ruby-changes:5796
From: shyouhei <ko1@a...>
Date: Sun, 15 Jun 2008 23:06:28 +0900 (JST)
Subject: [ruby-changes:5796] Ruby:r17303 (ruby_1_8_6): merge revision(s) 16420,16454:
shyouhei 2008-06-15 23:06:16 +0900 (Sun, 15 Jun 2008)
New Revision: 17303
Modified files:
branches/ruby_1_8_6/ChangeLog
branches/ruby_1_8_6/defines.h
branches/ruby_1_8_6/file.c
branches/ruby_1_8_6/version.h
Log:
merge revision(s) 16420,16454:
* file.c (file_expand_path): support for alternative data stream
and ignored trailing garbages of NTFS.
* file.c (rb_file_s_basename): ditto.
* file.c (rb_file_s_extname): ditto.
* lib/webrick/httpservlet/filehandler.rb: should normalize path
name in path_info to prevent script disclosure vulnerability on
DOSISH filesystems. (fix: CVE-2008-1891)
Note: NTFS/FAT filesystem should not be published by the platforms
other than Windows. Pathname interpretation (including short
filename) is less than perfect.
* lib/webrick/httpservlet/abstract.rb
(WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
should escape the value of Location: header.
* lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
command line arguments.
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8_6/ChangeLog?r1=17303&r2=17302&diff_format=u
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8_6/version.h?r1=17303&r2=17302&diff_format=u
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8_6/file.c?r1=17303&r2=17302&diff_format=u
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi/branches/ruby_1_8_6/defines.h?r1=17303&r2=17302&diff_format=u
Index: ruby_1_8_6/ChangeLog
===================================================================
--- ruby_1_8_6/ChangeLog (revision 17302)
+++ ruby_1_8_6/ChangeLog (revision 17303)
@@ -1,3 +1,28 @@
+Sun Jun 15 23:02:12 2008 GOTOU Yuuzou <gotoyuzo@n...>
+
+ * lib/webrick/httpservlet/filehandler.rb: should normalize path
+ name in path_info to prevent script disclosure vulnerability on
+ DOSISH filesystems. (fix: CVE-2008-1891)
+ Note: NTFS/FAT filesystem should not be published by the platforms
+ other than Windows. Pathname interpretation (including short
+ filename) is less than perfect.
+
+ * lib/webrick/httpservlet/abstract.rb
+ (WEBrick::HTTPServlet::AbstracServlet#redirect_to_directory_uri):
+ should escape the value of Location: header.
+
+ * lib/webrick/httpservlet/cgi_runner.rb: accept interpreter
+ command line arguments.
+
+Sun Jun 15 23:02:12 2008 Nobuyoshi Nakada <nobu@r...>
+
+ * file.c (file_expand_path): support for alternative data stream
+ and ignored trailing garbages of NTFS.
+
+ * file.c (rb_file_s_basename): ditto.
+
+ * file.c (rb_file_s_extname): ditto.
+
Sun Jun 15 22:53:20 2008 Yukihiro Matsumoto <matz@r...>
* string.c (rb_str_cat): fixed buffer overrun reported by
Index: ruby_1_8_6/version.h
===================================================================
--- ruby_1_8_6/version.h (revision 17302)
+++ ruby_1_8_6/version.h (revision 17303)
@@ -2,7 +2,7 @@
#define RUBY_RELEASE_DATE "2008-06-15"
#define RUBY_VERSION_CODE 186
#define RUBY_RELEASE_CODE 20080615
-#define RUBY_PATCHLEVEL 209
+#define RUBY_PATCHLEVEL 210
#define RUBY_VERSION_MAJOR 1
#define RUBY_VERSION_MINOR 8
Index: ruby_1_8_6/defines.h
===================================================================
--- ruby_1_8_6/defines.h (revision 17302)
+++ ruby_1_8_6/defines.h (revision 17303)
@@ -251,6 +251,14 @@
#define ENV_IGNORECASE
#endif
+#ifndef CASEFOLD_FILESYSTEM
+# if defined DOSISH || defined __VMS
+# define CASEFOLD_FILESYSTEM 1
+# else
+# define CASEFOLD_FILESYSTEM 0
+# endif
+#endif
+
#ifndef DLEXT_MAXLEN
#define DLEXT_MAXLEN 4
#endif
Index: ruby_1_8_6/file.c
===================================================================
--- ruby_1_8_6/file.c (revision 17302)
+++ ruby_1_8_6/file.c (revision 17303)
@@ -2315,6 +2315,18 @@
#define isdirsep(x) ((x) == '/')
#endif
+#if defined _WIN32 || defined __CYGWIN__
+#define USE_NTFS 1
+#else
+#define USE_NTFS 0
+#endif
+
+#if USE_NTFS
+#define istrailinggabage(x) ((x) == '.' || (x) == ' ')
+#else
+#define istrailinggabage(x) 0
+#endif
+
#ifndef CharNext /* defined as CharNext[AW] on Windows. */
# if defined(DJGPP)
# define CharNext(p) ((p) + mblen(p, MB_CUR_MAX))
@@ -2741,23 +2753,17 @@
if (p == skiproot(buf) - 1) p++;
buflen = p - buf;
- RSTRING(result)->len = buflen;
+#if USE_NTFS
*p = '\0';
-#if USE_NTFS
- if (1 &&
-#ifdef __CYGWIN__
- !(buf[0] == '/' && !buf[1]) &&
-#endif
- !strpbrk(b = buf, "*?")) {
+ if (!strpbrk(b = buf, "*?")) {
size_t len;
WIN32_FIND_DATA wfd;
#ifdef __CYGWIN__
- int lnk_added = 0, is_symlink = 0;
+ int lnk_added = 0;
struct stat st;
char w32buf[MAXPATHLEN], sep = 0;
p = 0;
if (lstat(buf, &st) == 0 && S_ISLNK(st.st_mode)) {
- is_symlink = 1;
p = strrdirsep(buf);
if (!p) p = skipprefix(buf);
if (p) {
@@ -2770,7 +2776,8 @@
}
if (p) *p = sep;
else p = buf;
- if (is_symlink && b == w32buf) {
+ if (b == w32buf) {
+ strlcat(w32buf, p, sizeof(w32buf));
len = strlen(p);
if (len > 4 && strcasecmp(p + len - 4, ".lnk") != 0) {
lnk_added = 1;
@@ -2798,6 +2805,8 @@
#endif
if (tainted) OBJ_TAINT(result);
+ RSTRING(result)->len = buflen;
+ RSTRING(result)->ptr[buflen] = '\0';
return result;
}
@@ -2860,7 +2869,12 @@
}
if (l1 < l2) return l1;
- if (strncmp(p+l1-l2, e, l2) == 0) {
+#if CASEFOLD_FILESYSTEM
+#define fncomp strncasecmp
+#else
+#define fncomp strncmp
+#endif
+ if (fncomp(p+l1-l2, e, l2) == 0) {
return l1-l2;
}
return 0;
@@ -3023,7 +3037,7 @@
if (!p)
p = name;
else
- name = ++p;
+ p++;
e = 0;
while (*p) {
@@ -3053,7 +3067,7 @@
break;
p = CharNext(p);
}
- if (!e || e == name || e+1 == p) /* no dot, or the only dot is first or end? */
+ if (!e || e+1 == p) /* no dot, or the only dot is first or end? */
return rb_str_new(0, 0);
extname = rb_str_new(e, p - e); /* keep the dot, too! */
OBJ_INFECT(extname, fname);
--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/