1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
|
Summary of the changes since 1.6.4:
: Syslog module
Imported.
: Digest module
Added as a replacement for md5 and sha1 modules.
require 'digest/md5'
include Digest
md = MD5.new
md << "abc"
puts md
puts MD5.hexdigest("123")
: Struct
Fixed to check frozen and taint status before modifying.
: String#rindex
Fixed with a bug when a regex is given. [ruby-dev:13843]
"foobar".index("b") #=> 3
"foobar".index(/b/) #=> 3
"foobar".rindex("b") #=> 3
"foobar".rindex(/b/) #=> nil <- ???
: require
Fixed with handling of a `~' to allow an extention to be omitted.
[ruby-dev:13756)
$ echo p __FILE__ > ~/a.rb
$ ruby17 -v -r~/a -e0
ruby 1.7.1 (2001-07-03) [i686-linux]
0: No such file to load -- ~/a (LoadError)
$ ruby16 -v -r~/a -e0
ruby 1.6.4 (2001-07-02) [i686-linux]
0: No such file to load -- ~/a (LoadError)
$ ruby14 -v -r~/a -e0
ruby 1.4.6 (2000-08-16) [i686-linux]
"/home/nobu/a.rb"
: String#each_line
Fixed to properly propagate taintness. [ruby-dev:13755]
: NKF::nkf
Fixed to properly propagate taintness. [ruby-dev:13754]
: ruby -x
Fixed with a bug that when a `-x' is specified the interpreter might exit
without running a script. [ruby-dev:13752]
: attr_*
Fixed to raise an error when unwanted parameters are given.
[ruby-dev:13748]
class C
def initialize
@message = 'ok'
end
attr_reader :message
end
puts C.new.message(1,2,3) # raises ArgumentError
: Readline::completion_append_characte
: Readline::completion_append_character=
Added.
: Socket::SO_*
Added.
: require / $LOAD_PATH
Changed to use a new algorithm to locate a library.
Now when requiring "foo", the following directories are searched for
the library in the order listed.
$prefix/lib/ruby/site_ruby/$ver/foo.rb
$prefix/lib/ruby/site_ruby/$ver/foo.so
$prefix/lib/ruby/site_ruby/$ver/$arch/foo.rb
$prefix/lib/ruby/site_ruby/$ver/$arch/foo.so
$prefix/lib/ruby/site_ruby/foo.rb
$prefix/lib/ruby/site_ruby/foo.so
$prefix/lib/ruby/$ver/foo.rb
$prefix/lib/ruby/$ver/foo.so
$prefix/lib/ruby/$ver/$arch/foo.rb
$prefix/lib/ruby/$ver/$arch/foo.so
./foo.rb
./foo.so
The previous behavior had a potential security risk because a
foo.rb (if exists) in the current directory is located prior to a
foo.so in $prefix/lib/ruby/site_ruby/$ver/$arch.
[ruby-bugs (PR#140)]
: lib/sync.rb
: lib/mutex_m.rb
Fixed for obj.extend(Sync_m) and obj.extend(Mutex_m).
: $SAFE / load
Fixed with a bug that a file with a tainted filename can be loaded when
1 <= $SAFE <= 3 and the second argument is true. [ruby-dev:13481]
$SAFE = 1
filename = "foo"
filename.taint
load(filename, true)
#=> true
: Regexp
Fixed for the following case. [ruby-talk:16233]
ruby -e 'puts "OK" if /(.|a)bd/ =~ "cxbd"'
ruby -e 'puts "OK" if /(a|.)bd/ =~ "cxbd"'
#=> OK
: $SAFE / def
Fixed so defining a new method is allowed under $SAFE == 4, which
previously wasn't.
ruby -e '$SAFE = 4; def a; end'
=> -e:1: Insecure operation `(null)' at level 4 (SecurityError)
: IO#ioctl
Fixed to accept a Bignum as the second argument.
Summary of the changes since 1.6.3:
: Hash#replace
Fixed so the following code does not fail in core dump.
h = { 10 => 100, 20 => 200 }
h2 = { }
h.each { |k, v|
if (k == 10)
h.delete(10)
h2.replace(h) # => Abort core dumped
end
}
: $SAFE / File::unlink
Changed to be forbidden under $SAFE >= 2.
: ruby -T4
Fixed. ARGV is now properly marked as tainted so ruby -T4 no longer
fails in SecurityError.
: Regexp
Fixed. Now \1 .. \9 always mean backreferences, and referring to
unclosed/unmatched parentheses always fails.
: String taint infection
Fixed for the following cases. [ruby-dev:13340]
# []=
s1 = "abc"
s2 = "cde".taint
s1[0]= s2
p s1.tainted? # => false
# crypt
s = "abc".taint
p s.crypt("cd").tainted? # => false
# ljust
s = "abc".taint
p s.ljust(10).tainted? # => false
# rjust
s = "abc".taint
p s.rjust(10).tainted? # => false
# center
s = "abc".taint
p s.center(10).tainted? # => false
Now they will all be marked as tainted.
: rb_yield_0()
Fixed so it adjusts a 1-element array when yielded from C API, as
well. Previously, the following code produced a wrong result:
class X
include Enumerable
def each(&block)
block.call(1)
block.call(2)
block.call(3)
end
end
x = X.new
p x.to_a #=> [[1], [2], [3]]
Now it properly produces [1, 2, 3].
: $SAFE / alias
Fixed so aliasing global variables is disallowed under $SAFE == 4.
((<ruby-dev:13287>))
: Open3::popen3
Fixed to do exit! instead of exit so the dying process does not
invoke at_exit. ((<ruby-dev:13170>))
: SizedQueue#pop
Fixed so the following code does not cause a dead lock.
((<ruby-dev:13169>))
ruby -r thread -e 'q = SizedQueue.new(1); q.push(1);'
-e 'Thread.new{sleep 1; q.pop}; q.push(1);'
: SizedQueue#max=
Fixed so it really works. ((<ruby-dev:13170>))
: Queue
: SizedQueue
Fixed to rescue ThreadError in case the thread is dead just before
calling Thread#run. ((<ruby-dev:13194>))
: Array#&
: Array#|
: Array#uniq
Fixed so they do not freeze the elements. ((<ruby-list:29665>))
(%w(foo bar) & %w(foo baz))[0].upcase!
=> -:1:in `upcase!': can't modify frozen string (TypeError)
%w(foo bar bar baz).uniq[0].upcase!
=> -:1:in `upcase!': can't modify frozen string (TypeError)
: shell.rb
shell.rb 0.6 is newly imported as a standard library, along with
documents.
: forwardable.rb
forwardable.rb 1.1 is newly imported as a standard library, along with
documents.
: irb & irb-tools
irb and irb-tools are updated to 0.7.4 and 0.7.1, respectively.
: Daylight saving time
Fixed so it is handled correctly. [ruby-bugs-ja (PR#46)]
env TZ=America/Managua ruby -e 'p Time.local(1998,12,1,0,59,59)'
=> Mon Nov 30 01:59:59 EST 1998
env TZ=America/Managua ruby -e 'p Time.local(1998,12,1,0,59,59).tv_sec'
=> 912409199
: SIGINFO
Support SIGINFO of 4.4BSD. [ruby-bugs-ja (PR#45)]
: Modifier rescue
Fixed so the following code does not emit a parse error any more.
((<ruby-dev:13073>)), ((<ruby-dev:13292>))
raise "" rescue []
raise "" rescue (p "foo"; true)
raise "" rescue -1
raise "" rescue (-1)
: Thread
Fixed so the following code does not cause a dead lock any more.
Thread.start { Thread.stop }
sleep
=> deadlock 0x40199b58: 2:0 - -:1
deadlock 0x401a2528: 2:4 (main) - -:2
-:2:in `sleep': Thread: deadlock (fatal)
from -:2
ruby 1.6.3 (2001-03-19) [i586-linux]
: Module#const_defined?
: Module#const_get
: Module#const_set
Fixed so they do not access to anything other than constants.
((<ruby-dev:13019>))
: Marshal.dump
Improved so it dumps Float with better precision: "%.12g" -> "%.16g"
((<ruby-list:29349>))
: Fixnum#[]
Fixed with a bug on the platforms which sizeof(long) > sizeof(int).
: Regular Expression
Fixed with a couple of minor bugs. ((<ruby-talk:13658>)), ((<ruby-talk:13744>))
: retry
Fixed so the following code works correctly again. ((<ruby-talk:13957>))
def WHILE(cond)
return if not cond
yield
retry
end
i=0
WHILE(i<3) {
print i
i+=1
}
ruby 1.6.2 (2000-12-25) [i586-linux]
=> 012
ruby 1.6.3 (2001-03-19) [i586-linux]
=> 0
ruby 1.6.4 (2001-05-02) [i586-linux]
=> 012
: ((<File::Stat>))#size
Fixed to return a correct value for files larger than 1G bytes.
File.open("/tmp/1GB", "w") {|f|
f.seek(2**30-1, 0)
f.puts
f.flush
p f.stat.size
}
# => ruby 1.6.3 (2001-04-03) [i586-linux]
-1073741824
# => ruby 1.6.4 (2001-04-19) [i586-linux]
1073741824
: ((<Float>))#modulo, ((<Float>))#divmod
Fixed. ((<ruby-dev:12718>))
: ((<ObjectSpace>))#_id2ref
Fixed so it does not raise a exception.
: recursive malloc problem
Fixed by preallocating a buffer for stdio using setvbuf().
((<ruby-dev:12795>))
: ((<File>))#flock
Fixed so it does not raise Errno::EACCES when the file to flock is
already locked. (only applicable to the platforms which lack
flock())
: ((<File::Stat>)).new(filename)
Added. ((<ruby-dev:12803>))
: ((<Bignum>))#% miscalculation
(Re-)Fixed.
a = 677330545177305025495135714080
b = 14269972710765292560
p a % b #=> 0
p -a % b #=>
=> ruby 1.6.3 (2001-04-02) [i386-cygwin]
0
14269972710765292560
=> ruby 1.6.4 (2001-04-19) [i586-linux]
0
0
: ((<Marshal>))
Fixed so a Bignum is properly restored through dump & load.
: Universal Naming Convention(UNC) support (win32)
Added. Now the UNC form (//host/share) is supported. Use slash
(`(({/}))') instead of backslash (`(({\}))') for separating
components.
: ((<Dir>)).glob (win32)
Fixed so it works for the current directory as well.
p Dir["./*.c"]
=> []
|
