| Age | Commit message (Collapse) | Author |
|---|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67874 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
backport 80b5a0ff2a7709367178f29d4ebe1c54122b1c27 partially as a
securify fix for CVE-2020-10663. The patch was provided by Jeremy Evans.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67856 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67873 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67823 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
`FileTest.send(command, ...)` allows to call not only FileTest-related
methods but also any method that belongs to Kernel, Object, etc.
patched by <mame@ruby-lang.org>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67820 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
WEBrick: prevent response splitting and header injection
This is a follow up to d9d4a28.
The commit prevented CRLR, but did not address an isolated CR or an
isolated LF.
Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67819 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Loop with String#scan without creating substrings
Create the substrings necessary parts only, instead of cutting the
rest of the buffer. Also removed a useless, probable typo, regexp.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67818 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fix for wrong fnmatch patttern
* dir.c (file_s_fnmatch): ensure that pattern does not contain a
NUL character. https://hackerone.com/reports/449617
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67817 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Remove jquery.js
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67794 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Remove debug print [ci skip]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67791 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67781 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67393 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
eval.c: clear internal errinfo
* eval.c (ruby_cleanup): clear internal error info when invoking
end procs. [ruby-core:91731] [Bug #15650]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67392 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
io.c: chomp CR at the end of read buffer
* io.c (rb_io_getline_fast): chomp CR followed by LF but separated
by the read buffer boundary. [ruby-core:91707] [Bug #15642]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67391 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67303 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Update for tzdata-2018f
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67154 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67153 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
tmpdir.rb: permission of user given directory
* lib/tmpdir.rb (Dir.mktmpdir): check if the permission of the
parent directory only when using the default temporary
directory, and no check against user given directory. the
security is the user's responsibility in that case.
[ruby-core:91216] [Bug #15555]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67148 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
parse.y: unindent continued line
* parse.y (tokadd_string): stop at continued line in dedented here
documents, to dedent for each lines before removing escaped
newlines. [ruby-core:86236] [Bug #14621]
parse.y: terminator at continued line
* parse.y (here_document): a continuing line is not the
terminator. [ruby-core:86283] [Bug #14621]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@67147 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66975 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fix for bison 3.2 [Bug #15284]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66970 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Try to update cert
Try to update cert (2nd try)
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66969 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
cont.c: set th->root_fiber to current fiber at fork
Otherwise, th->root_fiber can point to an invalid Fiber,
because Fibers do not live across fork. So consider
whatever Fiber is running the root fiber.
[ruby-core:88723] [Bug #15041]
cont.c (rb_fiber_atfork): th->root_fiber may not exist
Otherwise, bootstraptest/test_fork.rb fails with -DVM_CHECK_MODE=2
[Bug #15041]
Fixes: r64589 "cont.c: set th->root_fiber to current fiber at fork"
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66968 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Normalize month-mday before finding epoch
Especially over the year 2038, 30 Feb and so on may cause odd behavior
on validating found epoch with given year-month-day [Bug #15340]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66967 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Mark array as "going to be modified" in `Array#reject!`
Before this patch, if `reject!` is called on a shared array it can
mutate the shared array rather than a copy. This patch marks the array
as "going to be modified" so that the shared source array isn't
mutated.
[Bug #15479] [ruby-core:90781]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66966 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
io.c (io_write_nonblock): add RB_GC_GUARD, io_fflush may switch threads
Since io_fflush may block on mutex or rb_io_wait_readable and
switch threads, we need to ensure the `str' VALUE returned by
`rb_obj_as_string` is visible to GC.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66965 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Move autoload to toplevel
So that classes which uses Net::HTTP with https can use OpenSSL
namespace for example exception classes like OpenSSL::SSL::SSLError.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66964 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66963 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
object.c: raise on long invalid float string
* object.c (rb_cstr_to_dbl_raise): check long invalid float
string more precisely when truncating insignificant part.
[ruby-core:86800] [Bug #14729]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66962 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
transcode.c: add GC guard on raise
* transcode.c (econv_s_search_convpath): add GC guard to fix SEGV
on raise.
[Bug #15162] [ruby-core:89172]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@66961 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65342 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65134 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
infect taint flag on Array#pack and String#unpack
with the directives "B", "b", "H" and "h".
* pack.c (pack_pack, pack_unpack_internal): infect taint flag.
* test/ruby/test_pack.rb: add test for above.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65129 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fix Kernel#singleton_method with Module#Prepend
* proc.c (rb_obj_singleton_method): search the method entry from
the origin class, for fix prepended modules. [Bug #14658]
From: Vasiliy Ermolovich <younash@gmail.com>
proc.c: fix segfault when no singleton class
* proc.c (rb_obj_singleton_method): bail out if the receiver does
not have the singleton class without accessing the origin class
not to segfault. [Bug #14658]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65118 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
mkmf.rb: ignore linker warnings
* lib/mkmf.rb (try_ldflags): ignore linker warnings. they cause
unexpected failures on OpenBSD. [ruby-core:78827] [Bug #13069]
mkmf.rb: werror on mswin
* lib/mkmf.rb (MakeMakefile#try_ldflags): enable warning checking
on mswin, link.exe warns -l options but does not fail.
[Bug #13069]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65117 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Use opt_{aref,aset} over opt_{aref,aset}_with
* compile.c (iseq_compile_each0): Use `opt_aref`/`opt_aset` over
`opt_aref_with`/`opt_aset_with` when frozen_string_literal: true,
not to resurrect the index string on non-Hash receiver.
[Fix GH-1957]
From: chopraanmol1 <chopraanmol1@gmail.com>
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65116 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
thread_sync.c (rb_mutex_lock): fix deadlock
* thread_sync.c (rb_mutex_lock): fix deadlock
[ruby-core:87467] [Bug #14841]
thread_sync.c (rb_mutex_lock): acquire lock before being killed
We (the thread acquiring the mutex) need to acquire the mutex
before being killed to work with ConditionVariable#wait.
Thus we reinstate the acquire-immediately-after-sleeping logic
from pre-r63711 while still retaining the
acquire-after-checking-for-interrupts logic from r63711.
This regression was introduced in
commit 501069b8a4013f2e3fdde35c50e9527ef0061963 (r63711)
("thread_sync.c (rb_mutex_lock): fix deadlock") for
[Bug #14841]
[ruby-core:88503] [Bug #14999] [Bug #14841]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65115 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65114 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Just a shebang is valid code
[ruby-core:89240] [Bug #15190]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65113 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
configure.in: install_name without teeny
* configure.in (RUBY_API_VERSION): remove teeny from install_name
to allow link extension libraries for the same minor version.
patched by kimuraw (Wataru Kimura) at [ruby-dev:50262].
[Bug #13931]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65112 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
check argument type.
* iseq.c (iseqw_s_compile): check argument type (T_STRING) to
avoid SEGV.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65111 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Support ubasecrt.dll 10.0.17763.1 included in Windows 10 October 2018 Update
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65110 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
suppress warning: 'const' attribute on function returning 'void'
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@65109 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[Backport #14060]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64649 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
win32.c: limit write size on console
* win32/win32.c (constat_parse): split long buffer and limit write
size on a console, as well as rb_w32_write.
[ruby-dev:50597] [Bug #14942]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64564 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
ruby.c: taint ARGV on Windows
* ruby.c (external_str_new_cstr): strings come from the external
should be tainted. [ruby-dev:50596] [Bug #14941]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64563 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
fix sum on infinity
* array.c (rb_ary_sum): consider non-finite floats.
[ruby-core:88024] [Bug #14926]
* enum.c (sum_iter): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64562 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
thread.c (do_select): fix leak on exception
When do_select is interrupted and raise happens from
RUBY_VM_CHECK_INTS_BLOCKING, the original FD sets we copied
do not get freed, leading to a memory leak. Wrap up all the
FD sets into a Ruby object to ensure the GC can release an
allocations made for rb_fdset_t.
This leak existed since Ruby 2.0.0 (r36430)
[Bug #14929]
increase timeout seconds.
* test/ruby/test_io.rb (test_select_leak): increase timeout seconds
to pass this test on a high-load machine.
60 sec is not enough at all
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64561 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
reduce tzset
* time.c (rb_localtime_r): call tzset() only after TZ environment
variable is changed.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64560 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
variable.c: fix receiver on private constant
* variable.c (rb_const_search): fix NameError :receiver attribute
on private constant, should raise with the included module, not
the ICLASS.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64559 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Bug Fix Enumerator::Lazy#uniq state for multiple call
* enumerator.c (lazy_uniq_i): create new hash for each calls.
[Fix GH-1820]
Currently
2.5.0-preview1 :001 > arr = (0..100).lazy.uniq{|i| i % 10}
=> #<Enumerator::Lazy: #<Enumerator::Lazy: 0..100>:uniq>
2.5.0-preview1 :002 > arr.to_a
=> [0, 1, 2, 3, 4, 5, 6, 7, 8, 9]
2.5.0-preview1 :003 > arr.to_a
=> []
Expected
arr.to_a to always return same output
From: Anmol Chopra <anmolchopra@rocketbox.in>
test_enumerator.rb: duplicate assertions
* test/ruby/test_enumerator.rb (test_uniq): remove assertions
which ared duplicate of lazy enumerator tests in
test_lazy_enumerator.rb.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@64558 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
