From 6249e5f7742f88c7716330b0856da81cd6da74d9 Mon Sep 17 00:00:00 2001
From: shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Tue, 3 Feb 2009 05:35:56 +0000
Subject: merge revision(s) 19774: 	* lib/net/pop.rb: check for invalid
 APOP timestamp. (CVE-2007-1558) 	  [ruby-dev:36631] 	*
 test/net/pop/test_pop.rb: ditto.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_7@22002 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 lib/net/pop.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'lib')

diff --git a/lib/net/pop.rb b/lib/net/pop.rb
index 82cc9a747b..9a6a25266f 100644
--- a/lib/net/pop.rb
+++ b/lib/net/pop.rb
@@ -871,7 +871,7 @@ module Net
       @socket = sock
       @error_occured = false
       res = check_response(critical { recv_response() })
-      @apop_stamp = res.slice(/<.+>/)
+      @apop_stamp = res.slice(/<[!-~]+@[!-~]+>/)
     end
 
     def inspect
-- 
cgit v1.2.3