merge revision(s) 19774:

* lib/net/pop.rb: check for invalid APOP timestamp. (CVE-2007-1558) [ruby-dev:36631] * test/net/pop/test_pop.rb: ditto. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@22000 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2009-02-03 05:34:11 +0000
committer: shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2009-02-03 05:34:11 +0000
commit: c3731735662e4f2ceac7b66e8ed271a71da482d2 (patch)
tree: cf390ab2fb1e367f21f832c8f8375ba2bbac990e /lib
parent: 9df1833066604479e120919298c483e275d404d2 (diff)
download: ruby-c3731735662e4f2ceac7b66e8ed271a71da482d2.tar.gz
ruby-c3731735662e4f2ceac7b66e8ed271a71da482d2.tar.xz
ruby-c3731735662e4f2ceac7b66e8ed271a71da482d2.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/net/pop.rb b/lib/net/pop.rb
index 6d1343ede..f896464df 100644
--- a/lib/net/pop.rb
+++ b/lib/net/pop.rb
@@ -752,7 +752,7 @@ module Net
       @socket = sock
       @error_occured = false
       res = check_response(critical { recv_response() })
-      @apop_stamp = res.slice(/<.+>/)
+      @apop_stamp = res.slice(/<[!-~]+@[!-~]+>/)
     end
 
     def inspect
author	shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2009-02-03 05:34:11 +0000
committer	shyouhei <shyouhei@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2009-02-03 05:34:11 +0000
commit	c3731735662e4f2ceac7b66e8ed271a71da482d2 (patch)
tree	cf390ab2fb1e367f21f832c8f8375ba2bbac990e /lib
parent	9df1833066604479e120919298c483e275d404d2 (diff)
download	ruby-c3731735662e4f2ceac7b66e8ed271a71da482d2.tar.gz ruby-c3731735662e4f2ceac7b66e8ed271a71da482d2.tar.xz ruby-c3731735662e4f2ceac7b66e8ed271a71da482d2.zip