summaryrefslogtreecommitdiff
path: root/lang/ruby18-base/patches/patch-dg
diff options
context:
space:
mode:
Diffstat (limited to 'lang/ruby18-base/patches/patch-dg')
-rw-r--r--lang/ruby18-base/patches/patch-dg43
1 files changed, 0 insertions, 43 deletions
diff --git a/lang/ruby18-base/patches/patch-dg b/lang/ruby18-base/patches/patch-dg
deleted file mode 100644
index c056818b5f2..00000000000
--- a/lang/ruby18-base/patches/patch-dg
+++ /dev/null
@@ -1,43 +0,0 @@
-$NetBSD: patch-dg,v 1.5 2008/09/14 05:17:18 taca Exp $
-
-Fix for http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3790.
-(http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/)
-
---- lib/rexml/document.rb.orig 2008-06-06 17:05:24.000000000 +0900
-+++ lib/rexml/document.rb
-@@ -32,6 +32,7 @@ module REXML
- # @param context if supplied, contains the context of the document;
- # this should be a Hash.
- def initialize( source = nil, context = {} )
-+ @entity_expansion_count = 0
- super()
- @context = context
- return if source.nil?
-@@ -200,6 +201,27 @@ module REXML
- Parsers::StreamParser.new( source, listener ).parse
- end
-
-+ @@entity_expansion_limit = 10_000
-+
-+ # Set the entity expansion limit. By default the limit is set to 10000.
-+ def Document::entity_expansion_limit=( val )
-+ @@entity_expansion_limit = val
-+ end
-+
-+ # Get the entity expansion limit. By default the limit is set to 10000.
-+ def Document::entity_expansion_limit
-+ return @@entity_expansion_limit
-+ end
-+
-+ attr_reader :entity_expansion_count
-+
-+ def record_entity_expansion
-+ @entity_expansion_count += 1
-+ if @entity_expansion_count > @@entity_expansion_limit
-+ raise "number of entity expansions exceeded, processing aborted."
-+ end
-+ end
-+
- private
- def build( source )
- Parsers::TreeParser.new( source, self ).parse
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-15 16:14:14 +0000