ruby-changes:10477
From: shyouhei <ko1@a...>
Date: Wed, 4 Feb 2009 14:27:14 +0900 (JST)
Subject: [ruby-changes:10477] Ruby:r22028 (ruby_1_8_7): merge revision(s) 20072:
shyouhei 2009-02-04 14:27:05 +0900 (Wed, 04 Feb 2009) New Revision: 22028 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=22028 Log: merge revision(s) 20072: * dir.c (dir_globs): need taint check. reported by steve <oksteev at gmail.com> Modified files: branches/ruby_1_8_7/ChangeLog branches/ruby_1_8_7/dir.c branches/ruby_1_8_7/version.h Index: ruby_1_8_7/ChangeLog =================================================================== --- ruby_1_8_7/ChangeLog (revision 22027) +++ ruby_1_8_7/ChangeLog (revision 22028) @@ -1,3 +1,8 @@ +Wed Feb 4 14:26:58 2009 Yukihiro Matsumoto <matz@r...> + + * dir.c (dir_globs): need taint check. reported by steve + <oksteev at gmail.com> + Tue Feb 3 14:35:26 2009 Kazuhiro NISHIYAMA <zn@m...> * lib/net/pop.rb: check for invalid APOP timestamp. (CVE-2007-1558) Index: ruby_1_8_7/version.h =================================================================== --- ruby_1_8_7/version.h (revision 22027) +++ ruby_1_8_7/version.h (revision 22028) @@ -1,15 +1,15 @@ #define RUBY_VERSION "1.8.7" -#define RUBY_RELEASE_DATE "2009-02-03" +#define RUBY_RELEASE_DATE "2009-02-04" #define RUBY_VERSION_CODE 187 -#define RUBY_RELEASE_CODE 20090203 -#define RUBY_PATCHLEVEL 104 +#define RUBY_RELEASE_CODE 20090204 +#define RUBY_PATCHLEVEL 105 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 8 #define RUBY_VERSION_TEENY 7 #define RUBY_RELEASE_YEAR 2009 #define RUBY_RELEASE_MONTH 2 -#define RUBY_RELEASE_DAY 3 +#define RUBY_RELEASE_DAY 4 #ifdef RUBY_EXTERN RUBY_EXTERN const char ruby_version[]; Index: ruby_1_8_7/dir.c =================================================================== --- ruby_1_8_7/dir.c (revision 22027) +++ ruby_1_8_7/dir.c (revision 22028) @@ -1660,7 +1660,7 @@ for (i = 0; i < argc; ++i) { int status; VALUE str = argv[i]; - StringValue(str); + SafeStringValue(str); status = push_glob(ary, RSTRING(str)->ptr, flags); if (status) GLOB_JUMP_TAG(status); } -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/