Projects
openEuler:20.03:LTS:SP1
ruby
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 31
View file
_service:tar_scm_kernel_repo:ruby.spec
Changed
@@ -1,6 +1,6 @@ Name: ruby Version: 2.5.8 -Release: 120 +Release: 121 Summary: Object-oriented scripting language interpreter License: (Ruby or BSD) and Public Domain and MIT and CC0 and zlib and UCD URL: https://www.ruby-lang.org/ @@ -56,6 +56,7 @@ Patch6013: backport-0001-CVE-2023-28756.patch Patch6014: backport-0002-CVE-2023-28756.patch Patch6015: backport-CVE-2023-36617.patch +Patch6016: backport-CVE-2024-27280.patch Provides: %{name}-libs = %{version}-%{release} Obsoletes: %{name}-libs < %{version}-%{release} @@ -593,6 +594,9 @@ %exclude %{gem_dir}/gems/xmlrpc-0.3.0/.* %changelog +* Tue Mar 26 2024 shixuantong <shixuantong1@huawei.com> - 2.5.8-121 +- fix CVE-2024-27280 + * Sat Jul 08 2023 shixuantong <shixuantong1@huawei.com> - 2.5.8-120 - fix CVE-2023-36617
View file
_service:tar_scm_kernel_repo:backport-CVE-2024-27280.patch
Added
@@ -0,0 +1,85 @@ +From a35268a3ac1b5f0058e5b7c1a041a7e86d9da067 Mon Sep 17 00:00:00 2001 +From: Nobuyoshi Nakada <nobu@ruby-lang.org> +Date: Tue, 16 Nov 2021 17:39:32 +0900 +Subject: [PATCH] Fix expanding size at ungetc/ungetbyte + +Reference:https://github.com/ruby/stringio/commit/a35268a3ac1b5f0058e5b7c1a041a7e86d9da067 +--- + ext/stringio/stringio.c | 2 +- + test/stringio/test_stringio.rb | 25 +++++++++++++++++++++---- + 2 files changed, 22 insertions(+), 5 deletions(-) + +diff --git a/ext/stringio/stringio.c b/ext/stringio/stringio.c +index c9ca3e0..cb8b370 100644 +--- a/ext/stringio/stringio.c ++++ b/ext/stringio/stringio.c +@@ -833,7 +833,7 @@ strio_unget_bytes(struct StringIO *ptr, const char *cp, long cl) + len = RSTRING_LEN(str); + rest = pos - len; + if (cl > pos) { +- long ex = (rest < 0 ? cl-pos : cl+rest); ++ long ex = cl - (rest < 0 ? pos : len); + rb_str_modify_expand(str, ex); + rb_str_set_len(str, len + ex); + s = RSTRING_PTR(str); +diff --git a/test/stringio/test_stringio.rb b/test/stringio/test_stringio.rb +index f5169f6..486d464 100644 +--- a/test/stringio/test_stringio.rb ++++ b/test/stringio/test_stringio.rb +@@ -693,6 +693,15 @@ class TestStringIO < Test::Unit::TestCase + assert_equal("b""\0""a", s.string) + end + ++ def test_ungetc_fill ++ count = 100 ++ s = StringIO.new ++ s.print 'a' * count ++ s.ungetc('b' * (count * 5)) ++ assert_equal((count * 5), s.string.size) ++ assert_match(/\Ab+\z/, s.string) ++ end ++ + def test_ungetbyte_pos + b = '\\b00010001 \\B00010001 \\b1 \\B1 \\b000100011' + s = StringIO.new( b ) +@@ -718,6 +727,15 @@ class TestStringIO < Test::Unit::TestCase + assert_equal("b""\0""a", s.string) + end + ++ def test_ungetbyte_fill ++ count = 100 ++ s = StringIO.new ++ s.print 'a' * count ++ s.ungetbyte('b' * (count * 5)) ++ assert_equal((count * 5), s.string.size) ++ assert_match(/\Ab+\z/, s.string) ++ end ++ + def test_frozen + s = StringIO.new + s.freeze +@@ -760,18 +778,17 @@ class TestStringIO < Test::Unit::TestCase + end + + def test_overflow +- skip if RbConfig::SIZEOF["void*"] > RbConfig::SIZEOF["long"] ++ return if RbConfig::SIZEOF["void*"] > RbConfig::SIZEOF["long"] + limit = (1 << (RbConfig::SIZEOF["void*"]*8-1)) - 0x10 + assert_separately(%w[-rstringio], "#{<<-"begin;"}\n#{<<-"end;"}") + begin; + limit = #{limit} + ary = [] +- while true ++ begin + x = "a"*0x100000 + break if [x].pack("p").unpack("i!")[0] < 0 + ary << x +- skip if ary.size > 100 +- end ++ end while ary.size <= 100 + s = StringIO.new(x) + s.gets("xxx", limit) + assert_equal(0x100000, s.pos) +-- +2.27.0 +
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.