[前][次][番号順一覧][スレッド一覧]

ruby-changes:69914

From: NAKAMURA <ko1@a...>
Date: Wed, 24 Nov 2021 20:21:39 +0900 (JST)
Subject: [ruby-changes:69914] f69aeb8314 (ruby_2_7): merge some parts of CGI 0.1.1

https://git.ruby-lang.org/ruby.git/commit/?id=f69aeb8314

From f69aeb83146be640995753667fdd6c6f157527f5 Mon Sep 17 00:00:00 2001
From: NAKAMURA Usaku <usa@r...>
Date: Wed, 24 Nov 2021 20:21:17 +0900
Subject: merge some parts of CGI 0.1.1

	Fix integer overflow

	Make use of the check in rb_alloc_tmp_buffer2.

	When parsing cookies, only decode the values

	Bump version
---
 ext/cgi/escape/escape.c     | 3 ++-
 lib/cgi/cookie.rb           | 1 -
 lib/cgi/version.rb          | 2 +-
 test/cgi/test_cgi_cookie.rb | 5 +++++
 version.h                   | 2 +-
 5 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/ext/cgi/escape/escape.c b/ext/cgi/escape/escape.c
index 47188819cdc..feedea34c8f 100644
--- a/ext/cgi/escape/escape.c
+++ b/ext/cgi/escape/escape.c
@@ -36,7 +36,8 @@ static VALUE https://github.com/ruby/ruby/blob/trunk/ext/cgi/escape/escape.c#L36
 optimized_escape_html(VALUE str)
 {
     VALUE vbuf;
-    char *buf = ALLOCV_N(char, vbuf, RSTRING_LEN(str) * HTML_ESCAPE_MAX_LEN);
+    typedef char escape_buf[HTML_ESCAPE_MAX_LEN];
+    char *buf = *ALLOCV_N(escape_buf, vbuf, RSTRING_LEN(str));
     const char *cstr = RSTRING_PTR(str);
     const char *end = cstr + RSTRING_LEN(str);
 
diff --git a/lib/cgi/cookie.rb b/lib/cgi/cookie.rb
index ae9ab58edef..6b0d89ca3ba 100644
--- a/lib/cgi/cookie.rb
+++ b/lib/cgi/cookie.rb
@@ -159,7 +159,6 @@ class CGI https://github.com/ruby/ruby/blob/trunk/lib/cgi/cookie.rb#L159
       raw_cookie.split(/;\s?/).each do |pairs|
         name, values = pairs.split('=',2)
         next unless name and values
-        name = CGI.unescape(name)
         values ||= ""
         values = values.split('&').collect{|v| CGI.unescape(v,@@accept_charset) }
         if cookies.has_key?(name)
diff --git a/lib/cgi/version.rb b/lib/cgi/version.rb
index 9d17c91b954..e145a762c6d 100644
--- a/lib/cgi/version.rb
+++ b/lib/cgi/version.rb
@@ -1,3 +1,3 @@ https://github.com/ruby/ruby/blob/trunk/lib/cgi/version.rb#L1
 class CGI
-  VERSION = "0.1.0"
+  VERSION = "0.1.0.1"
 end
diff --git a/test/cgi/test_cgi_cookie.rb b/test/cgi/test_cgi_cookie.rb
index 115a57e4a10..985cc0d7a1a 100644
--- a/test/cgi/test_cgi_cookie.rb
+++ b/test/cgi/test_cgi_cookie.rb
@@ -101,6 +101,11 @@ class CGICookieTest < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/test/cgi/test_cgi_cookie.rb#L101
     end
   end
 
+  def test_cgi_cookie_parse_not_decode_name
+    cookie_str = "%66oo=baz;foo=bar"
+    cookies = CGI::Cookie.parse(cookie_str)
+    assert_equal({"%66oo" => ["baz"], "foo" => ["bar"]}, cookies)
+  end
 
   def test_cgi_cookie_arrayinterface
     cookie = CGI::Cookie.new('name1', 'a', 'b', 'c')
diff --git a/version.h b/version.h
index 99b78460427..14ea82108ca 100644
--- a/version.h
+++ b/version.h
@@ -2,7 +2,7 @@ https://github.com/ruby/ruby/blob/trunk/version.h#L2
 # define RUBY_VERSION_MINOR RUBY_API_VERSION_MINOR
 #define RUBY_VERSION_TEENY 5
 #define RUBY_RELEASE_DATE RUBY_RELEASE_YEAR_STR"-"RUBY_RELEASE_MONTH_STR"-"RUBY_RELEASE_DAY_STR
-#define RUBY_PATCHLEVEL 202
+#define RUBY_PATCHLEVEL 203
 
 #define RUBY_RELEASE_YEAR 2021
 #define RUBY_RELEASE_MONTH 11
-- 
cgit v1.2.1


--
ML: ruby-changes@q...
Info: http://www.atdot.net/~ko1/quickml/

[前][次][番号順一覧][スレッド一覧]