summaryrefslogtreecommitdiffstats
path: root/string.c
Commit message (Collapse)AuthorAgeFilesLines
* merge revision(s) 20354:shyouhei2009-02-171-1/+3
| | | | | | | | * string.c (str_independent): no independent string points null_str. [ruby-core:20082] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@22364 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* merge revision(s) 20287:shyouhei2009-02-161-9/+31
| | | | | | | | | | * string.c (rb_str_s_alloc, rb_str_replace): use null_str as well as rb_string_value so that extension libraries do not segfault. [ruby-core:19971] * string.c (rb_str_replace): reduced unnecessary malloc and copy. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@22351 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* merge revision(s) 17719:shyouhei2008-07-171-1/+1
| | | | | | | | * string.c (rb_str_format_m): make tmp volatile to avoid possible GC problem. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@18112 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* merge revision(s) 17530:shyouhei2008-06-301-1/+8
| | | | | | | * string.c (str_buf_cat): check for self concatenation. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@17733 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* merge revision(s) 17483:shyouhei2008-06-201-1/+3
| | | | | | | * string.c (rb_str_buf_append): should infect. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@17486 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* merge revision(s) 17470:17472:shyouhei2008-06-201-33/+23
| | | | | | | | | * array.c (rb_ary_store, rb_ary_splice): not depend on unspecified behavior at integer overflow. * string.c (str_buf_cat): ditto. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@17475 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * array.c (ary_new, rb_ary_initialize, rb_ary_store,shyouhei2008-06-191-13/+9
| | | | | | | | | | | | | | | | | rb_ary_aplice, rb_ary_times): integer overflows should be checked. based on patches from Drew Yao <ayao at apple.com> fixed CVE-2008-2726 * string.c (rb_str_buf_append): fixed unsafe use of alloca, which led memory corruption. based on a patch from Drew Yao <ayao at apple.com> fixed CVE-2008-2726 * sprintf.c (rb_str_format): backported from trunk. * intern.h: ditto. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@17460 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* merge revision(s) 16400:shyouhei2008-06-151-1/+1
| | | | | | | | * string.c (rb_str_cat): fixed buffer overrun reported by Christopher Thompson <cthompson at nexopia.com> in [ruby-core:16746] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@17298 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_splice): integer overflow for length.shyouhei2007-09-071-1/+1
| | | | | | | [ruby-dev:31739] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8_6@13395 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_sub_bang): calling rb_str_modify() should be justusa2007-01-301-1/+1
| | | | | | | | before actually modifying the string. fixed: [ruby-dev:30211] (originally reported by zunda) git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@11597 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_upto): String#upto from empty string makesmatz2007-01-081-1/+1
| | | | | | inifinite loop. [ruby-core:09864] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@11515 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* Revert r11453matz2007-01-031-1/+4
| | | | git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@11454 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * io.c (ruby_dup): start GC on ENOMEM as well.matz2007-01-031-4/+1
| | | | git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@11453 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_aset): index double decode problem.matz2006-12-111-1/+1
| | | | | | | [ruby-core:09695] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@11374 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_substr): should be infected with only originalnobu2006-10-221-4/+7
| | | | | | | | | | string, but not the shared string. fixed: [ruby-core:09152] * strnig.c (rb_str_new4): keep shared string untainted when orignal string is tainted. fixed: [ruby-dev:29672] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@11201 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_scan): small documentation fix.matz2006-10-071-1/+1
| | | | | | | [ruby-core:09007] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@11106 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_intern): raise SecurityError only when $SAFEmatz2006-09-141-1/+1
| | | | | | | | | | | | level is greater than zero. [ruby-core:08862] * parse.y (rb_interned_p): new function to check if a string is already interned. * object.c (str_to_id): use rb_str_intern(). git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@10930 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_intern): prohibit interning tainted string.matz2006-09-131-0/+3
| | | | git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@10916 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ruby.h: use ifdef (or defined) for macro constants that may ormatz2006-07-311-2/+2
| | | | | | | | may not be defined to shut up gcc's -Wundef warnings. [ruby-core:08447] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@10648 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_scan): add string modification check.matz2006-07-261-0/+2
| | | | | | | [ruby-core:7216] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@10603 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_dump): need to extend len for \b.usa2006-07-111-1/+1
| | | | git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@10512 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_inspect): encode \b (\010) for escape.matz2006-07-021-0/+8
| | | | | | | | | [ruby-dev:28927] * string.c (rb_str_dump): ditto. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@10454 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c: RDoc update for =~ method. a patch from Alex Youngmatz2006-06-271-4/+2
| | | | | | | <alex at blackkettle.org>. [ruby-core:08068] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@10413 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * re.c (rb_reg_initialize): should not modify untainted objects inmatz2006-05-161-3/+3
| | | | | | | | | safe levels higher than 3. * re.c (rb_memcmp): type change from char* to const void*. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@10156 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (scan_once): wrong condition to use mbclen2().matz2005-10-271-1/+1
| | | | | | | [ruby-dev:27535] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@9473 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * lib/cgi.rb (CGI::Cookie): should handle multiple values for amatz2005-09-171-4/+9
| | | | | | | | | | | | | cookie name. [ruby-talk:156140] * string.c (rb_str_substr): should propagate taintness even for empty strings. [ruby-dev:27121] * string.c (rb_str_aref): should infect result if range argument is tainted. [ruby-dev:27121] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@9200 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_times): make empty strings to keep taintness,nobu2005-09-091-5/+4
| | | | | | | and a little improvement. [ruby-dev:26900] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@9104 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* fixed error on rdoc generationocean2005-04-201-1/+1
| | | | git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@8359 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_cmp_m): should not return false but nil.matz2005-03-071-1/+1
| | | | | | | | | | fixed: [ruby-dev:25811] * lib/cgi-lib.rb: add deprecation warning. [ruby-dev:25499] getopts.rb, parsearg.rb, importenv.rb as well. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@8096 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * ext/etc/etc.c (Init_etc): sGroup needs HAVE_ST_GR_PASSWD check.matz2005-02-121-13/+16
| | | | | | | | | | | | | [ruby-dev:25675] * misc/ruby-mode.el: [ruby-core:04415] * lib/rdoc/generators/html_generator.rb: [ruby-core:04412] * lib/rdoc/generators/ri_generator.rb: ditto. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7953 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_new4): should propagate taintedness.matz2005-01-201-0/+1
| | | | | | | | | | | | | | * struct.c (rb_struct_set): use original method name, not callee name, to retrieve member slot. [ruby-core:04268] * time.c (time_strftime): protect from format modification from GC finalizers. * gc.c (rb_data_object_alloc): klass may be NULL. [ruby-list:40498] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7791 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_justify): [ruby-dev:25367]matz2004-12-291-1/+1
| | | | git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7685 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_justify): create buffer string after argument typenobu2004-12-281-1/+1
| | | | | | | conversion. fixed: [ruby-dev:25341] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7677 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_inspect): escape # which starts an expressionnobu2004-12-091-3/+9
| | | | | | | | | substitution. fixed: [ruby-core:03922] * string.c (rb_str_dump): not escape # which isn't a substitution. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7519 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * object.c (convert_type): [ruby-core:03845]matz2004-11-291-1/+2
| | | | | | | | | | | | | | | | | * eval.c (rb_funcall_rescue): new function. * object.c (rb_Array): avoid using rb_respond_to(). * object.c (rb_Integer): ditto. * eval.c (get_backtrace): no conversion for nil. * parse.y (reduce_nodes): empty body should return nil. * lib/cgi/session.rb (CGI::Session::initialize): [ruby-core:03832] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7414 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * io.c (read_all): [ruby-dev:24955]matz2004-11-251-1/+1
| | | | git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7367 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * file.c (rb_file_chown): integer conversion should be prior tomatz2004-11-221-3/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | GetOpenFile(). [ruby-dev:24947] * file.c (rb_file_truncate): ditto. * file.c (rb_file_s_truncate): ditto. * dir.c (dir_seek): use NUM2OFFT(). * misc/ruby-mode.el (ruby-non-block-do-re): [ruby-core:03719] * dir.c (dir_seek): should retrieve dir_data after NUM2INT(). [ruby-dev:24941] * string.c (rb_str_splice): should place index wrapping after possible modification. [ruby-dev:24940] * eval.c (error_print): nicer traceback at interrupt. [ruby-core:03774] * string.c (str_gsub): internal buffer should not be listed by ObjectSpace.each_object() by String#gsub. [ruby-dev:24931] * lib/cgi/session.rb (CGI::Session::FileStore::initialize): raise exception if data corresponding to session specified from the client does not exist. * string.c (str_gsub): internal buffer should not be listed by ObjectSpace.each_object(). [ruby-dev:24919] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7354 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_splice, rb_str_upcase_bang): cleanups.eban2004-11-201-2/+0
| | | | git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7343 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * test/ruby/test_stringchar.rb (test_bang): added.eban2004-11-201-0/+3
| | | | | | | | * string.c (rb_str_upcase_bang, rb_str_capitalize_bang) (rb_str_swapcase_bang): missing rb_str_modify(). git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7340 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * process.c (proc_getpgrp): prohibit for $SAFE=2.matz2004-11-181-11/+6
| | | | | | | | | | | | | | | | | | | | | | | | [ruby-dev:24899] * process.c (get_pid): ditto. [ruby-dev:24904] * process.c (get_ppid): ditto. * array.c (rb_ary_delete): defer rb_ary_modify() until actual modification. [ruby-dev:24901] * parse.y (newline_node): should not use FL_SET. [ruby-dev:24874] * parse.y (string_content): should not use FL_UNSET. * node.h (NODE_NEWLINE): remove unused bit to utilize flag field in nodes. * string.c (rb_str_splice): move rb_str_modify() after StringValue(), which may alter the receiver. [ruby-dev:24878] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7307 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * numeric.c (flo_divmod): protect float values from GC bymatz2004-11-161-7/+17
| | | | | | | | | | | | | | | assignment to local variables. [ruby-dev:24873] * string.c (str_mod_check): frozen check should be separated. [ruby-core:3742] * array.c (rb_ary_update): pedantic check to detect rb_ary_to_ary() to modify the receiver. [ruby-dev:24861] * string.c (rb_str_justify): typo fixed. [ruby-dev:24851] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7290 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_locktmp): check STR_TMPLOCK flag beforematz2004-11-051-7/+11
| | | | | | | | | | | | | | | locking. [ruby-dev:24727] * gc.c (gc_mark): stricter GC stack check. * string.c (str_gsub): should have removed rb_str_unlocktmp(str). [ruby-dev:24708] * string.c (str_gsub): string modify check no longer based on tmplock. [ruby-dev:24706] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7216 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * gc.c (gc_mark): enable GC stack checking.matz2004-11-041-2/+7
| | | | | | | | | | | | | | | | | | | | * string.c (str_gsub): lock strings temporarily. [ruby-dev:24687] * ext/socket/socket.c (s_recvfrom): tmplock input buffer. [ruby-dev:24705] * array.c (rb_ary_uniq_bang): do not push frozen string from hash table. [ruby-dev:24695] * array.c (rb_ary_and): ditto. * array.c (rb_ary_or): ditto. * ext/enumerator/enumerator.c (each_cons_i): pass copy of an internal consequent array. [ruby-talk:118691] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7196 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_locktmp): lock string temporarily.matz2004-10-301-0/+20
| | | | | | | | | | | | | | * string.c (str_independent): add tmplock check. * io.c (io_write): lock output string temporarily. [ruby-dev:24649] * io.c (io_write): use rb_str_locktmp(). * io.c (read_all): ditto. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7149 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (str_gsub): use STR_NOCAPA.nobu2004-10-271-1/+1
| | | | git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7123 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (RESIZE_CAPA): check string attribute before modifyingmatz2004-10-271-9/+11
| | | | | | | | | | | | | | | | | | | | | | | | | capacity member of string structure. [ruby-dev:24594] * ext/zlib/zlib.c (gzreader_gets): use memchr() to to gain performance. [ruby-talk:117701] * sprintf.c (rb_f_sprintf): raise ArgumentError for extra arguments, unless (digit)$ style used. * ext/zlib/zlib.c (gzreader_gets): use memchr() to to gain performance. [ruby-talk:117701] * sprintf.c (rb_f_sprintf): raise ArgumentError for extra arguments, unless (digit)$ style used. * eval.c (frame_free): Guy Decoux solved the leak problem. Thanks. [ruby-core:03549] * ext/zlib/zlib.c (zstream_append_input): clear klass for z->input to avoid potential vulnerability. git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7119 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (str_gsub): use a string object for exception safeness.nobu2004-10-271-28/+30
| | | | | | | [ruby-dev:24601] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7117 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (rb_str_include): should not treat char as negative value.nobu2004-10-211-9/+2
| | | | | | | [ruby-dev:24558] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7096 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * string.c (str_gsub): reentrant check. [ruby-dev:24432]matz2004-10-201-5/+5
| | | | | | | * backport all SEGV bug fixes from CVS HEAD. [ruby-dev:24536] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7090 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
* * io.c (read_all): block string buffer modification duringmatz2004-10-191-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | rb_io_fread() by freezing it temporarily. [ruby-dev:24479] * dir.c (rb_push_glob): block call at once the end of method. [ruby-dev:24487] * ext/enumerator/enumerator.c (enum_each_slice): remove rb_gc_force_recycle() to prevent potential SEGV. [ruby-dev:24499] * ext/zlib/zlib.c (zstream_expand_buffer): hide internal string buffer by clearing klass. [ruby-dev:24510] * ext/socket/socket.c (sock_s_getservbyaname): protocol string might be altered. [ruby-dev:24503] * string.c (rb_str_upto): check if return value from succ is a string. [ruby-dev:24504] * io.c (rb_io_popen): get mode string via rb_io_flags_mode() to avoid mode string modification. [ruby-dev:24454] * io.c (rb_io_getline_fast): should take delim as unsigned char to distinguish EOF and '\377'. [ruby-dev:24460] * io.c (rb_io_getline): add check for RS modification. [ruby-dev:24461] * enum.c (enum_sort_by): use qsort() directly instead using rb_iterate(). [ruby-dev:24462] * enum.c (enum_each_with_index): remove rb_gc_force_recycle() to prevent access to recycled object (via continuation for example). [ruby-dev:24463] git-svn-id: http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8@7071 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
generated by cgit (git 2.34.1) at 2024-09-27 17:11:26 +0000