ruby-changes:19668
From: shyouhei <ko1@a...>
Date: Mon, 23 May 2011 13:49:49 +0900 (JST)
Subject: [ruby-changes:19668] shyouhei:r31713 (ruby_1_8_7): merge revision(s) 31655:
shyouhei 2011-05-23 13:49:40 +0900 (Mon, 23 May 2011) New Revision: 31713 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=rev&revision=31713 Log: merge revision(s) 31655: * eval.c (rb_thread_atfork): When a ruby process forks, its random seed shall be reinitialized to prevent CVE-2003-0900 situation. This bug affects for 1.8 and earlier series, but not for 1.9. fixed [ruby-core:34944]. * io.c (pipe_open): ditto. * random.c (rb_reset_random_seed): ditto. * intern.h (rb_reset_random_seed): ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8@31655 b2dd03c8-39d4-4d8f-98ff-823fe69b080e Signed-off-by: URABE, Shyouhei <shyouhei@r...> Modified files: branches/ruby_1_8_7/ChangeLog branches/ruby_1_8_7/eval.c branches/ruby_1_8_7/intern.h branches/ruby_1_8_7/io.c branches/ruby_1_8_7/random.c branches/ruby_1_8_7/version.h Index: ruby_1_8_7/intern.h =================================================================== --- ruby_1_8_7/intern.h (revision 31712) +++ ruby_1_8_7/intern.h (revision 31713) @@ -380,6 +380,7 @@ /* random.c */ unsigned long rb_genrand_int32(void); double rb_genrand_real(void); +void rb_reset_random_seed(void); /* re.c */ int rb_memcmp _((const void*,const void*,long)); int rb_memcicmp _((const void*,const void*,long)); Index: ruby_1_8_7/ChangeLog =================================================================== --- ruby_1_8_7/ChangeLog (revision 31712) +++ ruby_1_8_7/ChangeLog (revision 31713) @@ -1,3 +1,16 @@ +Sat May 21 05:43:03 2011 URABE Shyouhei <shyouhei@r...> + + * eval.c (rb_thread_atfork): When a ruby process forks, its random + seed shall be reinitialized to prevent CVE-2003-0900 situation. + This bug affects for 1.8 and earlier series, but not for 1.9. + fixed [ruby-core:34944]. + + * io.c (pipe_open): ditto. + + * random.c (rb_reset_random_seed): ditto. + + * intern.h (rb_reset_random_seed): ditto. + Sat May 21 04:55:15 2011 Akinori MUSHA <knu@i...> * lib/uri/generic.rb (#route_from_path): Fix a bug where Index: ruby_1_8_7/version.h =================================================================== --- ruby_1_8_7/version.h (revision 31712) +++ ruby_1_8_7/version.h (revision 31713) @@ -1,15 +1,15 @@ #define RUBY_VERSION "1.8.7" -#define RUBY_RELEASE_DATE "2011-05-21" +#define RUBY_RELEASE_DATE "2011-05-23" #define RUBY_VERSION_CODE 187 -#define RUBY_RELEASE_CODE 20110521 -#define RUBY_PATCHLEVEL 344 +#define RUBY_RELEASE_CODE 20110523 +#define RUBY_PATCHLEVEL 345 #define RUBY_VERSION_MAJOR 1 #define RUBY_VERSION_MINOR 8 #define RUBY_VERSION_TEENY 7 #define RUBY_RELEASE_YEAR 2011 #define RUBY_RELEASE_MONTH 5 -#define RUBY_RELEASE_DAY 21 +#define RUBY_RELEASE_DAY 23 #ifdef RUBY_EXTERN RUBY_EXTERN const char ruby_version[]; Index: ruby_1_8_7/io.c =================================================================== --- ruby_1_8_7/io.c (revision 31712) +++ ruby_1_8_7/io.c (revision 31713) @@ -3254,6 +3254,7 @@ rb_thread_stop_timer(); switch ((pid = fork())) { case 0: /* child */ + rb_thread_atfork(); if (modef & FMODE_READABLE) { close(pr[0]); if (pr[1] != 1) { Index: ruby_1_8_7/random.c =================================================================== --- ruby_1_8_7/random.c (revision 31712) +++ ruby_1_8_7/random.c (revision 31713) @@ -491,9 +491,15 @@ } void +rb_reset_random_seed() +{ + rand_init(random_seed()); +} + +void Init_Random() { - rand_init(random_seed()); + rb_reset_random_seed(); rb_define_global_function("srand", rb_f_srand, -1); rb_define_global_function("rand", rb_f_rand, -1); rb_global_variable(&saved_seed); Index: ruby_1_8_7/eval.c =================================================================== --- ruby_1_8_7/eval.c (revision 31712) +++ ruby_1_8_7/eval.c (revision 31713) @@ -13178,6 +13178,7 @@ { rb_thread_t th; + rb_reset_random_seed(); if (rb_thread_alone()) return; FOREACH_THREAD(th) { if (th != curr_thread) { -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/