merge revision(s) 20072:

	* dir.c (dir_globs): need taint check.  reported by steve
	  <oksteev at gmail.com>


git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@22026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

3 files changed, 10 insertions, 5 deletions

diff --git a/ChangeLog b/ChangeLog
index 90f7f2030..769643ec2 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+Wed Feb  4 14:25:44 2009  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* dir.c (dir_globs): need taint check.  reported by steve
+	  <oksteev at gmail.com>
+
 Tue Feb  3 14:33:08 2009  Kazuhiro NISHIYAMA  <zn@mbf.nifty.com>
 
 	* lib/net/pop.rb: check for invalid APOP timestamp. (CVE-2007-1558)
diff --git a/dir.c b/dir.c
index 0dd12ffd7..74de8c543 100644
--- a/dir.c
+++ b/dir.c
@@ -1659,7 +1659,7 @@ dir_globs(argc, argv, flags)
     for (i = 0; i < argc; ++i) {
 	int status;
 	VALUE str = argv[i];
-	StringValue(str);
+	SafeStringValue(str);
 	status = push_glob(ary, RSTRING(str)->ptr, flags);
 	if (status) GLOB_JUMP_TAG(status);
     }
diff --git a/version.h b/version.h
index 12f0db841..842de9b21 100644
--- a/version.h
+++ b/version.h
@@ -1,15 +1,15 @@
 #define RUBY_VERSION "1.8.6"
-#define RUBY_RELEASE_DATE "2009-02-03"
+#define RUBY_RELEASE_DATE "2009-02-04"
 #define RUBY_VERSION_CODE 186
-#define RUBY_RELEASE_CODE 20090203
-#define RUBY_PATCHLEVEL 318
+#define RUBY_RELEASE_CODE 20090204
+#define RUBY_PATCHLEVEL 319
 
 #define RUBY_VERSION_MAJOR 1
 #define RUBY_VERSION_MINOR 8
 #define RUBY_VERSION_TEENY 6
 #define RUBY_RELEASE_YEAR 2009
 #define RUBY_RELEASE_MONTH 2
-#define RUBY_RELEASE_DAY 3
+#define RUBY_RELEASE_DAY 4
 
 #ifdef RUBY_EXTERN
 RUBY_EXTERN const char ruby_version[];