diff options
author | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2021-01-31 09:56:27 +0000 |
---|---|---|
committer | usa <usa@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2021-01-31 09:56:27 +0000 |
commit | 8b49c3e4bc767bec8a66ac81cbda033330fb2703 (patch) | |
tree | 5d1076ac5e0f06189dc517533bd9422619d3ec14 | |
parent | 092aeb28fc5a13fb9ed1d4b7675f3c33e970f1d3 (diff) | |
download | ruby-8b49c3e4bc767bec8a66ac81cbda033330fb2703.tar.gz |
Backport webrick patch for CVE-2020-25613
[Backport #17201]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67892 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
-rw-r--r-- | lib/webrick/httprequest.rb | 6 | ||||
-rw-r--r-- | lib/webrick/version.rb | 2 | ||||
-rw-r--r-- | test/webrick/test_httpproxy.rb | 2 | ||||
-rw-r--r-- | test/webrick/test_httpserver.rb | 2 | ||||
-rw-r--r-- | test/webrick/test_server.rb | 2 | ||||
-rw-r--r-- | version.h | 2 |
6 files changed, 8 insertions, 8 deletions
diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb index e402099a30..c73f48c6df 100644 --- a/lib/webrick/httprequest.rb +++ b/lib/webrick/httprequest.rb @@ -226,9 +226,9 @@ module WEBrick raise HTTPStatus::BadRequest, "bad URI `#{@unparsed_uri}'." end - if /close/io =~ self["connection"] + if /\Aclose\z/io =~ self["connection"] @keep_alive = false - elsif /keep-alive/io =~ self["connection"] + elsif /\Akeep-alive\z/io =~ self["connection"] @keep_alive = true elsif @http_version < "1.1" @keep_alive = false @@ -503,7 +503,7 @@ module WEBrick return unless socket if tc = self['transfer-encoding'] case tc - when /chunked/io then read_chunked(socket, block) + when /\Achunked\z/io then read_chunked(socket, block) else raise HTTPStatus::NotImplemented, "Transfer-Encoding: #{tc}." end elsif self['content-length'] || @remaining_size diff --git a/lib/webrick/version.rb b/lib/webrick/version.rb index ee6b415eef..c23df9a912 100644 --- a/lib/webrick/version.rb +++ b/lib/webrick/version.rb @@ -14,5 +14,5 @@ module WEBrick ## # The WEBrick version - VERSION = "1.4.2" + VERSION = "1.4.4" end diff --git a/test/webrick/test_httpproxy.rb b/test/webrick/test_httpproxy.rb index a9f6f7d610..504eb1f915 100644 --- a/test/webrick/test_httpproxy.rb +++ b/test/webrick/test_httpproxy.rb @@ -213,7 +213,7 @@ class TestWEBrickHTTPProxy < Test::Unit::TestCase end end end - end + end if RUBY_VERSION >= '2.5' def make_certificate(key, cn) subject = OpenSSL::X509::Name.parse("/DC=org/DC=ruby-lang/CN=#{cn}") diff --git a/test/webrick/test_httpserver.rb b/test/webrick/test_httpserver.rb index a6e70da7e8..2e5d44940c 100644 --- a/test/webrick/test_httpserver.rb +++ b/test/webrick/test_httpserver.rb @@ -253,7 +253,7 @@ class TestWEBrickHTTPServer < Test::Unit::TestCase server.virtual_host(WEBrick::HTTPServer.new(vhost_config)) Thread.pass while server.status != :Running - sleep 1 if RubyVM::MJIT.enabled? # server.status behaves unexpectedly with --jit-wait + sleep 1 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # server.status behaves unexpectedly with --jit-wait assert_equal(1, started, log.call) assert_equal(0, stopped, log.call) assert_equal(0, accepted, log.call) diff --git a/test/webrick/test_server.rb b/test/webrick/test_server.rb index 5f7f3a0b58..8162a186db 100644 --- a/test/webrick/test_server.rb +++ b/test/webrick/test_server.rb @@ -65,7 +65,7 @@ class TestWEBrickServer < Test::Unit::TestCase } TestWEBrick.start_server(Echo, config){|server, addr, port, log| true while server.status != :Running - sleep 1 if RubyVM::MJIT.enabled? # server.status behaves unexpectedly with --jit-wait + sleep 1 if defined?(RubyVM::MJIT) && RubyVM::MJIT.enabled? # server.status behaves unexpectedly with --jit-wait assert_equal(1, started, log.call) assert_equal(0, stopped, log.call) assert_equal(0, accepted, log.call) @@ -1,6 +1,6 @@ #define RUBY_VERSION "2.6.7" #define RUBY_RELEASE_DATE "2021-01-31" -#define RUBY_PATCHLEVEL 152 +#define RUBY_PATCHLEVEL 153 #define RUBY_RELEASE_YEAR 2021 #define RUBY_RELEASE_MONTH 1 |