diff options
author | Kornelius Kalnbach <murphy@rubychan.de> | 2013-08-23 06:03:29 -0700 |
---|---|---|
committer | Kornelius Kalnbach <murphy@rubychan.de> | 2013-08-23 06:03:29 -0700 |
commit | d9ee8379543c59e75e39a7a233df6639ee7d4160 (patch) | |
tree | b3b4ab995e8270cdce5453c35378c5619670fb17 /lib/coderay/scanners/ruby/string_state.rb | |
parent | 21d07b305f6293065cf08134cee2c66e727422cf (diff) | |
parent | 28c57a5f02ca066e66346a69db1bfe33fc6bfb6e (diff) | |
download | coderay-d9ee8379543c59e75e39a7a233df6639ee7d4160.tar.gz |
Merge pull request #149 from rubychan/fix-cache-attack
Fix Symbol/Cache attacks
Diffstat (limited to 'lib/coderay/scanners/ruby/string_state.rb')
-rw-r--r-- | lib/coderay/scanners/ruby/string_state.rb | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/lib/coderay/scanners/ruby/string_state.rb b/lib/coderay/scanners/ruby/string_state.rb index 2f398d1..28ddd6c 100644 --- a/lib/coderay/scanners/ruby/string_state.rb +++ b/lib/coderay/scanners/ruby/string_state.rb @@ -16,7 +16,6 @@ module Scanners STRING_PATTERN = Hash.new do |h, k| delim, interpreted = *k - # delim = delim.dup # workaround for old Ruby delim_pattern = Regexp.escape(delim) if closing_paren = CLOSING_PAREN[delim] delim_pattern << Regexp.escape(closing_paren) @@ -29,12 +28,13 @@ module Scanners # '| [|?*+(){}\[\].^$]' # end - h[k] = - if interpreted && delim != '#' - / (?= [#{delim_pattern}] | \# [{$@] ) /mx - else - / (?= [#{delim_pattern}] ) /mx - end + if interpreted && delim != '#' + / (?= [#{delim_pattern}] | \# [{$@] ) /mx + else + / (?= [#{delim_pattern}] ) /mx + end.tap do |pattern| + h[k] = pattern if (delim.respond_to?(:ord) ? delim.ord : delim[0]) < 256 + end end def initialize kind, interpreted, delim, heredoc = false |