[packages/ruby-mongrel] - fix format string errors

baggins baggins at pld-linux.org
Sun Jan 26 13:17:30 CET 2014


commit 3767690646ecedc6632ada87d31127928dc62ddc
Author: Jan Rękorajski <baggins at pld-linux.org>
Date:   Sun Jan 26 13:17:21 2014 +0100

    - fix format string errors

 format-security.patch | 11 +++++++++++
 ruby-mongrel.spec     |  3 +++
 2 files changed, 14 insertions(+)
---
diff --git a/ruby-mongrel.spec b/ruby-mongrel.spec
index 5bb379a..ac2e33f 100644
--- a/ruby-mongrel.spec
+++ b/ruby-mongrel.spec
@@ -10,10 +10,12 @@ Source0:	http://gems.rubyforge.org/gems/%{pkgname}-%{version}.gem
 # Source0-md5:	a37617eb48f0932cc32143b2d76c0d12
 Patch0:		%{name}-nogems.patch
 Patch1:		%{name}-ruby1.9.patch
+Patch2:		format-security.patch
 URL:		http://mongrel.rubyforge.org/
 BuildRequires:	dos2unix
 BuildRequires:	rpmbuild(macros) >= 1.277
 BuildRequires:	ruby-devel
+BuildRequires:	ruby-irb
 BuildRequires:	ruby-modules
 %{?ruby_mod_ver_requires_eq}
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
@@ -55,6 +57,7 @@ find -newer README  -o -print | xargs touch --reference %{SOURCE0}
 dos2unix examples/mongrel_simple_service.rb
 %patch0 -p1
 %patch1 -p1
+%patch2 -p1
 
 find -name '*.rb' -print0 | xargs -0 %{__sed} -i -e 's,\r$,,'
 
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..94e2c4f
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,11 @@
+--- ruby-mongrel-1.1.5/ext/http11/http11.c~	2014-01-26 13:13:47.000000000 +0100
++++ ruby-mongrel-1.1.5/ext/http11/http11.c	2014-01-26 13:15:20.786156849 +0100
+@@ -44,7 +44,7 @@
+ #define DEF_MAX_LENGTH(N,length) const size_t MAX_##N##_LENGTH = length; const char *MAX_##N##_LENGTH_ERR = "HTTP element " # N  " is longer than the " # length " allowed length."
+ 
+ /** Validates the max length of given input and throws an HttpParserError exception if over. */
+-#define VALIDATE_MAX_LENGTH(len, N) if(len > MAX_##N##_LENGTH) { rb_raise(eHttpParserError, MAX_##N##_LENGTH_ERR); }
++#define VALIDATE_MAX_LENGTH(len, N) if(len > MAX_##N##_LENGTH) { rb_raise("%s", eHttpParserError, MAX_##N##_LENGTH_ERR); }
+ 
+ /** Defines global strings in the init method. */
+ #define DEF_GLOBAL(N, val)   global_##N = rb_obj_freeze(rb_str_new2(val)); rb_global_variable(&global_##N)
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/ruby-mongrel.git/commitdiff/3767690646ecedc6632ada87d31127928dc62ddc



More information about the pld-cvs-commit mailing list