From 2b6fc59397fdc5712024fc296473d80914ee3ae6 Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Mon, 15 Oct 2012 19:42:50 +0000 Subject: main/ruby: upgrade to 1.9.3_p286 --- main/ruby/APKBUILD | 8 +- .../ruby-1.9.3-backport-from-trunk-rev37068.patch | 103 --------------------- 2 files changed, 3 insertions(+), 108 deletions(-) delete mode 100644 main/ruby/ruby-1.9.3-backport-from-trunk-rev37068.patch (limited to 'main/ruby') diff --git a/main/ruby/APKBUILD b/main/ruby/APKBUILD index 98f82b4fde..f78f723482 100644 --- a/main/ruby/APKBUILD +++ b/main/ruby/APKBUILD @@ -1,7 +1,7 @@ # Contributor: Carlo Landmeter # Maintainer: Natanael Copa pkgname=ruby -pkgver=1.9.3_p194 +pkgver=1.9.3_p286 _pkgver=${pkgver/_/-} pkgrel=0 @@ -22,7 +22,6 @@ subpackages="$pkgname-doc $pkgname-dev $pkgname-irb $pkgname-gems \ " patches=" ruby-1.9.3-always-use-i386.patch - ruby-1.9.3-backport-from-trunk-rev37068.patch " source="ftp://ftp.ruby-lang.org/pub/ruby/${pkgver%.*}/${pkgname}-${_pkgver}.tar.bz2 $patches" @@ -184,6 +183,5 @@ libs() { mv "$pkgdir"/usr/lib "$subpkgdir"/usr/ } -md5sums="2278eff4cfed3cbc0653bc73085caa34 ruby-1.9.3-p194.tar.bz2 -8395693c99415532780605af203a102b ruby-1.9.3-always-use-i386.patch -b586536d4d196b142fd0968dac192617 ruby-1.9.3-backport-from-trunk-rev37068.patch" +md5sums="e76848a86606a4fd5dcf14fc4b4e755e ruby-1.9.3-p286.tar.bz2 +8395693c99415532780605af203a102b ruby-1.9.3-always-use-i386.patch" diff --git a/main/ruby/ruby-1.9.3-backport-from-trunk-rev37068.patch b/main/ruby/ruby-1.9.3-backport-from-trunk-rev37068.patch deleted file mode 100644 index ed94e738fa..0000000000 --- a/main/ruby/ruby-1.9.3-backport-from-trunk-rev37068.patch +++ /dev/null @@ -1,103 +0,0 @@ -Patch from trunk for CVE-2012-4464, CVE-2012-4466 -Part for test/ruby/test_exception.rb was adjusted for ruby 1.9.3 - -Mamoru Tasaka - ------------------------------------------------------------------------- -r37068 | shugo | 2012-10-03 02:25:10 +0900 (Wed, 03 Oct 2012) | 2 lines - -* error.c (exc_to_s, name_err_to_s, name_err_mesg_to_str): do not - taint messages. ------------------------------------------------------------------------- -Index: error.c -=================================================================== ---- ./error.c (revision 37067) -+++ ./error.c (revision 37068) -@@ -635,7 +635,6 @@ - - if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc)); - r = rb_String(mesg); -- OBJ_INFECT(r, exc); - return r; - } - -@@ -996,11 +995,7 @@ - - if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc)); - StringValue(str); -- if (str != mesg) { -- rb_iv_set(exc, "mesg", mesg = str); -- } -- OBJ_INFECT(mesg, exc); -- return mesg; -+ return str; - } - - /* -@@ -1131,7 +1126,6 @@ - args[2] = d; - mesg = rb_f_sprintf(NAME_ERR_MESG_COUNT, args); - } -- OBJ_INFECT(mesg, obj); - return mesg; - } - -Index: test/ruby/test_exception.rb -=================================================================== ---- ./test/ruby/test_exception.rb (revision 37067) -+++ ./test/ruby/test_exception.rb (modified) -@@ -333,4 +333,54 @@ - load(t.path) - end - end -+ -+ def test_to_s_taintness_propagation -+ for exc in [Exception, NameError] -+ m = "abcdefg" -+ e = exc.new(m) -+ e.taint -+ s = e.to_s -+ assert_equal(false, m.tainted?, -+ "#{exc}#to_s should not propagate taintness") -+ assert_equal(false, s.tainted?, -+ "#{exc}#to_s should not propagate taintness") -+ end -+ -+ o = Object.new -+ def o.to_str -+ "foo" -+ end -+ o.taint -+ e = NameError.new(o) -+ s = e.to_s -+ assert_equal(false, s.tainted?) -+ end -+ -+ def test_exception_to_s_should_not_propagate_untrustedness -+ favorite_lang = "Ruby" -+ -+ for exc in [Exception, NameError] -+ assert_raise(SecurityError) do -+ lambda { -+ $SAFE = 4 -+ exc.new(favorite_lang).to_s -+ favorite_lang.replace("Python") -+ }.call -+ end -+ end -+ -+ assert_raise(SecurityError) do -+ lambda { -+ $SAFE = 4 -+ o = Object.new -+ o.singleton_class.send(:define_method, :to_str) { -+ favorite_lang -+ } -+ NameError.new(o).to_s -+ favorite_lang.replace("Python") -+ }.call -+ end -+ -+ assert_equal("Ruby", favorite_lang) -+ end - end -- cgit v1.2.3