From 52dc50e942555d9f68555295c430a3c74c7a25fd Mon Sep 17 00:00:00 2001 From: Jesse Keating Date: Wed, 17 Feb 2010 03:05:01 +0000 Subject: [PATCH 01/11] Initialize branch F-13 for ruby --- branch | 1 + 1 file changed, 1 insertion(+) create mode 100644 branch diff --git a/branch b/branch new file mode 100644 index 0000000..baa94ef --- /dev/null +++ b/branch @@ -0,0 +1 @@ +F-13 From 768686e25016fe4e7179fc59d22886767ba1607b Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Mon, 26 Apr 2010 19:02:49 +0000 Subject: [PATCH 02/11] - Update to 1.8.6 p 399 (bug 579675) - Patch to fix gc bug causing open4 crash (bug 580993) --- .cvsignore | 1 + ruby.spec | 19 +- ruby_1_8_7-gc-open4_096segv.patch | 351 ++++++++++++++++++++++++++++++ sources | 1 + 4 files changed, 367 insertions(+), 5 deletions(-) create mode 100644 ruby_1_8_7-gc-open4_096segv.patch diff --git a/.cvsignore b/.cvsignore index 237576f..bcd6a57 100644 --- a/.cvsignore +++ b/.cvsignore @@ -2,3 +2,4 @@ ruby-1.8.6-p388.tar.bz2 ruby-refm-rdp-1.8.2-ja-html.tar.gz rubyfaq-990927.tar.gz rubyfaq-jp-990927.tar.gz +ruby-1.8.6-p399.tar.bz2 diff --git a/ruby.spec b/ruby.spec index c83d11b..1fa8ccb 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %define rubyxver 1.8 %define rubyver 1.8.6 -%define _patchlevel 388 +%define _patchlevel 399 %define dotpatchlevel %{?_patchlevel:.%{_patchlevel}} %define patchlevel %{?_patchlevel:-p%{_patchlevel}} %define arcver %{rubyver}%{?patchlevel} @@ -16,8 +16,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -# 8.1 is not built yet (not needed because 8 is already untagged) -Release: 8%{?dist}.1 +Release: 1%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -58,7 +57,10 @@ Patch31: ruby-1.8.6-p369-ri-gem_multipath.patch Patch32: ruby-1.8head-irb-save-history.patch Patch33: ruby-1.8.6-p383-mkmf-use-shared.patch # Testing -Patch34: ruby-1.8.6-simplify-openssl-digest.patch +# Patch34 disabled for now +Patch34: ruby-1.8.6-simplify-openssl-digest.patch +# bz 580993 +Patch35: ruby_1_8_7-gc-open4_096segv.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -200,9 +202,9 @@ pushd %{name}-%{arcver} %patch31 -p1 %patch32 -p0 %patch33 -p1 - # Once kill patch34 due to build failure on actionpack #%%patch34 -p1 +%patch35 -p1 popd %build @@ -578,6 +580,13 @@ rm -rf $RPM_BUILD_ROOT %{_emacs_sitestartdir}/ruby-mode-init.el %changelog +* Tue Apr 27 2010 Mamoru Tasaka - 1.8.6.399-1 +- Update to 1.8.6 p 399 (bug 579675) +- Patch to fix gc bug causing open4 crash (bug 580993) + +* Fri Mar 12 2010 Mamoru Tasaka - 1.8.6.388-9 +- F-14: rebuild against new gdbm + * Thu Jan 28 2010 Mamoru Tasaka - Once revert the previous change (patch34) diff --git a/ruby_1_8_7-gc-open4_096segv.patch b/ruby_1_8_7-gc-open4_096segv.patch new file mode 100644 index 0000000..4514022 --- /dev/null +++ b/ruby_1_8_7-gc-open4_096segv.patch @@ -0,0 +1,351 @@ +Index: ruby_1_8_7/marshal.c +=================================================================== +--- ruby_1_8_7/marshal.c (revision 26075) ++++ ruby_1_8_7/marshal.c (revision 26076) +@@ -85,12 +85,10 @@ + static ID s_getc, s_read, s_write, s_binmode; + + struct dump_arg { +- VALUE obj; + VALUE str, dest; + st_table *symbols; + st_table *data; + int taint; +- VALUE wrapper; + }; + + struct dump_call_arg { +@@ -104,22 +102,32 @@ + struct dump_arg *arg; + ID sym; + { +- if (!DATA_PTR(arg->wrapper)) { ++ if (!arg->symbols) { + rb_raise(rb_eRuntimeError, "Marshal.dump reentered at %s", + rb_id2name(sym)); + } + } + ++static void clear_dump_arg _((struct dump_arg *arg)); ++ + static void + mark_dump_arg(ptr) + void *ptr; + { + struct dump_arg *p = ptr; +- if (!ptr) ++ if (!p->symbols) + return; + rb_mark_set(p->data); + } + ++static void ++free_dump_arg(ptr) ++ void *ptr; ++{ ++ clear_dump_arg(ptr); ++ xfree(ptr); ++} ++ + static VALUE + class2path(klass) + VALUE klass; +@@ -699,32 +707,17 @@ + } + } + +-static VALUE +-dump(arg) +- struct dump_call_arg *arg; +-{ +- w_object(arg->obj, arg->arg, arg->limit); +- if (arg->arg->dest) { +- rb_io_write(arg->arg->dest, arg->arg->str); +- rb_str_resize(arg->arg->str, 0); +- } +- return 0; +-} +- +-static VALUE +-dump_ensure(arg) ++static void ++clear_dump_arg(arg) + struct dump_arg *arg; + { +- if (!DATA_PTR(arg->wrapper)) return 0; ++ if (!arg->symbols) return; + st_free_table(arg->symbols); ++ arg->symbols = 0; + st_free_table(arg->data); +- DATA_PTR(arg->wrapper) = 0; +- arg->wrapper = 0; + if (arg->taint) { + OBJ_TAINT(arg->str); + } +- +- return 0; + } + + /* +@@ -760,8 +753,8 @@ + { + VALUE obj, port, a1, a2; + int limit = -1; +- struct dump_arg arg; +- struct dump_call_arg c_arg; ++ struct dump_arg *arg; ++ VALUE wrapper; + + port = Qnil; + rb_scan_args(argc, argv, "12", &obj, &a1, &a2); +@@ -775,37 +768,40 @@ + else if (NIL_P(a1)) goto type_error; + else port = a1; + } +- arg.dest = 0; +- arg.symbols = st_init_numtable(); +- arg.data = st_init_numtable(); +- arg.taint = Qfalse; +- arg.str = rb_str_buf_new(0); +- RBASIC(arg.str)->klass = 0; +- arg.wrapper = Data_Wrap_Struct(rb_cData, mark_dump_arg, 0, &arg); ++ wrapper = Data_Make_Struct(rb_cData, struct dump_arg, mark_dump_arg, free_dump_arg, arg); ++ arg->dest = 0; ++ arg->symbols = st_init_numtable(); ++ arg->data = st_init_numtable(); ++ arg->taint = Qfalse; ++ arg->str = rb_str_buf_new(0); ++ RBASIC(arg->str)->klass = 0; + if (!NIL_P(port)) { + if (!rb_respond_to(port, s_write)) { + type_error: + rb_raise(rb_eTypeError, "instance of IO needed"); + } +- arg.dest = port; ++ arg->dest = port; + if (rb_respond_to(port, s_binmode)) { + rb_funcall2(port, s_binmode, 0, 0); +- check_dump_arg(&arg, s_binmode); ++ check_dump_arg(arg, s_binmode); + } + } + else { +- port = arg.str; ++ port = arg->str; + } + +- c_arg.obj = obj; +- c_arg.arg = &arg; +- c_arg.limit = limit; ++ w_byte(MARSHAL_MAJOR, arg); ++ w_byte(MARSHAL_MINOR, arg); + +- w_byte(MARSHAL_MAJOR, &arg); +- w_byte(MARSHAL_MINOR, &arg); ++ w_object(obj, arg, limit); ++ if (arg->dest) { ++ rb_io_write(arg->dest, arg->str); ++ rb_str_resize(arg->str, 0); ++ } + +- rb_ensure(dump, (VALUE)&c_arg, dump_ensure, (VALUE)&arg); +- RBASIC(arg.str)->klass = rb_cString; ++ RBASIC(arg->str)->klass = rb_cString; ++ clear_dump_arg(arg); ++ RB_GC_GUARD(wrapper); + + return port; + } +@@ -817,7 +813,6 @@ + st_table *data; + VALUE proc; + int taint; +- VALUE wrapper; + }; + + static void +@@ -825,22 +820,31 @@ + struct load_arg *arg; + ID sym; + { +- if (!DATA_PTR(arg->wrapper)) { ++ if (!arg->symbols) { + rb_raise(rb_eRuntimeError, "Marshal.load reentered at %s", + rb_id2name(sym)); + } + } + ++static void clear_load_arg _((struct load_arg *arg)); ++ + static void + mark_load_arg(ptr) + void *ptr; + { + struct load_arg *p = ptr; +- if (!ptr) ++ if (!p->symbols) + return; + rb_mark_tbl(p->data); + } + ++static void ++free_load_arg(void *ptr) ++{ ++ clear_load_arg(ptr); ++ xfree(ptr); ++} ++ + static VALUE r_object _((struct load_arg *arg)); + + static int +@@ -1415,23 +1419,14 @@ + return r_object0(arg, arg->proc, 0, Qnil); + } + +-static VALUE +-load(arg) ++static void ++clear_load_arg(arg) + struct load_arg *arg; + { +- return r_object(arg); +-} +- +-static VALUE +-load_ensure(arg) +- struct load_arg *arg; +-{ +- if (!DATA_PTR(arg->wrapper)) return 0; ++ if (!arg->symbols) return; + st_free_table(arg->symbols); ++ arg->symbols = 0; + st_free_table(arg->data); +- DATA_PTR(arg->wrapper) = 0; +- arg->wrapper = 0; +- return 0; + } + + /* +@@ -1451,35 +1446,37 @@ + VALUE *argv; + { + VALUE port, proc; +- int major, minor; +- VALUE v; +- struct load_arg arg; ++ int major, minor, taint = Qfalse; ++ VALUE v, wrapper; ++ struct load_arg *arg; + + rb_scan_args(argc, argv, "11", &port, &proc); + v = rb_check_string_type(port); + if (!NIL_P(v)) { +- arg.taint = OBJ_TAINTED(port); /* original taintedness */ ++ taint = OBJ_TAINTED(port); /* original taintedness */ + port = v; + } + else if (rb_respond_to(port, s_getc) && rb_respond_to(port, s_read)) { + if (rb_respond_to(port, s_binmode)) { + rb_funcall2(port, s_binmode, 0, 0); + } +- arg.taint = Qtrue; ++ taint = Qtrue; + } + else { + rb_raise(rb_eTypeError, "instance of IO needed"); + } +- arg.src = port; +- arg.offset = 0; +- arg.symbols = st_init_numtable(); +- arg.data = st_init_numtable(); +- arg.proc = 0; +- arg.wrapper = Data_Wrap_Struct(rb_cData, mark_load_arg, 0, &arg); ++ wrapper = Data_Make_Struct(rb_cData, struct load_arg, mark_load_arg, free_load_arg, arg); ++ arg->src = port; ++ arg->offset = 0; ++ arg->symbols = st_init_numtable(); ++ arg->data = st_init_numtable(); ++ arg->proc = 0; ++ arg->taint = taint; + +- major = r_byte(&arg); +- minor = r_byte(&arg); ++ major = r_byte(arg); ++ minor = r_byte(arg); + if (major != MARSHAL_MAJOR || minor > MARSHAL_MINOR) { ++ clear_load_arg(arg); + rb_raise(rb_eTypeError, "incompatible marshal file format (can't be read)\n\ + \tformat version %d.%d required; %d.%d given", + MARSHAL_MAJOR, MARSHAL_MINOR, major, minor); +@@ -1490,8 +1487,10 @@ + MARSHAL_MAJOR, MARSHAL_MINOR, major, minor); + } + +- if (!NIL_P(proc)) arg.proc = proc; +- v = rb_ensure(load, (VALUE)&arg, load_ensure, (VALUE)&arg); ++ if (!NIL_P(proc)) arg->proc = proc; ++ v = r_object(arg); ++ clear_load_arg(arg); ++ RB_GC_GUARD(wrapper); + + return v; + } +Index: ruby_1_8_7/test/ruby/test_marshal.rb +=================================================================== +--- ruby_1_8_7/test/ruby/test_marshal.rb (revision 26075) ++++ ruby_1_8_7/test/ruby/test_marshal.rb (revision 26076) +@@ -71,4 +71,41 @@ + } + assert_equal("marshal data too short", e.message) + end ++ ++ class DumpTest ++ def marshal_dump ++ loop { Thread.pass } ++ end ++ end ++ ++ class LoadTest ++ def marshal_dump ++ nil ++ end ++ def marshal_load(obj) ++ loop { Thread.pass } ++ end ++ end ++ ++ def test_context_switch ++ o = DumpTest.new ++ Thread.new { Marshal.dump(o) } ++ GC.start ++ assert(true, '[ruby-dev:39425]') ++ ++ o = LoadTest.new ++ m = Marshal.dump(o) ++ Thread.new { Marshal.load(m) } ++ GC.start ++ assert(true, '[ruby-dev:39425]') ++ end ++ ++ def test_taint ++ x = Object.new ++ x.taint ++ s = Marshal.dump(x) ++ assert_equal(true, s.tainted?) ++ y = Marshal.load(s) ++ assert_equal(true, y.tainted?) ++ end + end +Index: ruby_1_8_7/ruby.h +=================================================================== +--- ruby_1_8_7/ruby.h (revision 16014) ++++ ruby_1_8_7/ruby.h (revision 16015) +@@ -224,6 +224,8 @@ + + #define TYPE(x) rb_type((VALUE)(x)) + ++#define RB_GC_GUARD(v) (*(volatile VALUE *)&(v)) ++ + void rb_check_type _((VALUE,int)); + #define Check_Type(v,t) rb_check_type((VALUE)(v),t) + diff --git a/sources b/sources index 402aa20..4217687 100644 --- a/sources +++ b/sources @@ -2,3 +2,4 @@ f26cefbc8ab6728650ab9ae773d22bcb ruby-1.8.6-p388.tar.bz2 b6dd396f513efeb7864685c840f9643a ruby-refm-rdp-1.8.2-ja-html.tar.gz 634c25b14e19925d10af3720d72e8741 rubyfaq-990927.tar.gz 4fcec898f51d8371cc42d0a013940469 rubyfaq-jp-990927.tar.gz +f77c307cb72fb8808b0e85af5d05cefc ruby-1.8.6-p399.tar.bz2 From 2d4d07d0642e1ac84aa61fb760f54344077d0f95 Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Fri, 14 May 2010 19:10:53 +0000 Subject: [PATCH 03/11] - ruby-1.8.x-null-class-must-be-Qnil.patch (bug 530407) - Recreate some patches using upstream svn when available, and add some comments for patches Tue May 11 2010 Mamoru Tasaka - 1.8.6.399-2 - tcltk: Give up using potentially unmaintained ruby_1_8_6 branch and instead completely replace with ruby_1_8 branch head (at this time, using rev 27738) (seems to fix 560053, 590503) - Fix Japanese encoding strings under ruby-tcltk/ext/tk/sample/ --- .cvsignore | 1 + ruby-1.8.6-p369-ri-gem_multipath.patch | 129 ++++++++++++++++--- ruby-1.8.6-rexml-CVE-2008-3790.patch | 85 +++++++++--- ruby-1.8.x-RHASH_SIZE-def.patch | 16 +++ ruby-1.8.x-ext_tk-flatten-level-revert.patch | 58 +++++++++ ruby-1.8.x-null-class-must-be-Qnil.patch | 21 +++ ruby.spec | 78 ++++++++++- sources | 1 + 8 files changed, 350 insertions(+), 39 deletions(-) create mode 100644 ruby-1.8.x-RHASH_SIZE-def.patch create mode 100644 ruby-1.8.x-ext_tk-flatten-level-revert.patch create mode 100644 ruby-1.8.x-null-class-must-be-Qnil.patch diff --git a/.cvsignore b/.cvsignore index bcd6a57..e4e63dc 100644 --- a/.cvsignore +++ b/.cvsignore @@ -3,3 +3,4 @@ ruby-refm-rdp-1.8.2-ja-html.tar.gz rubyfaq-990927.tar.gz rubyfaq-jp-990927.tar.gz ruby-1.8.6-p399.tar.bz2 +ruby-1.8-rev27738_trunk-ext_tk.tar.gz diff --git a/ruby-1.8.6-p369-ri-gem_multipath.patch b/ruby-1.8.6-p369-ri-gem_multipath.patch index e5b5872..2c069d8 100644 --- a/ruby-1.8.6-p369-ri-gem_multipath.patch +++ b/ruby-1.8.6-p369-ri-gem_multipath.patch @@ -1,35 +1,130 @@ ---- ruby-1.8.6-p369/lib/rdoc/ri/ri_options.rb.gemmulti 2007-02-13 08:01:19.000000000 +0900 -+++ ruby-1.8.6-p369/lib/rdoc/ri/ri_options.rb 2009-10-14 23:51:09.000000000 +0900 -@@ -63,7 +63,7 @@ +Mon Dec 24 16:18:57 2007 Eric Hodel + + * lib/rdoc/ri/ri_options.rb: Fix ri --help listing of gem ri paths. + Merge of r14567 and r14569 from trunk. + + * lib/rdoc/ri/ri_paths.rb: Fix duplication of ri data for multiple + gems. Merge of r14567 from trunk + +Index: ruby_1_8/lib/rdoc/ri/ri_options.rb +=================================================================== +--- ruby_1_8/lib/rdoc/ri/ri_options.rb (revision 14581) ++++ ruby_1_8/lib/rdoc/ri/ri_options.rb (revision 14582) +@@ -62,10 +62,11 @@ + (RI::Paths::HOMEDIR || "No ~/.rdoc found") ], [ "--gems", nil, nil, - "Include documentation from Rubygems:\n " + +- "Include documentation from Rubygems:\n " + - (RI::Paths::GEMDIRS ? "#{Gem.path}/doc/*/ri" : -+ (RI::Paths::GEMDIRS ? Gem.path.map {|path| "#{path}/doc/*/ri" }.join(', ') : - "No Rubygems ri found.") ], - +- "No Rubygems ri found.") ], +- ++ "Include documentation from RubyGems:\n" + ++ (RI::Paths::GEMDIRS ? ++ Gem.path.map { |dir| " #{dir}/doc/*/ri" }.join("\n") : ++ "No Rubygems ri found.") ], ++ [ "--format", "-f", "", -@@ -136,7 +136,11 @@ + "Format to use when displaying output:\n" + + " " + RI::TextFormatter.list + "\n" + +@@ -116,7 +117,8 @@ + def OptionList.error(msg) + $stderr.puts + $stderr.puts msg +- $stderr.puts "\nFor help on options, try 'ri --help'\n\n" ++ name = File.basename $PROGRAM_NAME ++ $stderr.puts "\nFor help on options, try '#{name} --help'\n\n" + exit 1 + end + +@@ -136,7 +138,11 @@ RI::Paths::HOMEDIR ] - directories << "#{Gem.path}/doc/*/ri" if RI::Paths::GEMDIRS -+ if RI::Paths::GEMDIRS -+ Gem.path.each {|gempath| -+ directories << "#{gempath}/doc/*/ri" -+ } ++ if RI::Paths::GEMDIRS then ++ Gem.path.each do |dir| ++ directories << "#{dir}/doc/*/ri" ++ end + end directories = directories.join("\n ") ---- ruby-1.8.6-p369/lib/rdoc/ri/ri_paths.rb.gemmulti 2007-02-13 08:01:19.000000000 +0900 -+++ ruby-1.8.6-p369/lib/rdoc/ri/ri_paths.rb 2009-10-15 00:02:05.000000000 +0900 -@@ -44,7 +44,7 @@ +@@ -157,16 +163,16 @@ + + For example: + +- ri File +- ri File.new +- ri F.n +- ri zip ++ #{name} File ++ #{name} File.new ++ #{name} F.n ++ #{name} zip + + Note that shell quoting may be required for method names + containing punctuation: + +- ri 'Array.[]' +- ri compact\\! ++ #{name} 'Array.[]' ++ #{name} compact\\! + + By default ri searches for documentation in the following + directories: +@@ -180,8 +186,8 @@ + EOT + + if short_form +- puts "For help on options, type 'ri -h'" +- puts "For a list of classes I know about, type 'ri -c'" ++ puts "For help on options, type '#{name} -h'" ++ puts "For a list of classes I know about, type '#{name} -c'" + else + puts "Options:\n\n" + OPTION_LIST.each do|long, short, arg, desc| +Index: ruby_1_8/lib/rdoc/ri/ri_paths.rb +=================================================================== +--- ruby_1_8/lib/rdoc/ri/ri_paths.rb (revision 14581) ++++ ruby_1_8/lib/rdoc/ri/ri_paths.rb (revision 14582) +@@ -44,8 +44,29 @@ begin require 'rubygems' - GEMDIRS = Dir["#{Gem.path}/doc/*/ri"] -+ GEMDIRS = Gem.path.map {|path| Dir["#{path}/doc/*/ri"]}.flatten - GEMDIRS.each { |path| RI::Paths::PATH << path } +- GEMDIRS.each { |path| RI::Paths::PATH << path } ++ ++ # HACK dup'd from Gem.latest_partials and friends ++ all_paths = [] ++ ++ all_paths = Gem.path.map do |dir| ++ Dir[File.join(dir, 'doc', '*', 'ri')] ++ end.flatten ++ ++ ri_paths = {} ++ ++ all_paths.each do |dir| ++ base = File.basename File.dirname(dir) ++ if base =~ /(.*)-((\d+\.)*\d+)/ then ++ name, version = $1, $2 ++ ver = Gem::Version.new version ++ if ri_paths[name].nil? or ver > ri_paths[name][0] then ++ ri_paths[name] = [ver, dir] ++ end ++ end ++ end ++ ++ GEMDIRS = ri_paths.map { |k,v| v.last }.sort ++ GEMDIRS.each { |dir| RI::Paths::PATH << dir } rescue LoadError GEMDIRS = nil + end +@@ -55,7 +76,7 @@ + + def self.path(use_system, use_site, use_home, use_gems, *extra_dirs) + path = raw_path(use_system, use_site, use_home, use_gems, *extra_dirs) +- return path.select { |path| File.directory? path } ++ return path.select { |directory| File.directory? directory } + end + + # Returns the selected documentation directories including nonexistent diff --git a/ruby-1.8.6-rexml-CVE-2008-3790.patch b/ruby-1.8.6-rexml-CVE-2008-3790.patch index 2db8dd6..a0788b2 100644 --- a/ruby-1.8.6-rexml-CVE-2008-3790.patch +++ b/ruby-1.8.6-rexml-CVE-2008-3790.patch @@ -1,7 +1,27 @@ -diff -pruN ruby-1.8.6-p287.orig/lib/rexml/document.rb ruby-1.8.6-p287/lib/rexml/document.rb ---- ruby-1.8.6-p287.orig/lib/rexml/document.rb 2007-11-04 13:50:15.000000000 +0900 -+++ ruby-1.8.6-p287/lib/rexml/document.rb 2008-10-08 22:25:14.000000000 +0900 -@@ -32,6 +32,7 @@ module REXML +Fri Nov 7 02:08:04 2008 Shugo Maeda + + * lib/rexml/entity.rb (unnormalized): do not call + document.record_entity_expansion if document is nil. + see . + Thanks, Naohisa Goto. backported from trunk. + + * test/rexml/test_document.rb: ditto. + +Sat Sep 13 11:05:38 2008 Shugo Maeda + + * lib/rexml/document.rb: limit entity expansion. Thanks, Luka + Treiber, Mitja Kolsek, and Michael Koziarski. backported from + trunk r19033, r19317, r19318. + + * lib/rexml/entity.rb: ditto. + + * test/rexml/test_document.rb: ditto. + +Index: ruby_1_8/lib/rexml/document.rb +=================================================================== +--- ruby_1_8/lib/rexml/document.rb (revision 19319) ++++ ruby_1_8/lib/rexml/document.rb (revision 19320) +@@ -32,6 +32,7 @@ # @param context if supplied, contains the context of the document; # this should be a Hash. def initialize( source = nil, context = {} ) @@ -9,10 +29,10 @@ diff -pruN ruby-1.8.6-p287.orig/lib/rexml/document.rb ruby-1.8.6-p287/lib/rexml/ super() @context = context return if source.nil? -@@ -200,6 +201,27 @@ module REXML +@@ -200,6 +201,27 @@ Parsers::StreamParser.new( source, listener ).parse end - + + @@entity_expansion_limit = 10_000 + + # Set the entity expansion limit. By defualt the limit is set to 10000. @@ -26,7 +46,7 @@ diff -pruN ruby-1.8.6-p287.orig/lib/rexml/document.rb ruby-1.8.6-p287/lib/rexml/ + end + + attr_reader :entity_expansion_count -+ ++ + def record_entity_expansion + @entity_expansion_count += 1 + if @entity_expansion_count > @@entity_expansion_limit @@ -37,21 +57,22 @@ diff -pruN ruby-1.8.6-p287.orig/lib/rexml/document.rb ruby-1.8.6-p287/lib/rexml/ private def build( source ) Parsers::TreeParser.new( source, self ).parse -diff -pruN ruby-1.8.6-p287.orig/lib/rexml/entity.rb ruby-1.8.6-p287/lib/rexml/entity.rb ---- ruby-1.8.6-p287.orig/lib/rexml/entity.rb 2007-07-28 11:46:08.000000000 +0900 -+++ ruby-1.8.6-p287/lib/rexml/entity.rb 2008-10-08 22:25:14.000000000 +0900 -@@ -73,6 +73,7 @@ module REXML +Index: ruby_1_8/lib/rexml/entity.rb +=================================================================== +--- ruby_1_8/lib/rexml/entity.rb (revision 19319) ++++ ruby_1_8/lib/rexml/entity.rb (revision 20121) +@@ -73,6 +73,7 @@ # all entities -- both %ent; and &ent; entities. This differs from # +value()+ in that +value+ only replaces %ent; entities. def unnormalized -+ document.record_entity_expansion unless document.nil? ++ document.record_entity_expansion unless document.nil? v = value() return nil if v.nil? @unnormalized = Text::unnormalize(v, parent) -diff -pruN ruby-1.8.6-p287.orig/test/rexml/test_document.rb ruby-1.8.6-p287/test/rexml/test_document.rb ---- ruby-1.8.6-p287.orig/test/rexml/test_document.rb 1970-01-01 09:00:00.000000000 +0900 -+++ ruby-1.8.6-p287/test/rexml/test_document.rb 2008-10-08 22:25:14.000000000 +0900 -@@ -0,0 +1,42 @@ +=================================================================== +--- ruby_1_8/test/rexml/test_document.rb (revision 0) ++++ ruby_1_8/test/rexml/test_document.rb (revision 20121) +@@ -0,0 +1,66 @@ +require "rexml/document" +require "test/unit" + @@ -80,6 +101,19 @@ diff -pruN ruby-1.8.6-p287.orig/test/rexml/test_document.rb ruby-1.8.6-p287/test + +EOF + ++ XML_WITH_4_ENTITY_EXPANSION = < ++ ++ ++]> ++ ++&a; ++&a2; ++< ++ ++EOF ++ + def test_entity_expansion_limit + doc = REXML::Document.new(XML_WITH_NESTED_ENTITY) + assert_raise(RuntimeError) do @@ -92,5 +126,24 @@ diff -pruN ruby-1.8.6-p287.orig/test/rexml/test_document.rb ruby-1.8.6-p287/test + doc.root.children.first.value + end + assert_equal(101, doc.entity_expansion_count) ++ ++ REXML::Document.entity_expansion_limit = 4 ++ doc = REXML::Document.new(XML_WITH_4_ENTITY_EXPANSION) ++ assert_equal("\na\na a\n<\n", doc.root.children.first.value) ++ REXML::Document.entity_expansion_limit = 3 ++ doc = REXML::Document.new(XML_WITH_4_ENTITY_EXPANSION) ++ assert_raise(RuntimeError) do ++ doc.root.children.first.value ++ end ++ ensure ++ REXML::Document.entity_expansion_limit = 10000 + end +end + +Property changes on: ruby_1_8/test/rexml/test_document.rb +___________________________________________________________________ +Added: svn:keywords + + Author Id Revision +Added: svn:eol-style + + LF + diff --git a/ruby-1.8.x-RHASH_SIZE-def.patch b/ruby-1.8.x-RHASH_SIZE-def.patch new file mode 100644 index 0000000..e7c119a --- /dev/null +++ b/ruby-1.8.x-RHASH_SIZE-def.patch @@ -0,0 +1,16 @@ +Index: ruby_1_8/ruby.h +=================================================================== +--- ruby_1_8/ruby.h (revision 13310) ++++ ruby_1_8/ruby.h (revision 13311) +@@ -374,6 +374,11 @@ + int iter_lev; + VALUE ifnone; + }; ++#define RHASH_TBL(h) (RHASH(h)->tbl) ++#define RHASH_ITER_LEV(h) (RHASH(h)->iter_lev) ++#define RHASH_IFNONE(h) (RHASH(h)->ifnone) ++#define RHASH_SIZE(h) (RHASH(h)->tbl->num_entries) ++#define RHASH_EMPTY_P(h) (RHASH_SIZE(h) == 0) + + struct RFile { + struct RBasic basic; diff --git a/ruby-1.8.x-ext_tk-flatten-level-revert.patch b/ruby-1.8.x-ext_tk-flatten-level-revert.patch new file mode 100644 index 0000000..7d57b37 --- /dev/null +++ b/ruby-1.8.x-ext_tk-flatten-level-revert.patch @@ -0,0 +1,58 @@ +Index: ruby-1.8-rev27736_trunk/ext/tk/lib/tk/pack.rb +=================================================================== +--- ruby-1.8-rev27736_trunk/ext/tk/lib/tk/pack.rb (revision 27738) ++++ ruby-1.8-rev27736_trunk/ext/tk/lib/tk/pack.rb (working copy) +@@ -39,7 +39,23 @@ + end + fail ArgumentError, 'no widget is given' if args.empty? + params = [] +- args.flatten(1).each{|win| params.push(_epath(win))} ++ ++ #args.flatten(1).each{|win| params.push(_epath(win))} ++ # ++ # flatten(level) is ruby >=1.8.7 feature, substituting ++ # ++ args_flatten_one = [] ++ args.each {|args1| ++ if args1.is_a? Array then ++ args1.each {|args2| ++ args_flatten_one << args2 ++ } ++ else ++ args_flatten_one << args1 ++ end ++ } ++ args_flatten_one.each{|win| params.push(_epath(win))} ++ + opts.each{|k, v| + params.push("-#{k}") + params.push(_epath(v)) # have to use 'epath' (hash_kv() is unavailable) +Index: ruby-1.8-rev27736_trunk/ext/tk/lib/tk/grid.rb +=================================================================== +--- ruby-1.8-rev27736_trunk/ext/tk/lib/tk/grid.rb (revision 27738) ++++ ruby-1.8-rev27736_trunk/ext/tk/lib/tk/grid.rb (working copy) +@@ -63,7 +63,23 @@ + end + fail ArgumentError, 'no widget is given' if args.empty? + params = [] +- args.flatten(1).each{|win| ++ ++ #args.flatten(1).each{|win| ++ # ++ # flatten(level) is ruby >=1.8.7 feature, substituting ++ # ++ ++ args_flatten_one = [] ++ args.each {|args1| ++ if args1.is_a? Array then ++ args1.each {|args2| ++ args_flatten_one << args2 ++ } ++ else ++ args_flatten_one << args1 ++ end ++ } ++ args_flatten_one.each{|win| + case win + when '-', ?- # RELATIVE PLACEMENT (increase columnspan) + params.push('-') diff --git a/ruby-1.8.x-null-class-must-be-Qnil.patch b/ruby-1.8.x-null-class-must-be-Qnil.patch new file mode 100644 index 0000000..114a97b --- /dev/null +++ b/ruby-1.8.x-null-class-must-be-Qnil.patch @@ -0,0 +1,21 @@ +Sun Mar 1 03:04:19 2009 Akinori MUSHA + + * class.c (rb_singleton_class_clone): Qnil must be used for a null + class reference when we use NIL_P() to check class reference + validity. The bug was exposed by the spec test of Sequel. + + * eval.c (ruby_init): Use NEW_CREF(). + +Index: ruby_1_8/class.c +=================================================================== +--- ruby_1_8/class.c (revision 22678) ++++ ruby_1_8/class.c (revision 22679) +@@ -153,7 +153,7 @@ + data.klass = obj; + break; + default: +- data.klass = 0; ++ data.klass = Qnil; + break; + } + diff --git a/ruby.spec b/ruby.spec index 1fa8ccb..1e4f1f7 100644 --- a/ruby.spec +++ b/ruby.spec @@ -10,13 +10,15 @@ %define sitedir2 %{_prefix}/lib/ruby/site_ruby %define _normalized_cpu %(echo `echo %{_target_cpu} | sed 's/^ppc/powerpc/' | sed -e 's|i.86|i386|'`) +%define tk_using_svn_number 27738 + # emacs sitelisp directory %{!?_emacs_sitelispdir: %global _emacs_sitelispdir %{_datadir}/emacs/site-lisp} %{!?_emacs_sitestartdir: %global _emacs_sitestartdir %{_datadir}/emacs/site-lisp/site-start.d} Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 1%{?dist} +Release: 3%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -39,7 +41,14 @@ Source2: ftp://ftp.ruby-lang.org/pub/%{name}/doc/rubyfaq-990927.tar.gz Source3: ftp://ftp.ruby-lang.org/pub/%{name}/doc/rubyfaq-jp-990927.tar.gz Source4: irb.1 Source10: ruby-mode-init.el +# +# Source100: contains ext/tk directory of the head of ruby_1_8 branch +# i.e. http://svn.ruby-lang.org/repos/ruby/branches/ruby_1_8 +# see bug 560053, 590503, and +# http://lists.fedoraproject.org/pipermail/ruby-sig/2010-May/000096.html +Source100: ruby-1.8-rev%{tk_using_svn_number}_trunk-ext_tk.tar.gz +# Patch1 - Patch23 are Fedora specific Patch1: ruby-deadcode.patch Patch20: ruby-1.8.6-p383-rubyprefix.patch Patch21: ruby-deprecated-sitelib-search-path.patch @@ -47,20 +56,40 @@ Patch22: ruby-deprecated-search-path.patch Patch23: ruby-multilib.patch # Needed in 1.8.6-p287, no longer needed in 1.8.6-p368? #Patch25: ruby-1.8.6.111-gcc43.patch +# ruby_1_8 branch rev 19320, 20121, bug 460134 Patch26: ruby-1.8.6-rexml-CVE-2008-3790.patch +# Patch27, 28 could not be found in the upstream VCS +# Need checking?? Patch27: ruby-1.8.6-p287-CVE-2008-5189.patch Patch28: ruby-1.8.6-p287-remove-ssl-rand-range.patch +# Fedora specific +# Change the directory of sitearchdir from i?86 to i386 for upgrade path Patch29: ruby-always-use-i386.patch +# By Tomas Mraz, "seems" already in ruby_1_8 branch head +# (but have not checked yet in detail) Patch30: ruby-openssl-1.0.patch +# bug 528787, patch from in ruby_1_8 branch Patch31: ruby-1.8.6-p369-ri-gem_multipath.patch -# Patch32 from ruby_1_8 branch +# bug 518584, ruby issue 1556, patch from ruby_1_8??? branch Patch32: ruby-1.8head-irb-save-history.patch +# bug 428384, Fedora specific, however needed for Fedora's static +# archive policy Patch33: ruby-1.8.6-p383-mkmf-use-shared.patch -# Testing -# Patch34 disabled for now +# Testing (bug 559158) +# Patch34 disabled for now as this breaks rubygem-actionpack rake test, +# need investigating Patch34: ruby-1.8.6-simplify-openssl-digest.patch -# bz 580993 +# bug 580993, patch from ruby_1_8_7 branch Patch35: ruby_1_8_7-gc-open4_096segv.patch +# +# Patch36, 37: needed to use the head of ext/tk directory of ruby_1_8 branch head +# Patch36: taken from ruby_1_8 branch +Patch36: ruby-1.8.x-RHASH_SIZE-def.patch +# Patch37: flatten(level) feature is in >= 1.8.7, reverting +Patch37: ruby-1.8.x-ext_tk-flatten-level-revert.patch +# From ruby_1_8 branch: bz 530407 +# bz 530407 reproducible with 1.8.7p174, not with 1.8.7p249 +Patch38: ruby-1.8.x-null-class-must-be-Qnil.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -180,12 +209,19 @@ along with a list of the methods the class or module implements. %prep -%setup -q -c -a 2 -a 3 +%setup -q -c -a 2 -a 3 -a 100 mkdir -p ruby-refm-ja pushd ruby-refm-ja tar fxz %{SOURCE1} popd pushd %{name}-%{arcver} + +( cd ext + mv tk .tk.old + cp -a ../../ruby-1.8-rev*/ext/tk tk + find tk -type d -name \.svn | sort -r | xargs rm -rf +) + %patch1 -p1 %patch20 -p1 %patch21 -p1 @@ -205,6 +241,9 @@ pushd %{name}-%{arcver} # Once kill patch34 due to build failure on actionpack #%%patch34 -p1 %patch35 -p1 +%patch36 -p1 +%patch37 -p1 +%patch38 -p1 popd %build @@ -216,7 +255,10 @@ autoconf rb_cv_func_strtod=no export rb_cv_func_strtod + +# bug 489990 CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing" + export CFLAGS %configure \ --with-sitedir='%{sitedir}' \ @@ -353,6 +395,18 @@ for i in `find -type f ! -name "*.gif"`; do fi done +# fix Japanese encoding strings for ruby-tcltk/ext/tk/sample/ +pushd ruby-tcltk/ext/tk/ +cd sample +find . -path ./demos-jp/\*.rb -or -path ./tkoptdb\*.rb -or -path ./msgs_rb2/ja.msg | \ + xargs sed -i -e 's|euc-jp|utf-8|' +sed -i \ + -e '/KCODE =/s|euc|utf-8|' -e 's|EUC-JP|UTF-8|' \ + demos-jp/widget +cd .. +sed -i -e 's|EUC-JP|UTF-8|' README.1st +popd + # done cd .. @@ -580,6 +634,18 @@ rm -rf $RPM_BUILD_ROOT %{_emacs_sitestartdir}/ruby-mode-init.el %changelog +* Thu May 13 2010 Mamoru Tasaka - 1.8.6.399-3 +- ruby-1.8.x-null-class-must-be-Qnil.patch (bug 530407) +- Recreate some patches using upstream svn when available, and + add some comments for patches + +* Tue May 11 2010 Mamoru Tasaka - 1.8.6.399-2 +- tcltk: Give up using potentially unmaintained ruby_1_8_6 branch + and instead completely replace with ruby_1_8 branch head + (at this time, using rev 27738) + (seems to fix 560053, 590503) +- Fix Japanese encoding strings under ruby-tcltk/ext/tk/sample/ + * Tue Apr 27 2010 Mamoru Tasaka - 1.8.6.399-1 - Update to 1.8.6 p 399 (bug 579675) - Patch to fix gc bug causing open4 crash (bug 580993) diff --git a/sources b/sources index 4217687..b1ee168 100644 --- a/sources +++ b/sources @@ -3,3 +3,4 @@ b6dd396f513efeb7864685c840f9643a ruby-refm-rdp-1.8.2-ja-html.tar.gz 634c25b14e19925d10af3720d72e8741 rubyfaq-990927.tar.gz 4fcec898f51d8371cc42d0a013940469 rubyfaq-jp-990927.tar.gz f77c307cb72fb8808b0e85af5d05cefc ruby-1.8.6-p399.tar.bz2 +6a8313c73087513f24e52d8cee5b3804 ruby-1.8-rev27738_trunk-ext_tk.tar.gz From d4706ff29442b7e4850fea25dd9bae983c4e8150 Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Mon, 17 May 2010 12:50:20 +0000 Subject: [PATCH 04/11] - Patch36 (ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch) also backport rb_hash_lookup definition (bug 592936) --- ruby-1.8.x-RHASH_SIZE-def.patch | 16 ----- ...-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch | 65 +++++++++++++++++++ ruby.spec | 13 +++- 3 files changed, 75 insertions(+), 19 deletions(-) delete mode 100644 ruby-1.8.x-RHASH_SIZE-def.patch create mode 100644 ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch diff --git a/ruby-1.8.x-RHASH_SIZE-def.patch b/ruby-1.8.x-RHASH_SIZE-def.patch deleted file mode 100644 index e7c119a..0000000 --- a/ruby-1.8.x-RHASH_SIZE-def.patch +++ /dev/null @@ -1,16 +0,0 @@ -Index: ruby_1_8/ruby.h -=================================================================== ---- ruby_1_8/ruby.h (revision 13310) -+++ ruby_1_8/ruby.h (revision 13311) -@@ -374,6 +374,11 @@ - int iter_lev; - VALUE ifnone; - }; -+#define RHASH_TBL(h) (RHASH(h)->tbl) -+#define RHASH_ITER_LEV(h) (RHASH(h)->iter_lev) -+#define RHASH_IFNONE(h) (RHASH(h)->ifnone) -+#define RHASH_SIZE(h) (RHASH(h)->tbl->num_entries) -+#define RHASH_EMPTY_P(h) (RHASH_SIZE(h) == 0) - - struct RFile { - struct RBasic basic; diff --git a/ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch b/ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch new file mode 100644 index 0000000..503a6b4 --- /dev/null +++ b/ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch @@ -0,0 +1,65 @@ +Sat Apr 19 18:42:04 2008 Akinori MUSHA + + * intern.h, hash.c (rb_hash_lookup): New internal function to + check if a key exists in a hash, ignoring #default; backported + from 1.9. + +Thu Aug 30 08:24:18 2007 Tanaka Akira + + * ruby.h (RHASH_TBL): defined for compatibility to 1.9. + * (RHASH_ITER_LEV): ditto. + * (RHASH_IFNONE): ditto. + * (RHASH_SIZE): ditto. + * (RHASH_EMPTY_P): ditto. + +Index: ruby_1_8/ruby.h +=================================================================== +--- ruby_1_8/ruby.h (revision 13310) ++++ ruby_1_8/ruby.h (revision 13311) +@@ -374,6 +374,11 @@ + int iter_lev; + VALUE ifnone; + }; ++#define RHASH_TBL(h) (RHASH(h)->tbl) ++#define RHASH_ITER_LEV(h) (RHASH(h)->iter_lev) ++#define RHASH_IFNONE(h) (RHASH(h)->ifnone) ++#define RHASH_SIZE(h) (RHASH(h)->tbl->num_entries) ++#define RHASH_EMPTY_P(h) (RHASH_SIZE(h) == 0) + + struct RFile { + struct RBasic basic; +Index: ruby_1_8/hash.c +=================================================================== +--- ruby_1_8/hash.c (revision 16077) ++++ ruby_1_8/hash.c (revision 16078) +@@ -454,6 +454,18 @@ + return val; + } + ++VALUE ++rb_hash_lookup(hash, key) ++ VALUE hash, key; ++{ ++ VALUE val; ++ ++ if (!st_lookup(RHASH(hash)->tbl, key, &val)) { ++ return Qnil; /* without Hash#default */ ++ } ++ return val; ++} ++ + /* + * call-seq: + * hsh.fetch(key [, default] ) => obj +Index: ruby_1_8/intern.h +=================================================================== +--- ruby_1_8/intern.h (revision 16077) ++++ ruby_1_8/intern.h (revision 16078) +@@ -270,6 +270,7 @@ + VALUE rb_hash_new _((void)); + VALUE rb_hash_freeze _((VALUE)); + VALUE rb_hash_aref _((VALUE, VALUE)); ++VALUE rb_hash_lookup _((VALUE, VALUE)); + VALUE rb_hash_aset _((VALUE, VALUE, VALUE)); + VALUE rb_hash_delete_if _((VALUE)); + VALUE rb_hash_delete _((VALUE,VALUE)); diff --git a/ruby.spec b/ruby.spec index 1e4f1f7..d6fadb8 100644 --- a/ruby.spec +++ b/ruby.spec @@ -18,7 +18,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 3%{?dist} +Release: 3.1%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -83,8 +83,11 @@ Patch34: ruby-1.8.6-simplify-openssl-digest.patch Patch35: ruby_1_8_7-gc-open4_096segv.patch # # Patch36, 37: needed to use the head of ext/tk directory of ruby_1_8 branch head -# Patch36: taken from ruby_1_8 branch -Patch36: ruby-1.8.x-RHASH_SIZE-def.patch +# Patch36: taken from ruby_1_8 branch, RHASH_SIZE definition is needed +# for ruby_1_8 head ext/tk +# With this change, rb_hash_lookup becomes also needed for rubygem-nokogiri +# (bug 592936) +Patch36: ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch # Patch37: flatten(level) feature is in >= 1.8.7, reverting Patch37: ruby-1.8.x-ext_tk-flatten-level-revert.patch # From ruby_1_8 branch: bz 530407 @@ -634,6 +637,10 @@ rm -rf $RPM_BUILD_ROOT %{_emacs_sitestartdir}/ruby-mode-init.el %changelog +* Mon May 17 2010 Mamoru Tasaka - 1.8.6.399-4 +- Patch36 (ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch) + also backport rb_hash_lookup definition (bug 592936) + * Thu May 13 2010 Mamoru Tasaka - 1.8.6.399-3 - ruby-1.8.x-null-class-must-be-Qnil.patch (bug 530407) - Recreate some patches using upstream svn when available, and From e6de7f079a6ab8eb288fc1a92f6c2ed95ac84094 Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Mon, 17 May 2010 12:51:24 +0000 Subject: [PATCH 05/11] fix release --- ruby.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ruby.spec b/ruby.spec index d6fadb8..d374e40 100644 --- a/ruby.spec +++ b/ruby.spec @@ -18,7 +18,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 3.1%{?dist} +Release: 4%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) From c9c9cfa72aaa83bb01d81ccd5e94e683e7b3a4bc Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Tue, 18 May 2010 17:42:33 +0000 Subject: [PATCH 06/11] - Retry for bug 559158, Simplify the OpenSSL::Digest class pull more change commits from ruby_1_8 branch --- ...igest-once-revert-for-simplify-patch.patch | 15 ++ ruby-1.8.6-rexml-CVE-2008-3790.patch | 149 ---------- ruby-1.8.6-simplify-openssl-digest.patch | 254 +++++++++++++----- ruby.spec | 25 +- 4 files changed, 225 insertions(+), 218 deletions(-) create mode 100644 ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch delete mode 100644 ruby-1.8.6-rexml-CVE-2008-3790.patch diff --git a/ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch b/ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch new file mode 100644 index 0000000..336254a --- /dev/null +++ b/ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch @@ -0,0 +1,15 @@ +Index: ruby_1_8_6/ext/openssl/ossl_digest.c +=================================================================== +--- ruby_1_8_6/ext/openssl/ossl_digest.c (revision 12042) ++++ ruby_1_8_6/ext/openssl/ossl_digest.c (revision 12043) +@@ -264,6 +264,10 @@ + void + Init_ossl_digest() + { ++#if 0 /* let rdoc know about mOSSL */ ++ mOSSL = rb_define_module("OpenSSL"); ++#endif ++ + mDigest = rb_define_module_under(mOSSL, "Digest"); + + eDigestError = rb_define_class_under(mDigest, "DigestError", eOSSLError); diff --git a/ruby-1.8.6-rexml-CVE-2008-3790.patch b/ruby-1.8.6-rexml-CVE-2008-3790.patch deleted file mode 100644 index a0788b2..0000000 --- a/ruby-1.8.6-rexml-CVE-2008-3790.patch +++ /dev/null @@ -1,149 +0,0 @@ -Fri Nov 7 02:08:04 2008 Shugo Maeda - - * lib/rexml/entity.rb (unnormalized): do not call - document.record_entity_expansion if document is nil. - see . - Thanks, Naohisa Goto. backported from trunk. - - * test/rexml/test_document.rb: ditto. - -Sat Sep 13 11:05:38 2008 Shugo Maeda - - * lib/rexml/document.rb: limit entity expansion. Thanks, Luka - Treiber, Mitja Kolsek, and Michael Koziarski. backported from - trunk r19033, r19317, r19318. - - * lib/rexml/entity.rb: ditto. - - * test/rexml/test_document.rb: ditto. - -Index: ruby_1_8/lib/rexml/document.rb -=================================================================== ---- ruby_1_8/lib/rexml/document.rb (revision 19319) -+++ ruby_1_8/lib/rexml/document.rb (revision 19320) -@@ -32,6 +32,7 @@ - # @param context if supplied, contains the context of the document; - # this should be a Hash. - def initialize( source = nil, context = {} ) -+ @entity_expansion_count = 0 - super() - @context = context - return if source.nil? -@@ -200,6 +201,27 @@ - Parsers::StreamParser.new( source, listener ).parse - end - -+ @@entity_expansion_limit = 10_000 -+ -+ # Set the entity expansion limit. By defualt the limit is set to 10000. -+ def Document::entity_expansion_limit=( val ) -+ @@entity_expansion_limit = val -+ end -+ -+ # Get the entity expansion limit. By defualt the limit is set to 10000. -+ def Document::entity_expansion_limit -+ return @@entity_expansion_limit -+ end -+ -+ attr_reader :entity_expansion_count -+ -+ def record_entity_expansion -+ @entity_expansion_count += 1 -+ if @entity_expansion_count > @@entity_expansion_limit -+ raise "number of entity expansions exceeded, processing aborted." -+ end -+ end -+ - private - def build( source ) - Parsers::TreeParser.new( source, self ).parse -Index: ruby_1_8/lib/rexml/entity.rb -=================================================================== ---- ruby_1_8/lib/rexml/entity.rb (revision 19319) -+++ ruby_1_8/lib/rexml/entity.rb (revision 20121) -@@ -73,6 +73,7 @@ - # all entities -- both %ent; and &ent; entities. This differs from - # +value()+ in that +value+ only replaces %ent; entities. - def unnormalized -+ document.record_entity_expansion unless document.nil? - v = value() - return nil if v.nil? - @unnormalized = Text::unnormalize(v, parent) -=================================================================== ---- ruby_1_8/test/rexml/test_document.rb (revision 0) -+++ ruby_1_8/test/rexml/test_document.rb (revision 20121) -@@ -0,0 +1,66 @@ -+require "rexml/document" -+require "test/unit" -+ -+class REXML::TestDocument < Test::Unit::TestCase -+ def test_new -+ doc = REXML::Document.new(< -+Hello world! -+EOF -+ assert_equal("Hello world!", doc.root.children.first.value) -+ end -+ -+ XML_WITH_NESTED_ENTITY = < -+ -+ -+ -+ -+ -+ -+ -+]> -+ -+&a; -+ -+EOF -+ -+ XML_WITH_4_ENTITY_EXPANSION = < -+ -+ -+]> -+ -+&a; -+&a2; -+< -+ -+EOF -+ -+ def test_entity_expansion_limit -+ doc = REXML::Document.new(XML_WITH_NESTED_ENTITY) -+ assert_raise(RuntimeError) do -+ doc.root.children.first.value -+ end -+ REXML::Document.entity_expansion_limit = 100 -+ assert_equal(100, REXML::Document.entity_expansion_limit) -+ doc = REXML::Document.new(XML_WITH_NESTED_ENTITY) -+ assert_raise(RuntimeError) do -+ doc.root.children.first.value -+ end -+ assert_equal(101, doc.entity_expansion_count) -+ -+ REXML::Document.entity_expansion_limit = 4 -+ doc = REXML::Document.new(XML_WITH_4_ENTITY_EXPANSION) -+ assert_equal("\na\na a\n<\n", doc.root.children.first.value) -+ REXML::Document.entity_expansion_limit = 3 -+ doc = REXML::Document.new(XML_WITH_4_ENTITY_EXPANSION) -+ assert_raise(RuntimeError) do -+ doc.root.children.first.value -+ end -+ ensure -+ REXML::Document.entity_expansion_limit = 10000 -+ end -+end - -Property changes on: ruby_1_8/test/rexml/test_document.rb -___________________________________________________________________ -Added: svn:keywords - + Author Id Revision -Added: svn:eol-style - + LF - diff --git a/ruby-1.8.6-simplify-openssl-digest.patch b/ruby-1.8.6-simplify-openssl-digest.patch index 2636538..21d5ae1 100644 --- a/ruby-1.8.6-simplify-openssl-digest.patch +++ b/ruby-1.8.6-simplify-openssl-digest.patch @@ -1,7 +1,25 @@ -diff --git a/ext/openssl/lib/openssl/digest.rb b/ext/openssl/lib/openssl/digest.rb -index b3e4484..4810f01 100644 ---- a/ext/openssl/lib/openssl/digest.rb -+++ b/ext/openssl/lib/openssl/digest.rb +Mon Feb 25 17:30:29 2008 Technorama Ltd. + * ext/openssl/digest.c ext/openssl/lib/openssl/digest.rb: + Commit patch #9280 from Akinori MUSHA. + Simplify the OpenSSL::Digest class and make use of the + existing Digest framework. + Enhance performance. + +Thu Apr 5 14:58:49 2007 Technorama Ltd. + * ext/openssl/ossl_pkcs5.c: New module. + + * ext/openssl/ossl_{cipher,digest,pkcs7,pkcs12}.c: + Remove redundant module namespace. + + * ext/openssl/lib/openssl/{cipher,digest}.rb + Add backwards compatibile classes for rearranged classes. + + * ext/openssl/ossl_{pkcs7,pkcs12}.c: Add documentation. + +Index: ruby_1_8/ext/openssl/lib/openssl/digest.rb +=================================================================== +--- ruby_1_8/ext/openssl/lib/openssl/digest.rb (revision 11708) ++++ ruby_1_8/ext/openssl/lib/openssl/digest.rb (revision 15600) @@ -19,13 +19,17 @@ #require 'openssl' @@ -21,7 +39,7 @@ index b3e4484..4810f01 100644 alg.each{|name| klass = Class.new(Digest){ define_method(:initialize){|*data| -@@ -44,6 +48,14 @@ module OpenSSL +@@ -44,6 +48,14 @@ const_set(name, klass) } @@ -36,20 +54,46 @@ index b3e4484..4810f01 100644 end # Digest end # OpenSSL -diff --git a/ext/openssl/ossl_digest.c b/ext/openssl/ossl_digest.c -index 4096b09..b0308f0 100644 ---- a/ext/openssl/ossl_digest.c -+++ b/ext/openssl/ossl_digest.c -@@ -40,7 +40,7 @@ GetDigestPtr(VALUE obj) +Index: ruby_1_8/ext/openssl/ossl_digest.c +=================================================================== +--- ruby_1_8/ext/openssl/ossl_digest.c (revision 11708) ++++ ruby_1_8/ext/openssl/ossl_digest.c (revision 15600) +@@ -24,7 +24,6 @@ + /* + * Classes + */ +-VALUE mDigest; + VALUE cDigest; + VALUE eDigestError; - SafeGetDigest(obj, ctx); +@@ -36,11 +35,23 @@ + const EVP_MD * + GetDigestPtr(VALUE obj) + { +- EVP_MD_CTX *ctx; ++ const EVP_MD *md; + +- SafeGetDigest(obj, ctx); ++ if (TYPE(obj) == T_STRING) { ++ const char *name = STR2CSTR(obj); - return EVP_MD_CTX_md(ctx); /*== ctx->digest*/ -+ return EVP_MD_CTX_md(ctx); ++ md = EVP_get_digestbyname(name); ++ if (!md) ++ ossl_raise(rb_eRuntimeError, "Unsupported digest algorithm (%s).", name); ++ } else { ++ EVP_MD_CTX *ctx; ++ ++ SafeGetDigest(obj, ctx); ++ ++ md = EVP_MD_CTX_md(ctx); ++ } ++ ++ return md; } VALUE -@@ -51,7 +51,6 @@ ossl_digest_new(const EVP_MD *md) +@@ -51,7 +62,6 @@ ret = ossl_digest_alloc(cDigest); GetDigest(ret, ctx); @@ -57,7 +101,7 @@ index 4096b09..b0308f0 100644 EVP_DigestInit_ex(ctx, md, NULL); return ret; -@@ -69,9 +68,8 @@ ossl_digest_alloc(VALUE klass) +@@ -69,14 +79,18 @@ ctx = EVP_MD_CTX_create(); if (ctx == NULL) ossl_raise(rb_eRuntimeError, "EVP_MD_CTX_create() failed"); @@ -68,7 +112,17 @@ index 4096b09..b0308f0 100644 return obj; } -@@ -86,14 +84,9 @@ ossl_digest_initialize(int argc, VALUE *argv, VALUE self) + VALUE ossl_digest_update(VALUE, VALUE); + ++/* ++ * call-seq: ++ * Digest.new(string) -> digest ++ * ++ */ + static VALUE + ossl_digest_initialize(int argc, VALUE *argv, VALUE self) + { +@@ -86,14 +100,9 @@ VALUE type, data; rb_scan_args(argc, argv, "11", &type, &data); @@ -85,7 +139,37 @@ index 4096b09..b0308f0 100644 GetDigest(self, ctx); EVP_DigestInit_ex(ctx, md, NULL); -@@ -141,75 +134,25 @@ ossl_digest_update(VALUE self, VALUE data) +@@ -118,6 +127,11 @@ + return self; + } + ++/* ++ * call-seq: ++ * digest.reset -> self ++ * ++ */ + static VALUE + ossl_digest_reset(VALUE self) + { +@@ -129,6 +143,11 @@ + return self; + } + ++/* ++ * call-seq: ++ * digest.update(string) -> aString ++ * ++ */ + VALUE + ossl_digest_update(VALUE self, VALUE data) + { +@@ -136,126 +155,77 @@ + + StringValue(data); + GetDigest(self, ctx); +- EVP_DigestUpdate(ctx, RSTRING(data)->ptr, RSTRING(data)->len); ++ EVP_DigestUpdate(ctx, RSTRING_PTR(data), RSTRING_LEN(data)); + return self; } @@ -105,10 +189,16 @@ index 4096b09..b0308f0 100644 - EVP_MD_CTX_cleanup(&final); -} - --static VALUE ++/* ++ * call-seq: ++ * digest.finish -> aString ++ * ++ */ + static VALUE -ossl_digest_digest(VALUE self) --{ -- EVP_MD_CTX *ctx; ++ossl_digest_finish(int argc, VALUE *argv, VALUE self) + { + EVP_MD_CTX *ctx; - char *buf; - int buf_len; - VALUE digest; @@ -119,16 +209,15 @@ index 4096b09..b0308f0 100644 - - return digest; -} -- - static VALUE ++ VALUE str; + +-static VALUE -ossl_digest_hexdigest(VALUE self) -+ossl_digest_finish(int argc, VALUE *argv, VALUE self) - { - EVP_MD_CTX *ctx; +-{ +- EVP_MD_CTX *ctx; - char *buf, *hexbuf; - int buf_len; - VALUE hexdigest; -+ VALUE str; + rb_scan_args(argc, argv, "01", &str); GetDigest(self, ctx); @@ -136,6 +225,7 @@ index 4096b09..b0308f0 100644 - if (string2hex(buf, buf_len, &hexbuf, NULL) != 2 * buf_len) { - OPENSSL_free(buf); - ossl_raise(eDigestError, "Memory alloc error"); ++ + if (NIL_P(str)) { + str = rb_str_new(NULL, EVP_MD_CTX_size(ctx)); + } else { @@ -147,67 +237,112 @@ index 4096b09..b0308f0 100644 - return hexdigest; -} -- ++ EVP_DigestFinal_ex(ctx, RSTRING_PTR(str), NULL); + -static VALUE -ossl_digest_s_digest(VALUE klass, VALUE str, VALUE data) -{ - VALUE obj = rb_class_new_instance(1, &str, klass); -+ EVP_DigestFinal_ex(ctx, RSTRING_PTR(str), NULL); - -- ossl_digest_update(obj, data); -+ return str; - -- return ossl_digest_digest(obj); --} - --static VALUE +- ossl_digest_update(obj, data); +- +- return ossl_digest_digest(obj); ++ return str; + } + ++/* ++ * call-seq: ++ * digest.name -> string ++ * ++ */ + static VALUE -ossl_digest_s_hexdigest(VALUE klass, VALUE str, VALUE data) --{ ++ossl_digest_name(VALUE self) + { - VALUE obj = rb_class_new_instance(1, &str, klass); - - ossl_digest_update(obj, data); - - return ossl_digest_hexdigest(obj); +-} +- +-static VALUE +-ossl_digest_equal(VALUE self, VALUE other) +-{ + EVP_MD_CTX *ctx; +- VALUE str1, str2; + +- if (rb_obj_is_kind_of(other, cDigest) == Qtrue) { +- str2 = ossl_digest_digest(other); +- } else { +- StringValue(other); +- str2 = other; +- } + GetDigest(self, ctx); +- if (RSTRING(str2)->len == EVP_MD_CTX_size(ctx)) { +- str1 = ossl_digest_digest(self); +- } else { +- str1 = ossl_digest_hexdigest(self); +- } +- if (RSTRING(str1)->len == RSTRING(str2)->len +- && rb_str_cmp(str1, str2) == 0) { +- return Qtrue; +- } + +- return Qfalse; ++ return rb_str_new2(EVP_MD_name(EVP_MD_CTX_md(ctx))); + } + ++/* ++ * call-seq: ++ * digest.digest_size -> integer ++ * ++ * Returns the output size of the digest. ++ */ + static VALUE +-ossl_digest_name(VALUE self) ++ossl_digest_size(VALUE self) + { + EVP_MD_CTX *ctx; + + GetDigest(self, ctx); + +- return rb_str_new2(EVP_MD_name(EVP_MD_CTX_md(ctx))); ++ return INT2NUM(EVP_MD_CTX_size(ctx)); } static VALUE -@@ -258,41 +201,44 @@ ossl_digest_size(VALUE self) - return INT2NUM(EVP_MD_CTX_size(ctx)); +-ossl_digest_size(VALUE self) ++ossl_digest_block_length(VALUE self) + { + EVP_MD_CTX *ctx; + + GetDigest(self, ctx); + +- return INT2NUM(EVP_MD_CTX_size(ctx)); ++ return INT2NUM(EVP_MD_CTX_block_size(ctx)); } -+static VALUE -+ossl_digest_block_length(VALUE self) -+{ -+ EVP_MD_CTX *ctx; -+ -+ GetDigest(self, ctx); -+ -+ return INT2NUM(EVP_MD_CTX_block_size(ctx)); -+} -+ -+ /* - * INIT - */ +@@ -264,31 +234,26 @@ void Init_ossl_digest() { +- mDigest = rb_define_module_under(mOSSL, "Digest"); + rb_require("openssl"); + rb_require("digest"); + - #if 0 /* let rdoc know about mOSSL */ - mOSSL = rb_define_module("OpenSSL"); - #endif - -- mDigest = rb_define_module_under(mOSSL, "Digest"); -- ++#if 0 /* let rdoc know about mOSSL */ ++ mOSSL = rb_define_module("OpenSSL"); ++#endif ++ ++ cDigest = rb_define_class_under(mOSSL, "Digest", rb_path2class("Digest::Class")); ++ eDigestError = rb_define_class_under(cDigest, "DigestError", eOSSLError); + - eDigestError = rb_define_class_under(mDigest, "DigestError", eOSSLError); - - cDigest = rb_define_class_under(mDigest, "Digest", rb_cObject); - -+ cDigest = rb_define_class_under(mOSSL, "Digest", rb_path2class("Digest::Class")); -+ eDigestError = rb_define_class_under(cDigest, "DigestError", eOSSLError); -+ rb_define_alloc_func(cDigest, ossl_digest_alloc); - rb_define_singleton_method(cDigest, "digest", ossl_digest_s_digest, 2); - rb_define_singleton_method(cDigest, "hexdigest", ossl_digest_s_hexdigest, 2); @@ -236,4 +371,3 @@ index 4096b09..b0308f0 100644 rb_define_method(cDigest, "name", ossl_digest_name, 0); - rb_define_method(cDigest, "size", ossl_digest_size, 0); } -+ diff --git a/ruby.spec b/ruby.spec index d374e40..38e16cd 100644 --- a/ruby.spec +++ b/ruby.spec @@ -18,7 +18,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 4%{?dist} +Release: 5%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -57,7 +57,8 @@ Patch23: ruby-multilib.patch # Needed in 1.8.6-p287, no longer needed in 1.8.6-p368? #Patch25: ruby-1.8.6.111-gcc43.patch # ruby_1_8 branch rev 19320, 20121, bug 460134 -Patch26: ruby-1.8.6-rexml-CVE-2008-3790.patch +# Included in 1.8.6 p368 +#Patch26: ruby-1.8.6-rexml-CVE-2008-3790.patch # Patch27, 28 could not be found in the upstream VCS # Need checking?? Patch27: ruby-1.8.6-p287-CVE-2008-5189.patch @@ -75,9 +76,8 @@ Patch32: ruby-1.8head-irb-save-history.patch # bug 428384, Fedora specific, however needed for Fedora's static # archive policy Patch33: ruby-1.8.6-p383-mkmf-use-shared.patch -# Testing (bug 559158) -# Patch34 disabled for now as this breaks rubygem-actionpack rake test, -# need investigating +# bug 559158, Simplify the OpenSSL::Digest class +# Applying Patch34 needs reversing Patch39 part Patch34: ruby-1.8.6-simplify-openssl-digest.patch # bug 580993, patch from ruby_1_8_7 branch Patch35: ruby_1_8_7-gc-open4_096segv.patch @@ -93,6 +93,8 @@ Patch37: ruby-1.8.x-ext_tk-flatten-level-revert.patch # From ruby_1_8 branch: bz 530407 # bz 530407 reproducible with 1.8.7p174, not with 1.8.7p249 Patch38: ruby-1.8.x-null-class-must-be-Qnil.patch +# Once revert this patch to apply Patch34 cleanly +Patch39: ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -232,8 +234,8 @@ pushd %{name}-%{arcver} %patch22 -p1 %patch23 -p1 %endif -#%patch25 -p1 -#%patch26 -p1 +#%%patch25 -p1 +#%%patch26 -p1 %patch27 -p0 %patch28 -p1 %patch29 -p1 @@ -241,8 +243,9 @@ pushd %{name}-%{arcver} %patch31 -p1 %patch32 -p0 %patch33 -p1 -# Once kill patch34 due to build failure on actionpack -#%%patch34 -p1 +# To apply patch34, patch39 part must once be reverted +%patch39 -p1 -R +%patch34 -p1 %patch35 -p1 %patch36 -p1 %patch37 -p1 @@ -637,6 +640,10 @@ rm -rf $RPM_BUILD_ROOT %{_emacs_sitestartdir}/ruby-mode-init.el %changelog +* Wed May 19 2010 Mamoru Tasaka - 1.8.6.399-5 +- Retry for bug 559158, Simplify the OpenSSL::Digest class + pull more change commits from ruby_1_8 branch + * Mon May 17 2010 Mamoru Tasaka - 1.8.6.399-4 - Patch36 (ruby-1.8.x-RHASH_SIZE-rb_hash_lookup-def.patch) also backport rb_hash_lookup definition (bug 592936) From 4ff0d0bfbc9b4e4fbd0d5f52af57dbf529f3bb3d Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 29 Jul 2010 11:43:55 +0000 Subject: [PATCH 07/11] dist-git conversion --- .cvsignore => .gitignore | 0 Makefile | 21 --------------------- branch | 1 - import.log | 9 --------- 4 files changed, 31 deletions(-) rename .cvsignore => .gitignore (100%) delete mode 100644 Makefile delete mode 100644 branch delete mode 100644 import.log diff --git a/.cvsignore b/.gitignore similarity index 100% rename from .cvsignore rename to .gitignore diff --git a/Makefile b/Makefile deleted file mode 100644 index 9141959..0000000 --- a/Makefile +++ /dev/null @@ -1,21 +0,0 @@ -# Makefile for source rpm: ruby -# $Id: Makefile,v 1.2 2007/10/15 19:21:20 notting Exp $ -NAME := ruby -SPECFILE = $(firstword $(wildcard *.spec)) - -define find-makefile-common -for d in common ../common ../../common ; do if [ -f $$d/Makefile.common ] ; then if [ -f $$d/CVS/Root -a -w $$d/Makefile.common ] ; then cd $$d ; cvs -Q update ; fi ; echo "$$d/Makefile.common" ; break ; fi ; done -endef - -MAKEFILE_COMMON := $(shell $(find-makefile-common)) - -ifeq ($(MAKEFILE_COMMON),) -# attempt a checkout -define checkout-makefile-common -test -f CVS/Root && { cvs -Q -d $$(cat CVS/Root) checkout common && echo "common/Makefile.common" ; } || { echo "ERROR: I can't figure out how to checkout the 'common' module." ; exit -1 ; } >&2 -endef - -MAKEFILE_COMMON := $(shell $(checkout-makefile-common)) -endif - -include $(MAKEFILE_COMMON) diff --git a/branch b/branch deleted file mode 100644 index baa94ef..0000000 --- a/branch +++ /dev/null @@ -1 +0,0 @@ -F-13 diff --git a/import.log b/import.log deleted file mode 100644 index 0f3c183..0000000 --- a/import.log +++ /dev/null @@ -1,9 +0,0 @@ -ruby-1_8_6_287-4_fc10:HEAD:ruby-1.8.6.287-4.fc10.src.rpm:1237096558 -ruby-1_8_6_287-5_fc10:HEAD:ruby-1.8.6.287-5.fc10.src.rpm:1237096677 -ruby-1_8_6_287-7_fc11:HEAD:ruby-1.8.6.287-7.fc11.src.rpm:1237351812 -ruby-1_8_6_368-1_fc11:HEAD:ruby-1.8.6.368-1.fc11.src.rpm:1243759307 -ruby-1_8_6_368-2_fc11:HEAD:ruby-1.8.6.368-2.fc11.src.rpm:1245520186 -ruby-1_8_6_369-1_fc11:HEAD:ruby-1.8.6.369-1.fc11.src.rpm:1245760717 -ruby-1_8_6_388-6_fc12:HEAD:ruby-1.8.6.388-6.fc12.src.rpm:1264032880 -ruby-1_8_6_388-7_fc12:HEAD:ruby-1.8.6.388-7.fc12.src.rpm:1264596030 -ruby-1_8_6_388-8_fc12:HEAD:ruby-1.8.6.388-8.fc12.src.rpm:1264601829 From 9e54766673a2a7e043cfab249f99d9909b55fbec Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Mon, 23 Aug 2010 02:44:37 +0900 Subject: [PATCH 08/11] - Apply upstream patch for CVE-2010-0541 (bug 587731) --- ruby-1.8.6.x-CVE-2010-0541.patch | 22 ++++++++++++++++++++++ ruby.spec | 8 +++++++- 2 files changed, 29 insertions(+), 1 deletion(-) create mode 100644 ruby-1.8.6.x-CVE-2010-0541.patch diff --git a/ruby-1.8.6.x-CVE-2010-0541.patch b/ruby-1.8.6.x-CVE-2010-0541.patch new file mode 100644 index 0000000..2b5d808 --- /dev/null +++ b/ruby-1.8.6.x-CVE-2010-0541.patch @@ -0,0 +1,22 @@ +commit 11183a22ef3998b9e822bb9322e49b8d6838aa81 +Author: wyhaines +Date: Tue Aug 17 18:36:29 2010 +0000 + + lib/webrick/httpresponse.rb: CVE-2010-0541; Fix a potential XSS vulnerabilty. See the CVE report for more information. + + + git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@29026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e + +diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb +index 62156b1..48fe4b0 100644 +--- a/lib/webrick/httpresponse.rb ++++ b/lib/webrick/httpresponse.rb +@@ -209,7 +209,7 @@ module WEBrick + @keep_alive = false + self.status = HTTPStatus::RC_INTERNAL_SERVER_ERROR + end +- @header['content-type'] = "text/html" ++ @header['content-type'] = "text/html; charset=ISO-8859-1" + + if respond_to?(:create_error_page) + create_error_page() diff --git a/ruby.spec b/ruby.spec index 38e16cd..95f8ab8 100644 --- a/ruby.spec +++ b/ruby.spec @@ -18,7 +18,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 5%{?dist} +Release: 6%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -95,6 +95,8 @@ Patch37: ruby-1.8.x-ext_tk-flatten-level-revert.patch Patch38: ruby-1.8.x-null-class-must-be-Qnil.patch # Once revert this patch to apply Patch34 cleanly Patch39: ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch +# From upstream ruby_1_8_6 branch: Patch for CVE-2010-0541 +Patch40: ruby-1.8.6.x-CVE-2010-0541.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -250,6 +252,7 @@ pushd %{name}-%{arcver} %patch36 -p1 %patch37 -p1 %patch38 -p1 +%patch40 -p1 popd %build @@ -640,6 +643,9 @@ rm -rf $RPM_BUILD_ROOT %{_emacs_sitestartdir}/ruby-mode-init.el %changelog +* Mon Aug 23 2010 Mamoru Tasaka - 1.8.6.399-6 +- Apply upstream patch for CVE-2010-0541 (bug 587731) + * Wed May 19 2010 Mamoru Tasaka - 1.8.6.399-5 - Retry for bug 559158, Simplify the OpenSSL::Digest class pull more change commits from ruby_1_8 branch From ea5807830d4833b381a1ccb3452c7dc61e8622f1 Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Mon, 27 Dec 2010 00:15:41 +0900 Subject: [PATCH 09/11] - Update to 1.8.6 p420 --- .gitignore | 1 + ruby-1.8.6.x-CVE-2010-0541.patch | 22 ---------------------- ruby.spec | 10 +++++----- sources | 3 +-- 4 files changed, 7 insertions(+), 29 deletions(-) delete mode 100644 ruby-1.8.6.x-CVE-2010-0541.patch diff --git a/.gitignore b/.gitignore index e4e63dc..de66a18 100644 --- a/.gitignore +++ b/.gitignore @@ -4,3 +4,4 @@ rubyfaq-990927.tar.gz rubyfaq-jp-990927.tar.gz ruby-1.8.6-p399.tar.bz2 ruby-1.8-rev27738_trunk-ext_tk.tar.gz +/ruby-1.8.6-p420.tar.bz2 diff --git a/ruby-1.8.6.x-CVE-2010-0541.patch b/ruby-1.8.6.x-CVE-2010-0541.patch deleted file mode 100644 index 2b5d808..0000000 --- a/ruby-1.8.6.x-CVE-2010-0541.patch +++ /dev/null @@ -1,22 +0,0 @@ -commit 11183a22ef3998b9e822bb9322e49b8d6838aa81 -Author: wyhaines -Date: Tue Aug 17 18:36:29 2010 +0000 - - lib/webrick/httpresponse.rb: CVE-2010-0541; Fix a potential XSS vulnerabilty. See the CVE report for more information. - - - git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@29026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e - -diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb -index 62156b1..48fe4b0 100644 ---- a/lib/webrick/httpresponse.rb -+++ b/lib/webrick/httpresponse.rb -@@ -209,7 +209,7 @@ module WEBrick - @keep_alive = false - self.status = HTTPStatus::RC_INTERNAL_SERVER_ERROR - end -- @header['content-type'] = "text/html" -+ @header['content-type'] = "text/html; charset=ISO-8859-1" - - if respond_to?(:create_error_page) - create_error_page() diff --git a/ruby.spec b/ruby.spec index 95f8ab8..16d1b1a 100644 --- a/ruby.spec +++ b/ruby.spec @@ -1,6 +1,6 @@ %define rubyxver 1.8 %define rubyver 1.8.6 -%define _patchlevel 399 +%define _patchlevel 420 %define dotpatchlevel %{?_patchlevel:.%{_patchlevel}} %define patchlevel %{?_patchlevel:-p%{_patchlevel}} %define arcver %{rubyver}%{?patchlevel} @@ -18,7 +18,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 6%{?dist} +Release: 1%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -95,8 +95,6 @@ Patch37: ruby-1.8.x-ext_tk-flatten-level-revert.patch Patch38: ruby-1.8.x-null-class-must-be-Qnil.patch # Once revert this patch to apply Patch34 cleanly Patch39: ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch -# From upstream ruby_1_8_6 branch: Patch for CVE-2010-0541 -Patch40: ruby-1.8.6.x-CVE-2010-0541.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -252,7 +250,6 @@ pushd %{name}-%{arcver} %patch36 -p1 %patch37 -p1 %patch38 -p1 -%patch40 -p1 popd %build @@ -643,6 +640,9 @@ rm -rf $RPM_BUILD_ROOT %{_emacs_sitestartdir}/ruby-mode-init.el %changelog +* Sun Dec 26 2010 Mamoru Tasaka - 1.8.6.420-1 +- Update to 1.8.6 p420 + * Mon Aug 23 2010 Mamoru Tasaka - 1.8.6.399-6 - Apply upstream patch for CVE-2010-0541 (bug 587731) diff --git a/sources b/sources index b1ee168..674141f 100644 --- a/sources +++ b/sources @@ -1,6 +1,5 @@ -f26cefbc8ab6728650ab9ae773d22bcb ruby-1.8.6-p388.tar.bz2 b6dd396f513efeb7864685c840f9643a ruby-refm-rdp-1.8.2-ja-html.tar.gz 634c25b14e19925d10af3720d72e8741 rubyfaq-990927.tar.gz 4fcec898f51d8371cc42d0a013940469 rubyfaq-jp-990927.tar.gz -f77c307cb72fb8808b0e85af5d05cefc ruby-1.8.6-p399.tar.bz2 6a8313c73087513f24e52d8cee5b3804 ruby-1.8-rev27738_trunk-ext_tk.tar.gz +1c7a978e9ffd4f56dc2ad74bbd2c34f3 ruby-1.8.6-p420.tar.bz2 From 3158daef37e341f1e95e073d5fe65d29238e6859 Mon Sep 17 00:00:00 2001 From: Mamoru Tasaka Date: Mon, 21 Feb 2011 05:39:46 +0900 Subject: [PATCH 10/11] Backport 2 fixes from 1.8.7p420 Symlink race condition in FileUtils.remove_entry_secure (bug 678913) bypass of $SAFE mechanism in Exception#to_s (bug 678920) --- ...6.x-untainted_strings_can_be_tainted.patch | 23 +++++++++++++++ ...ace-in-FileUtils-remove_entry_secure.patch | 29 +++++++++++++++++++ ruby.spec | 15 +++++++++- 3 files changed, 66 insertions(+), 1 deletion(-) create mode 100644 ruby-1.8.6.x-untainted_strings_can_be_tainted.patch create mode 100644 ruby-1.8.7p334-symlink-race-in-FileUtils-remove_entry_secure.patch diff --git a/ruby-1.8.6.x-untainted_strings_can_be_tainted.patch b/ruby-1.8.6.x-untainted_strings_can_be_tainted.patch new file mode 100644 index 0000000..4aac432 --- /dev/null +++ b/ruby-1.8.6.x-untainted_strings_can_be_tainted.patch @@ -0,0 +1,23 @@ +--- ruby-1.8.6-p420/error.c.tainted 2008-08-04 12:16:55.000000000 +0900 ++++ ruby-1.8.6-p420/error.c 2011-02-21 04:44:14.000000000 +0900 +@@ -404,7 +404,6 @@ + VALUE mesg = rb_attr_get(exc, rb_intern("mesg")); + + if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc)); +- if (OBJ_TAINTED(exc)) OBJ_TAINT(mesg); + return mesg; + } + +@@ -668,10 +667,9 @@ + if (NIL_P(mesg)) return rb_class_name(CLASS_OF(exc)); + StringValue(str); + if (str != mesg) { +- rb_iv_set(exc, "mesg", mesg = str); ++ OBJ_INFECT(str, mesg); + } +- if (OBJ_TAINTED(exc)) OBJ_TAINT(mesg); +- return mesg; ++ return str; + } + + /* diff --git a/ruby-1.8.7p334-symlink-race-in-FileUtils-remove_entry_secure.patch b/ruby-1.8.7p334-symlink-race-in-FileUtils-remove_entry_secure.patch new file mode 100644 index 0000000..8e03e3d --- /dev/null +++ b/ruby-1.8.7p334-symlink-race-in-FileUtils-remove_entry_secure.patch @@ -0,0 +1,29 @@ +--- ruby-1.8.7-p330/lib/fileutils.rb 2010-06-08 15:31:50.000000000 +0900 ++++ ruby-1.8.7-p334/lib/fileutils.rb 2011-02-18 21:18:10.000000000 +0900 +@@ -658,10 +658,10 @@ + # removing directories. This requires the current process is the + # owner of the removing whole directory tree, or is the super user (root). + # +- # WARNING: You must ensure that *ALL* parent directories are not +- # world writable. Otherwise this method does not work. +- # Only exception is temporary directory like /tmp and /var/tmp, +- # whose permission is 1777. ++ # WARNING: You must ensure that *ALL* parent directories cannot be ++ # moved by other untrusted users. For example, parent directories ++ # should not be owned by untrusted users, and should not be world ++ # writable except when the sticky bit set. + # + # WARNING: Only the owner of the removing directory tree, or Unix super + # user (root) should invoke this method. Otherwise this method does not +@@ -704,6 +704,11 @@ + end + f.chown euid, -1 + f.chmod 0700 ++ unless fu_stat_identical_entry?(st, File.lstat(fullpath)) ++ # TOC-to-TOU attack? ++ File.unlink fullpath ++ return ++ end + } + # ---- tree root is frozen ---- + root = Entry_.new(path) diff --git a/ruby.spec b/ruby.spec index 16d1b1a..4ec1319 100644 --- a/ruby.spec +++ b/ruby.spec @@ -18,7 +18,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 1%{?dist} +Release: 2%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -95,6 +95,12 @@ Patch37: ruby-1.8.x-ext_tk-flatten-level-revert.patch Patch38: ruby-1.8.x-null-class-must-be-Qnil.patch # Once revert this patch to apply Patch34 cleanly Patch39: ruby-1.8.6-openssl-digest-once-revert-for-simplify-patch.patch +# patch from ruby_1_8_7 branch (between 1.8.7p330 and 1.8.7p334) +# bug 678913, Symlink race condition in FileUtils.remove_entry_secure +Patch40: ruby-1.8.7p334-symlink-race-in-FileUtils-remove_entry_secure.patch +# Patch from ruby_1_8_7 branch, a bit modified for 1.8.6.x +# bug 678920, bypass of $SAFE mechanism in Exception#to_s +Patch41: ruby-1.8.6.x-untainted_strings_can_be_tainted.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -250,6 +256,8 @@ pushd %{name}-%{arcver} %patch36 -p1 %patch37 -p1 %patch38 -p1 +%patch40 -p1 +%patch41 -p1 popd %build @@ -640,6 +648,11 @@ rm -rf $RPM_BUILD_ROOT %{_emacs_sitestartdir}/ruby-mode-init.el %changelog +* Mon Feb 21 2011 Mamoru Tasaka - 1.8.6.420-2 +- Backport 2 fixes from 1.8.7p420 + - Symlink race condition in FileUtils.remove_entry_secure (bug 678913) + - bypass of $SAFE mechanism in Exception#to_s (bug 678920) + * Sun Dec 26 2010 Mamoru Tasaka - 1.8.6.420-1 - Update to 1.8.6 p420 From c70ccde3d9dc4f9ea8378a841279f22f825d8f6d Mon Sep 17 00:00:00 2001 From: Dennis Gilmore Date: Mon, 21 Feb 2011 23:09:03 -0600 Subject: [PATCH 11/11] drop unneeded -eabi bits from %files its unused --- ruby.spec | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/ruby.spec b/ruby.spec index 4ec1319..69ddb15 100644 --- a/ruby.spec +++ b/ruby.spec @@ -8,7 +8,7 @@ # This is required to ensure that noarch files puts under /usr/lib/... for # multilib because ruby library is installed under /usr/{lib,lib64}/ruby anyway. %define sitedir2 %{_prefix}/lib/ruby/site_ruby -%define _normalized_cpu %(echo `echo %{_target_cpu} | sed 's/^ppc/powerpc/' | sed -e 's|i.86|i386|'`) +%define _normalized_cpu %(echo `echo %{_target_cpu} | sed 's/^ppc/powerpc/' | sed -e 's|i.86|i386|'`) %define tk_using_svn_number 27738 @@ -18,7 +18,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 2%{?dist} +Release: 3%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -518,12 +518,8 @@ rm -rf $RPM_BUILD_ROOT %dir %{_prefix}/lib/ruby %dir %{_prefix}/lib/ruby/%{rubyxver} %ifnarch ppc64 s390x sparc64 x86_64 -%if "%{_gnu}" == "-gnueabi" -%dir %{_prefix}/lib/ruby/%{rubyxver}/%{_normalized_cpu}-%{_target_os}-eabi -%else %dir %{_prefix}/lib/ruby/%{rubyxver}/%{_normalized_cpu}-%{_target_os} %endif -%endif %ifarch ppc64 s390x sparc64 x86_64 %dir %{_libdir}/ruby %dir %{_libdir}/ruby/%{rubyxver} @@ -648,6 +644,9 @@ rm -rf $RPM_BUILD_ROOT %{_emacs_sitestartdir}/ruby-mode-init.el %changelog +* Mon Feb 21 2011 Dennis Gilmore - 1.8.6-420-2 +- drop the unneeded -eabi stuff its not used anywhere + * Mon Feb 21 2011 Mamoru Tasaka - 1.8.6.420-2 - Backport 2 fixes from 1.8.7p420 - Symlink race condition in FileUtils.remove_entry_secure (bug 678913)