commit 3767690646ecedc6632ada87d31127928dc62ddc
Author: Jan Rękorajski <[email protected]>
Date: Sun Jan 26 13:17:21 2014 +0100
- fix format string errors
format-security.patch | 11 +++++++++++
ruby-mongrel.spec | 3 +++
2 files changed, 14 insertions(+)
---
diff --git a/ruby-mongrel.spec b/ruby-mongrel.spec
index 5bb379a..ac2e33f 100644
--- a/ruby-mongrel.spec
+++ b/ruby-mongrel.spec
@@ -10,10 +10,12 @@ Source0:
http://gems.rubyforge.org/gems/%{pkgname}-%{version}.gem
# Source0-md5: a37617eb48f0932cc32143b2d76c0d12
Patch0: %{name}-nogems.patch
Patch1: %{name}-ruby1.9.patch
+Patch2: format-security.patch
URL: http://mongrel.rubyforge.org/
BuildRequires: dos2unix
BuildRequires: rpmbuild(macros) >= 1.277
BuildRequires: ruby-devel
+BuildRequires: ruby-irb
BuildRequires: ruby-modules
%{?ruby_mod_ver_requires_eq}
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
@@ -55,6 +57,7 @@ find -newer README -o -print | xargs touch --reference
%{SOURCE0}
dos2unix examples/mongrel_simple_service.rb
%patch0 -p1
%patch1 -p1
+%patch2 -p1
find -name '*.rb' -print0 | xargs -0 %{__sed} -i -e 's,\r$,,'
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..94e2c4f
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,11 @@
+--- ruby-mongrel-1.1.5/ext/http11/http11.c~ 2014-01-26 13:13:47.000000000
+0100
++++ ruby-mongrel-1.1.5/ext/http11/http11.c 2014-01-26 13:15:20.786156849
+0100
+@@ -44,7 +44,7 @@
+ #define DEF_MAX_LENGTH(N,length) const size_t MAX_##N##_LENGTH = length;
const char *MAX_##N##_LENGTH_ERR = "HTTP element " # N " is longer than the "
# length " allowed length."
+
+ /** Validates the max length of given input and throws an HttpParserError
exception if over. */
+-#define VALIDATE_MAX_LENGTH(len, N) if(len > MAX_##N##_LENGTH) {
rb_raise(eHttpParserError, MAX_##N##_LENGTH_ERR); }
++#define VALIDATE_MAX_LENGTH(len, N) if(len > MAX_##N##_LENGTH) {
rb_raise("%s", eHttpParserError, MAX_##N##_LENGTH_ERR); }
+
+ /** Defines global strings in the init method. */
+ #define DEF_GLOBAL(N, val) global_##N = rb_obj_freeze(rb_str_new2(val));
rb_global_variable(&global_##N)
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/ruby-mongrel.git/commitdiff/3767690646ecedc6632ada87d31127928dc62ddc
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
