diff options
author | Aaron Patterson <aaron.patterson@gmail.com> | 2011-10-03 14:23:10 -0700 |
---|---|---|
committer | Aaron Patterson <aaron.patterson@gmail.com> | 2011-10-03 14:23:10 -0700 |
commit | 2422a9fc3aeff3c60c6510efbf655a34218c7605 (patch) | |
tree | 525da292089cf01cb3aabdefa7047e87c76a4712 | |
parent | 68a91d5e6446cacac9ded1c03381244557b02e2e (diff) | |
download | psych-2422a9fc3aeff3c60c6510efbf655a34218c7605.tar.gz |
Avoid accepting incorrect floating point values.
-rw-r--r-- | CHANGELOG.rdoc | 6 | ||||
-rw-r--r-- | lib/psych/scalar_scanner.rb | 12 | ||||
-rw-r--r-- | test/psych/test_numeric.rb | 14 |
3 files changed, 31 insertions, 1 deletions
diff --git a/CHANGELOG.rdoc b/CHANGELOG.rdoc index 9730b5b..a7c7f5d 100644 --- a/CHANGELOG.rdoc +++ b/CHANGELOG.rdoc @@ -1,3 +1,9 @@ +Tue Oct 4 06:20:19 2011 Aaron Patterson <aaron@tenderlovemaking.com> + + * ext/psych/lib/psych/scalar_scanner.rb: Match values against the + floating point spec defined in YAML to avoid erronious parses. + * test/psych/test_numeric.rb: corresponding test. + Tue Oct 4 05:59:24 2011 Aaron Patterson <aaron@tenderlovemaking.com> * ext/psych/lib/psych/visitors/to_ruby.rb: ToRuby visitor can be diff --git a/lib/psych/scalar_scanner.rb b/lib/psych/scalar_scanner.rb index b92d3c0..3e8acbb 100644 --- a/lib/psych/scalar_scanner.rb +++ b/lib/psych/scalar_scanner.rb @@ -7,6 +7,12 @@ module Psych # Taken from http://yaml.org/type/timestamp.html TIME = /^\d{4}-\d{1,2}-\d{1,2}([Tt]|\s+)\d{1,2}:\d\d:\d\d(\.\d*)?(\s*Z|[-+]\d{1,2}(:\d\d)?)?/ + # Taken from http://yaml.org/type/float.html + FLOAT = /^(?:[-+]?([0-9][0-9_,]*)?\.[0-9.]*([eE][-+][0-9]+)?(?# base 10) + |[-+]?[0-9][0-9_,]*(:[0-5]?[0-9])+\.[0-9_]*(?# base 60) + |[-+]?\.(inf|Inf|INF)(?# infinity) + |\.(nan|NaN|NAN)(?# not a number))$/x + # Create a new scanner def initialize @string_cache = {} @@ -67,10 +73,14 @@ module Psych i += (n.to_f * 60 ** (e - 2).abs) end i + when FLOAT + return Float(string.gsub(/[,_]/, '')) rescue ArgumentError + + @string_cache[string] = true + string else if string.count('.') < 2 return Integer(string.gsub(/[,_]/, '')) rescue ArgumentError - return Float(string.gsub(/[,_]/, '')) rescue ArgumentError end @string_cache[string] = true diff --git a/test/psych/test_numeric.rb b/test/psych/test_numeric.rb new file mode 100644 index 0000000..9adb058 --- /dev/null +++ b/test/psych/test_numeric.rb @@ -0,0 +1,14 @@ +require 'psych/helper' + +module Psych + ### + # Test numerics from YAML spec: + # http://yaml.org/type/float.html + # http://yaml.org/type/int.html + class TestNumeric < TestCase + def test_non_float_with_0 + str = Psych.load('--- 090') + assert_equal '090', str + end + end +end |