): infect taint flag.
* test/ruby/test_pack.rb: add test for above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65129 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fix Kernel#singleton_method with Module#Prepend
* proc.c (rb_obj_singleton_method): search the method entry from
the origin class, for fix prepended modules. [Bug #14658]
From: Vasiliy Ermolovich <younash@gmail.com>
proc.c: fix segfault when no singleton class
* proc.c (rb_obj_singleton_method): bail out if the receiver does
not have the singleton class without accessing the origin class
not to segfault. [Bug #14658]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65118 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
mkmf.rb: ignore linker warnings
* lib/mkmf.rb (try_ldflags): ignore linker warnings. they cause
unexpected failures on OpenBSD. [ruby-core:78827] [Bug #13069]
mkmf.rb: werror on mswin
* lib/mkmf.rb (MakeMakefile#try_ldflags): enable warning checking
on mswin, link.exe warns -l options but does not fail.
[Bug #13069]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65117 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Use opt_{aref,aset} over opt_{aref,aset}_with
* compile.c (iseq_compile_each0): Use `opt_aref`/`opt_aset` over
`opt_aref_with`/`opt_aset_with` when frozen_string_literal: true,
not to resurrect the index string on non-Hash receiver.
[Fix GH-1957]
From: chopraanmol1 <chopraanmol1@gmail.com>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65116 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
thread_sync.c (rb_mutex_lock): fix deadlock
* thread_sync.c (rb_mutex_lock): fix deadlock
[ruby-core:87467] [Bug #14841]
thread_sync.c (rb_mutex_lock): acquire lock before being killed
We (the thread acquiring the mutex) need to acquire the mutex
before being killed to work with ConditionVariable#wait.
Thus we reinstate the acquire-immediately-after-sleeping logic
from pre-r63711 while still retaining the
acquire-after-checking-for-interrupts logic from r63711.
This regression was introduced in
commit 501069b8a4013f2e3fdde35c50e9527ef0061963 (r63711)
("thread_sync.c (rb_mutex_lock): fix deadlock") for
[Bug #14841]
[ruby-core:88503] [Bug #14999] [Bug #14841]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65115 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65114 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Just a shebang is valid code
[ruby-core:89240] [Bug #15190]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65113 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
configure.in: install_name without teeny
* configure.in (RUBY_API_VERSION): remove teeny from install_name
to allow link extension libraries for the same minor version.
patched by kimuraw (Wataru Kimura) at [ruby-dev:50262].
[Bug #13931]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65112 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
check argument type.
* iseq.c (iseqw_s_compile): check argument type (T_STRING) to
avoid SEGV.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65111 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Support ubasecrt.dll 10.0.17763.1 included in Windows 10 October 2018 Update
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65110 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
suppress warning: 'const' attribute on function returning 'void'
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65109 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[Backport #14060]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64649 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
win32.c: limit write size on console
* win32/win32.c (constat_parse): split long buffer and limit write
size on a console, as well as rb_w32_write.
[ruby-dev:50597] [Bug #14942]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64564 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
ruby.c: taint ARGV on Windows
* ruby.c (external_str_new_cstr): strings come from the external
should be tainted. [ruby-dev:50596] [Bug #14941]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64563 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
fix sum on infinity
* array.c (rb_ary_sum): consider non-finite floats.
[ruby-core:88024] [Bug #14926]
* enum.c (sum_iter): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64562 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
thread.c (do_select): fix leak on exception
When do_select is interrupted and raise happens from
RUBY_VM_CHECK_INTS_BLOCKING, the original FD sets we copied
do not get freed, leading to a memory leak. Wrap up all the
FD sets into a Ruby object to ensure the GC can release an
allocations made for rb_fdset_t.
This leak existed since Ruby 2.0.0 (r36430)
[Bug #14929]
increase timeout seconds.
* test/ruby/test_io.rb (test_select_leak): increase timeout seconds
to pass this test on a high-load machine.
60 sec is not enough at all
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64561 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
reduce tzset
* time.c (rb_localtime_r): call tzset() only after TZ environment
variable is changed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64560 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
variable.c: fix receiver on private constant
* variable.c (rb_const_search): fix NameError :receiver attribute
on private constant, should raise with the included module, not
the ICLASS.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64559 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Bug Fix Enumerator::Lazy#uniq state for multiple call
* enumerator.c (lazy_uniq_i): create new hash for each calls.
[Fix GH-1820]
Currently
2.5.0-preview1 :001 > arr = (0..100).lazy.uniq{|i| i % 10}
=> #<Enumerator::Lazy: #<Enumerator::Lazy: 0..100>:uniq>
2.5.0-preview1 :002 > arr.to_a
=> [0, 1, 2, 3, 4, 5, 6, 7, 8, 9]
2.5.0-preview1 :003 > arr.to_a
=> []
Expected
arr.to_a to always return same output
From: Anmol Chopra <anmolchopra@rocketbox.in>
test_enumerator.rb: duplicate assertions
* test/ruby/test_enumerator.rb (test_uniq): remove assertions
which ared duplicate of lazy enumerator tests in
test_lazy_enumerator.rb.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64558 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
test_gc.rb: relax criterion
* test/ruby/test_gc.rb (TestGc#test_expand_heap): relax the
criterion and compare by epsilon.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64149 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
time.rb: fix parsing time zone in iso8601
* lib/time.rb (Time.xmlschema): a colon in time zone designator
can be omitted. [ruby-core:87277] [Bug #14790]
time.rb: fix parsing time zone in iso8601
* lib/time.rb (Time.xmlschema): the minute in time zone designator
can be omitted together with the preceding colon.
[ruby-core:87277] [Bug #14790]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64148 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
error.c: check redefined backtrace result
* error.c (rb_get_backtrace): check the result of `backtrace` even
if the method is redefined. [ruby-core:87013] [Bug #14756]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64147 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64146 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
process.c (ruby_fork_ruby): fix race in signal handling
We must block signals before stopping timer-thread, otherwise
signal handing may be delayed until (and if) another signal
is received after timer-thread is restarted.
[ruby-core:87622] [Bug #14868] [Bug #13916]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64130 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
vm.c: fix infinite loop
* vm.c: use EXEC_EVENT_HOOK_AND_POP_FRAME. While exception handling, if an exception
is raised in hooks, need to pop current frame and raise this raised exception by hook.
[ruby-dev:50582] [Bug #14865]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64129 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
lib/drb/extservm.rb (service): do not return `false'
invoke_service_command may set entries in @servers to `false',
making it incompatible with the intended use of the
safe navigation operator.
This caused occasional DRb test failures, but they were hidden
with automatic retry.
[ruby-core:87524] [Bug #14856]
Fixes: r53111 ("use safe navigation operator")
commit 059c9c1cf371e049c7481c78b76e9620da52757f [GH-1142]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64128 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Remove outdated example from Numeric documentation
Since 2.5, Numeric instances can be cloned and duplicated.
[Fix GH-1850]
From: Miguel Landaeta <miguel@miguel.cc>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64127 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
`int isnan(double)` is a POSIXism
- `isnan` is something relatively new. We need to provide one for
those systems without it. However:
- X/Open defines `int isnan(double)`. Note the `int`.
- C99 defines `isnan(x)` to be a macro.
- C++11 nukes them all, undefines all the "masking macro"s, and
defines its own `bool isnan(double)`. Note the `bool`.
- In C++, `int isnan(double)` and `bool isnan(double)` are
incompatible.
- So the mess.
[Bug #14816][ruby-core:87364]
further reading: https://developers.redhat.com/blog/2016/02/29/why-cstdlib-is-more-complicated-than-you-might-think/
include/ruby/missing.h: defined(__cplusplus) before using __cplusplus
* include/ruby/missing.h (isinf, isnan): For non-C++ programs,
defined(__cplusplus) may be needed before using __cplusplus.
[Bug #14816]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64126 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
memo->u3.cnt is long not int [Bug #14805]
enum.c: mitigate overflows
* enum.c (enum_count): convert counters to Integer as unsigned
long, instead of long, to mitigate overflows.
[ruby-core:87348] [Bug #14805]
* enum.c (ary_inject_op): ditto.
* enum.c (each_with_index_i): ditto, instead of int.
* enum.c (find_index_i, find_index_iter_i): ditto, instead of
unsigned int.
enum.c: bignum counter
* enum.c (imemo_count_up, imemo_count_value): promote the counter
value to a bignum on overflow. [Bug #14805]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64125 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
see https://github.com/rubygems/rubygems/pull/2211
[ruby-core:86745] [Backport #14721]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63809 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
test_time_tz.rb: Kiritimati tzdata fix
* test/ruby/test_time_tz.rb (TestTimeTZ#test_pacific_kiritimati):
fix the expected data at the skip of New Year's Eve 1994.
[Bug #14655]
test_time_tz.rb: Kiritimati tzdata fix
* test/ruby/test_time_tz.rb (gen_zdump_test): fix the expected
data at the Kiritimati's skip of New Year's Eve 1994.
[Bug #14655]
test_time_tz.rb: Lisbon tzdata fix
* test/ruby/test_time_tz.rb (gen_variational_zdump_test): Update
Lisbon zdump data, which fixed the 1912-01-01 transition for
Portugual and its colonies. [Bug #14655]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63808 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
file.c: infect from arguments
* file.c (rb_check_realpath_internal): infetct the result with
arguments, no taint if none are tainted and cwd is not used.
[ruby-core:83583] [Bug #14060]
file.c: infect from arguments
* file.c (rb_check_realpath_internal): infetct the result with
arguments, no taint if none are tainted and cwd is not used.
[ruby-core:83583] [Bug #14060]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63807 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
win32/file.c: relative path with drive letter
* win32/file.c (IS_ABSOLUTE_PATH_P): home directory should not be
a relative path regardless a drive letter. PathIsRelativeW
returns FALSE on such path. [ruby-core:86356] [Bug #14638]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63806 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
st.c: retry operations if rebuilt
Calling the .eql? and .hash methods during a Hash operation can
result in a thread switch or a signal handler to run: allowing
one execution context to rebuild the hash table while another is
still reading or writing the table. This results in a
use-after-free bug affecting the thread_safe-0.3.6 test suite
and likely other bugs.
This bug did not affect users of commonly keys (String, Symbol,
Fixnum) as those are optimized to avoid method dispatch
for .eql? and .hash methods.
A separate version of this change needs to be ported to Ruby 2.3.x
which had a different implementation of st.c but was affected
by the same bug.
* st.c: Add comment about table rebuilding during comparison.
(DO_PTR_EQUAL_CHECK): New macro.
(REBUILT_TABLE_ENTRY_IND, REBUILT_TABLE_BIN_IND): New macros.
(find_entry, find_table_entry_ind, find_table_bin_ind): Use new
macros. Return the rebuild flag.
(find_table_bin_ptr_and_reserve): Ditto.
(st_lookup, st_get_key, st_insert, st_insert2): Retry the
operation if the table was rebuilt.
(st_general_delete, st_shift, st_update, st_general_foreach):
Ditto.
(st_rehash_linear, st_rehash_indexed): Use DO_PTR_EQUAL_CHECK.
Return the rebuild flag.
(st_rehash): Retry the operation if the table was rebuilt.
[ruby-core:85510] [Ruby trunk Bug#14357]
Thanks to Vit Ondruch for reporting the bug.
From: Vladimir Makarov <vmakarov@redhat.com>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63805 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Update url with 404 status on LEGAL file.
* Update redirected and upstream url.
* Added the Wayback Machine url for missing link.
[Bug #12762][ruby-dev:49802]
From: SHIBATA Hiroshi <hsbt@ruby-lang.org>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63804 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63691 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63690 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/rubygems.rb (Gem::VERSION): 2.6.14.2
* lib/rubygems/ext/ext_conf_builder.rb: merge from 2.7.7.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63689 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
use $(srcdir).
* win32/Makefile.sub (enc/jis/props.h): build it in not builddir,
but in srcdir.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63626 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63036 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
webrick: support Proc objects as body responses
* lib/webrick/httpresponse.rb (send_body): call send_body_proc
(send_body_proc): new method
(class ChunkedWrapper): new class
* test/webrick/test_httpresponse.rb (test_send_body_proc): new test
(test_send_body_proc_chunked): ditto
[Feature #855]
webrick/httpresponse: IO.copy_stream for regular files
Remove the redundant _send_file method since its functionality
is unnecessary with IO.copy_stream. IO.copy_stream also allows
the use of sendfile under some OSes to speed up copies to
non-TLS sockets.
Testing with "curl >/dev/null" and "ruby -run -e httpd" to
read a 1G file over Linux loopback reveals a reduction from
around ~0.770 to ~0.490 seconds on the client side.
* lib/webrick/httpresponse.rb (send_body_io): use IO.copy_stream
(_send_file): remove
[Feature #14237]
webrick: use IO.copy_stream for single range response
This is also compatible with range responses generated
by Rack::File (tested with rack 2.0.3).
* lib/webrick/httpresponse.rb (send_body_io): use Content-Range
* lib/webrick/httpservlet/filehandler.rb (make_partial_content):
use File object for the single range case
* test/webrick/test_filehandler.rb (get_res_body): use send_body
to test result
test/webrick/test_filehandler.rb: stricter multipart range test
We need to ensure we generate compatibile output in
the face of future changes
* test/webrick/test_filehandler.rb (test_make_partial_content):
check response body
webrick: quiet warning for multi-part ranges
Content-Length is ignored by WEBrick::HTTPResponse even if we
calculate it, so instead we chunk responses to HTTP/1.1 clients
and terminate HTTP/1.0 connections.
* lib/webrick/httpservlet/filehandler.rb (make_partial_content):
quiet warning
webrick/httpresponse: make ChunkedWrapper copy_stream-compatible
The .write method needs to return the number of bytes written
to avoid confusing IO.copy_stream.
* lib/webrick/httpresponse.rb (ChunkedWrapper#write): return bytes written
(ChunkedWrapper#<<): return self
webrick: use IO.copy_stream for multipart response
Use the new Proc response body feature to generate a multipart
range response dynamically. We use a flat array to minimize
object overhead as much as possible; as many ranges may fit
into an HTTP request header.
* lib/webrick/httpservlet/filehandler.rb (multipart_body): new method
(make_partial_content): use multipart_body
get rid of test error/failure on Windows introduced at r62955
* lib/webrick/httpresponse.rb (send_body_io): use seek if NotImplementedError
is raised in IO.copy_stream with offset.
* lib/webrick/httpservlet/filehandler.rb (multipart_body): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63012 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
webrick/httprequest: limit request headers size
We use the same 112 KB limit started (AFAIK) by Mongrel, Thin,
and Puma to prevent malicious users from using up all the memory
with a single request. This also limits the damage done by
excessive ranges in multipart Range: requests.
Due to the way we rely on IO#gets and the desire to keep
the code simple, the actual maximum header may be 4093 bytes
larger than 112 KB, but we're splitting hairs at that point.
* lib/webrick/httprequest.rb: define MAX_HEADER_LENGTH
(read_header): raise when headers exceed max length
webrick/httpservlet/cgihandler: reduce memory use
WEBrick::HTTPRequest#body can be passed a block to process the
body in chunks. Use this feature to avoid building a giant
string in memory.
* lib/webrick/httpservlet/cgihandler.rb (do_GET):
avoid reading entire request body into memory
(do_POST is aliased to do_GET, so it handles bodies)
webrick/httprequest: raise correct exception
"BadRequest" alone does not resolve correctly, it is in the
HTTPStatus namespace.
* lib/webrick/httprequest.rb (read_chunked): use correct exception
* test/webrick/test_httpserver.rb (test_eof_in_chunk): new test
webrick/httprequest: use InputBufferSize for chunked requests
While WEBrick::HTTPRequest#body provides a Proc interface
for streaming large request bodies, clients must not force
the server to use an excessively large chunk size.
* lib/webrick/httprequest.rb (read_chunk_size): limit each
read and block.call to :InputBufferSize in config.
* test/webrick/test_httpserver.rb (test_big_chunks): new test
webrick: add test for Digest auth-int
No changes to the actual code, this is a new test for
a feature for which no tests existed. I don't understand
the Digest authentication code well at all, but this is
necessary for the subsequent change.
* test/webrick/test_httpauth.rb (test_digest_auth_int): new test
(credentials_for_request): support bodies with POST
webrick/httpauth/digestauth: stream req.body
WARNING! WARNING! WARNING! LIKELY BROKEN CHANGE
Pass a proc to WEBrick::HTTPRequest#body to avoid reading a
potentially large request body into memory during
authentication.
WARNING! this will break apps completely which want to do
something with the body besides calculating the MD5 digest
of it.
Also, keep in mind that probably nobody uses "auth-int".
Servers such as Apache, lighttpd, nginx don't seem to
support it; nor does curl when using POST/PUT bodies;
and we didn't have tests for it until now...
* lib/webrick/httpauth/digestauth.rb (_authenticate): stream req.body
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63004 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
unixsocket.c: check NUL bytes
* ext/socket/unixsocket.c (rsock_init_unixsock): check NUL bytes.
https://hackerone.com/reports/302997
unixsocket.c: abstract namespace
* ext/socket/unixsocket.c (unixsock_path_value): fix r62991 for
Linux abstract namespace.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63003 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
webrick: prevent response splitting and header injection
Original patch by tenderlove (with minor style adjustments).
* lib/webrick/httpresponse.rb (send_header): call check_header
(check_header): raise on embedded CRLF in header value
* test/webrick/test_httpresponse.rb
(test_prevent_response_splitting_headers): new test
* (test_prevent_response_splitting_cookie_headers): ditto
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63002 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
pack.c: fix underflow
* pack.c (pack_unpack_internal): get rid of underflow.
https://hackerone.com/reports/298246
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@63001 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
dir.c: check NUL bytes
* dir.c (GlobPathValue): should be used in rb_push_glob only.
other methods should use FilePathValue.
https://hackerone.com/reports/302338
* dir.c (rb_push_glob): expand GlobPathValue
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@62999 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Ignore file separator from tmpfile/tmpdir name.
From: SHIBATA Hiroshi <hsbt@ruby-lang.org>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@62998 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
webrick: favor .write over << method
This will make the next change to use IO.copy_stream
easier-to-read. When we can drop Ruby 2.4 support in a few
years, this will allow us to use writev(2) with multiple
arguments for headers and chunked responses.
* lib/webrick/cgi.rb (write): new wrapper method
lib/webrick/httpresponse.rb: (send_header): use socket.write
(send_body_io): ditto
(send_body_string): ditto
(send_body_proc): ditto
(_write_data): ditto
(ChunkedWrapper#write): ditto
(_send_file): ditto
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@62988 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|