Age | Commit message (Collapse) | Author |
|
* process.c (struct rb_exec_arg): proc should be a VALUE.
* process.c (rb_f_exec): suppress a warning.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@16775 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
name in path_info to prevent script disclosure vulnerability on
DOSISH filesystems. (fix: CVE-2008-1891)
Note: NTFS/FAT filesystem should not be published by the platforms
other than Windows. Pathname interpretation (including short
filename) is less than perfect.
* lib/webrick/httpservlet/abstract.rb
(WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
should escape the value of Location: header.
* lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
command line arguments.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@16495 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
backported from 1.8 HEAD.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@16451 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@16450 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* file.c (USE_NTFS): fixed merge miss.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@16449 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@16443 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
and ignored trailing garbages of NTFS.
* file.c (rb_file_s_basename): ditto.
* file.c (rb_file_s_extname): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@16442 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/webrick/httpservlet/filehandler.rb: should normalize path
separators in path_info to prevent directory traversal attacks
on DOSISH platforms.
reported by Digital Security Research Group [DSECRG-08-026].
* lib/webrick/httpservlet/filehandler.rb: pathnames which have
not to be published should be checked case-insensitively.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@15680 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* lib/net/http.rb: an SSL verification (the server hostname should
be matched with its certificate's commonName) is added.
this verification can be skipped by
"Net::HTTP#enable_post_connection_check=(false)".
suggested by Chris Clark <cclark at isecpartners.com>
* lib/net/open-uri.rb: use Net::HTTP#enable_post_connection_check to
perform SSL post connection check.
* ext/openssl/lib/openssl/ssl.c
(OpenSSL::SSL::SSLSocket#post_connection_check): refine error message.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13502 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
to share with strio_reopen properly. [ruby-Bugs-13919]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13489 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
changed. [ ruby-Bugs-11978 ], Thanks Florian Frank.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13486 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
environment variable. [ruby-core:12118]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13455 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13451 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-dev:31679]
* ruby.c (push_include_cygwin): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13377 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-dev:31736]
* array.c (rb_ary_splice): ditto. [ruby-dev:31737]
* array.c (rb_ary_fill): ditto. [ruby-dev:31738]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13375 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-dev:31738]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13373 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-dev:31739]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13371 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* eval.c (rb_call0): tighten security check condition..
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13369 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* configure.in (XCFLAGS): add _GNU_SOURCE on linux.
* file.c (group_member): use system routine if available.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13367 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
even on Linux/Sparc. [ruby-dev:31674]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13365 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
reg_get_val, ole_wc2mb): fix the bug. Thanks, arton.
[ruby-dev:31576]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13363 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13361 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
to an auto variable to the thread to be created. pointed and
fix by KUBO Takehiro <kubo at jiubao.org> [ruby-dev:30618]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13359 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
comment lines first.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13357 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
(big_rshift): ditto.
(rb_big_lshift): ditto.
(big_rshift): ditto.
[ruby-dev:31434]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13355 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* hash.c (rb_hash_shift): should consider iter_lev too.
* hash.c (delete_if_i): use rb_hash_delete_key() so that the block
isn't called twice. [ruby-core:11556]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13057 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
the thread is started too early. [ruby-talk:264062]
* test/rinda/test_rinda.rb: ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13055 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
device. [ruby-talk:263410]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13053 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-Bugs-12859]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13051 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13049 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ext/extmk.rb (extmake): remove mkmf.log at clean, and extconf.h at
distclean, respectively.
* ext/extmk.rb: remove rdoc at clean, and installed list file at
distclean, respectively.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13045 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
width. [ruby-core:11838]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13042 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
* ruby.c (rubylib_mangled_path, rubylib_mangled_path2): return
VALUE instead of a pointer to static buffer.
* ruby.c (push_include_cygwin): fixed buffer overflow.
[ruby-dev:31297]
* ruby.c (ruby_init_loadpath): not convert built-in paths.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13040 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
which is necessary for dir.c to compile on djgpp and emx.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13038 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
function in ruby.h already.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13036 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
old Cygwin.
* file.c (rb_file_truncate): added prototype of GetLastError()
on cygwin. [ruby-dev:31239]
* intern.h (is_ruby_native_thread): prototype.
* missing/strftime.c (strftime): fix printf format and actual
arguments.
* ext/Win32API/Win32API.c (Win32API_initialize): ditto.
* ext/tk/tcltklib.c (ip_finalize): ditto.
* ext/dl/ptr.c (rb_dlptr_inspect): ditto. [ruby-dev:31268]
* ext/dl/sym.c (rb_dlsym_inspect): ditto.
* ext/socket/getnameinfo.c: include stdio.h always.
* ext/win32ole/win32ole.c (ole_hresult2msg, folevariable_name,
folevariable_ole_type, folevariable_ole_type_detail,
folevariable_value, folemethod_visible): missing return value.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13034 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
only if extconf.h is created.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13032 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13030 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13028 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
initialize aggregations with dynamic values. [ruby-talk:259306]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-dev:31261] [ruby-bugs-12398]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13024 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
to get rid of infinite recursion. fixed calculation in edge
cases. [ruby-dev:31244]
* numeric.c (rb_fix_lshift, rb_fix_rshift): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13022 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13019 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
same timezone mode to the original. [ruby-talk:260256]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13017 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
1**n => 1, -1**n => 1 (n: even) / -1 (n: odd).
* test/ruby/test_fixnum.rb (TestFixnum::test_pow): update test
suite. pow(-3, 2^64) gives NaN when pow(3, 2^64) gives Inf.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13015 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
for regular expression. [ruby-dev:31221]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13013 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
[ruby-core:11569], [ruby-core:11570], [ruby-core:11571],
[ruby-core:11573]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@13011 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@12990 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
rb_digest_instance_finish, rb_digest_instance_reset,
rb_digest_instance_block_length): %s in rb_raise() expects char*.
[ruby-dev:31222]
* ext/openssl/ossl.h: include ossl_pkcs5.h. [ruby-dev:31231]
* ext/openssl/ossl_pkcs5.h: new file for PKCS5. [ruby-dev:31231]
* ext/openssl/ossl_x509name.c (ossl_x509name_to_s): use ossl_raise()
instead of rb_raise(). [ruby-dev:31222]
* ext/sdbm/_sdbm.c: DOSISH platforms need io.h. [ruby-dev:31232]
* ext/syck/syck.h: include stdlib.h for malloc() and free().
[ruby-dev:31232]
* ext/syck/syck.h (syck_parser_set_input_type): prototype added.
[ruby-dev:31231]
* win32/win32.c: include mbstring.h for _mbspbrk(). [ruby-dev:31232]
* win32.h (rb_w32_getcwd): prototype added. [ruby-dev:31232]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_5@12988 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|