Security fix for CVE-2011-0188
Ruby BigDecimal Integer Truncation Vulnerability Fix from upstream svn. Only 64-bit hosts are affected. ok jeremy@ (MAINTAINER)
This commit is contained in:
parent
7f28ff4237
commit
ff90d9b257
@ -1,4 +1,4 @@
|
|||||||
# $OpenBSD: Makefile,v 1.11 2011/03/07 18:57:38 jeremy Exp $
|
# $OpenBSD: Makefile,v 1.12 2011/05/25 18:20:43 jasper Exp $
|
||||||
|
|
||||||
COMMENT-main= object oriented script language with threads
|
COMMENT-main= object oriented script language with threads
|
||||||
COMMENT-iconv= libiconv interface for ruby
|
COMMENT-iconv= libiconv interface for ruby
|
||||||
@ -14,6 +14,8 @@ PKGNAME-iconv= ruby-iconv-${VERSION}.${PATCHLEVEL}
|
|||||||
PKGNAME-gdbm= ruby-gdbm-${VERSION}.${PATCHLEVEL}
|
PKGNAME-gdbm= ruby-gdbm-${VERSION}.${PATCHLEVEL}
|
||||||
PKGNAME-tk= ruby-tk-${VERSION}.${PATCHLEVEL}
|
PKGNAME-tk= ruby-tk-${VERSION}.${PATCHLEVEL}
|
||||||
|
|
||||||
|
REVISION-main= 0
|
||||||
|
|
||||||
PKGSPEC-main= ruby->=1.8,<1.9
|
PKGSPEC-main= ruby->=1.8,<1.9
|
||||||
|
|
||||||
CONFIGURE_ARGS= --program-suffix=18 \
|
CONFIGURE_ARGS= --program-suffix=18 \
|
||||||
|
19
lang/ruby/1.8/patches/patch-ext_bigdecimal_bigdecimal_c
Normal file
19
lang/ruby/1.8/patches/patch-ext_bigdecimal_bigdecimal_c
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
$OpenBSD: patch-ext_bigdecimal_bigdecimal_c,v 1.1 2011/05/25 18:20:43 jasper Exp $
|
||||||
|
|
||||||
|
Security fix for CVE-2011-0188
|
||||||
|
Ruby BigDecimal Integer Truncation Vulnerability
|
||||||
|
|
||||||
|
Fix from upstream svn:
|
||||||
|
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=30993
|
||||||
|
|
||||||
|
--- ext/bigdecimal/bigdecimal.c.orig Wed May 25 19:46:25 2011
|
||||||
|
+++ ext/bigdecimal/bigdecimal.c Wed May 25 19:47:42 2011
|
||||||
|
@@ -2032,7 +2032,7 @@ static int gnAlloc=0; /* Memory allocation counter */
|
||||||
|
VP_EXPORT void *
|
||||||
|
VpMemAlloc(U_LONG mb)
|
||||||
|
{
|
||||||
|
- void *p = xmalloc((unsigned int)mb);
|
||||||
|
+ void *p = xmalloc(mb);
|
||||||
|
if(!p) {
|
||||||
|
VpException(VP_EXCEPTION_MEMORY,"failed to allocate memory",1);
|
||||||
|
}
|
@ -1,4 +1,4 @@
|
|||||||
# $OpenBSD: Makefile,v 1.12 2011/03/07 18:59:18 jeremy Exp $
|
# $OpenBSD: Makefile,v 1.13 2011/05/25 18:20:43 jasper Exp $
|
||||||
|
|
||||||
COMMENT-main = object oriented script language with threads
|
COMMENT-main = object oriented script language with threads
|
||||||
COMMENT-gdbm = gdbm interface for Ruby
|
COMMENT-gdbm = gdbm interface for Ruby
|
||||||
@ -15,6 +15,8 @@ PKGNAME-gdbm = ruby-gdbm-${VERSION}.${PATCHLEVEL}
|
|||||||
PKGNAME-dbm = ruby-dbm-${VERSION}.${PATCHLEVEL}
|
PKGNAME-dbm = ruby-dbm-${VERSION}.${PATCHLEVEL}
|
||||||
PKGNAME-tk = ruby-tk-${VERSION}.${PATCHLEVEL}
|
PKGNAME-tk = ruby-tk-${VERSION}.${PATCHLEVEL}
|
||||||
|
|
||||||
|
REVISION-main = 0
|
||||||
|
|
||||||
PKGSPEC-main = ruby->=1.9,<1.10
|
PKGSPEC-main = ruby->=1.9,<1.10
|
||||||
|
|
||||||
CONFIGURE_ARGS = --program-suffix=19 \
|
CONFIGURE_ARGS = --program-suffix=19 \
|
||||||
|
19
lang/ruby/1.9/patches/patch-ext_bigdecimal_bigdecimal_c
Normal file
19
lang/ruby/1.9/patches/patch-ext_bigdecimal_bigdecimal_c
Normal file
@ -0,0 +1,19 @@
|
|||||||
|
$OpenBSD: patch-ext_bigdecimal_bigdecimal_c,v 1.1 2011/05/25 18:20:43 jasper Exp $
|
||||||
|
|
||||||
|
Security fix for CVE-2011-0188
|
||||||
|
Ruby BigDecimal Integer Truncation Vulnerability
|
||||||
|
|
||||||
|
Fix from upstream svn:
|
||||||
|
http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=30993
|
||||||
|
|
||||||
|
--- ext/bigdecimal/bigdecimal.c.orig Sat May 8 04:07:43 2010
|
||||||
|
+++ ext/bigdecimal/bigdecimal.c Wed May 25 19:50:01 2011
|
||||||
|
@@ -2123,7 +2123,7 @@ static int gnAlloc=0; /* Memory allocation counter */
|
||||||
|
VP_EXPORT void *
|
||||||
|
VpMemAlloc(U_LONG mb)
|
||||||
|
{
|
||||||
|
- void *p = xmalloc((unsigned int)mb);
|
||||||
|
+ void *p = xmalloc(mb);
|
||||||
|
if(!p) {
|
||||||
|
VpException(VP_EXCEPTION_MEMORY,"failed to allocate memory",1);
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user