Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

merge revision(s) 20072:

	* dir.c (dir_globs): need taint check.  reported by steve
	  <oksteev at gmail.com>


git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_7@22028 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
  • Loading branch information...
commit efc34d657e01e32852a3b2387beeec045818a3ce 1 parent d720a91
Urabe, Shyouhei shyouhei authored

Showing 3 changed files with 10 additions and 5 deletions. Show diff stats Hide diff stats

  1. +5 0 ChangeLog
  2. +1 1  dir.c
  3. +4 4 version.h
5 ChangeLog
... ... @@ -1,3 +1,8 @@
  1 +Wed Feb 4 14:26:58 2009 Yukihiro Matsumoto <matz@ruby-lang.org>
  2 +
  3 + * dir.c (dir_globs): need taint check. reported by steve
  4 + <oksteev at gmail.com>
  5 +
1 6 Tue Feb 3 14:35:26 2009 Kazuhiro NISHIYAMA <zn@mbf.nifty.com>
2 7
3 8 * lib/net/pop.rb: check for invalid APOP timestamp. (CVE-2007-1558)
2  dir.c
@@ -1660,7 +1660,7 @@ dir_globs(argc, argv, flags)
1660 1660 for (i = 0; i < argc; ++i) {
1661 1661 int status;
1662 1662 VALUE str = argv[i];
1663   - StringValue(str);
  1663 + SafeStringValue(str);
1664 1664 status = push_glob(ary, RSTRING(str)->ptr, flags);
1665 1665 if (status) GLOB_JUMP_TAG(status);
1666 1666 }
8 version.h
... ... @@ -1,15 +1,15 @@
1 1 #define RUBY_VERSION "1.8.7"
2   -#define RUBY_RELEASE_DATE "2009-02-03"
  2 +#define RUBY_RELEASE_DATE "2009-02-04"
3 3 #define RUBY_VERSION_CODE 187
4   -#define RUBY_RELEASE_CODE 20090203
5   -#define RUBY_PATCHLEVEL 104
  4 +#define RUBY_RELEASE_CODE 20090204
  5 +#define RUBY_PATCHLEVEL 105
6 6
7 7 #define RUBY_VERSION_MAJOR 1
8 8 #define RUBY_VERSION_MINOR 8
9 9 #define RUBY_VERSION_TEENY 7
10 10 #define RUBY_RELEASE_YEAR 2009
11 11 #define RUBY_RELEASE_MONTH 2
12   -#define RUBY_RELEASE_DAY 3
  12 +#define RUBY_RELEASE_DAY 4
13 13
14 14 #ifdef RUBY_EXTERN
15 15 RUBY_EXTERN const char ruby_version[];

0 comments on commit efc34d6

Please sign in to comment.
Something went wrong with that request. Please try again.