From 8e210f995f37222facee57555996c205fb4fe390 Mon Sep 17 00:00:00 2001
From: nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Sat, 14 Feb 2015 22:36:43 +0000
Subject: [PATCH] merge revision(s) r49543,r49557: [Backport #10854]

	* ext/socket/getaddrinfo.c (get_addr): reject too long hostname to
	  get rid of GHOST vulnerability on very old platforms.

	* ext/socket/raddrinfo.c (make_hostent_internal): ditto, paranoic
	  check for the canonnical name.
	  check for the canonical name.


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_1@49600 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 ChangeLog                | 8 ++++++++
 ext/socket/getaddrinfo.c | 1 +
 ext/socket/raddrinfo.c   | 3 ++-
 version.h                | 6 +++---
 4 files changed, 14 insertions(+), 4 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 889bb6d939..5ec30c24e7 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,11 @@
+Sun Feb 15 07:29:12 2015  Nobuyoshi Nakada  <nobu@ruby-lang.org>
+
+	* ext/socket/getaddrinfo.c (get_addr): reject too long hostname to
+	  get rid of GHOST vulnerability on very old platforms.
+
+	* ext/socket/raddrinfo.c (make_hostent_internal): ditto, paranoic
+	  check for the canonical name.
+
 Mon Feb  2 22:57:30 2015  Nobuyoshi Nakada  <nobu@ruby-lang.org>
 
 	* ext/etc/etc.c (etc_getlogin): set login name encoding properly.
diff --git a/ext/socket/getaddrinfo.c b/ext/socket/getaddrinfo.c
index a17d12b705..68f610e807 100644
--- a/ext/socket/getaddrinfo.c
+++ b/ext/socket/getaddrinfo.c
@@ -593,6 +593,7 @@ get_addr(const char *hostname, int af, struct addrinfo **res, struct addrinfo *p
 	} else
 		hp = getipnodebyname(hostname, af, AI_ADDRCONFIG, &h_error);
 #else
+	if (strlen(hostname) >= NI_MAXHOST) ERR(EAI_NODATA);
 	hp = gethostbyname((char*)hostname);
 	h_error = h_errno;
 #endif
diff --git a/ext/socket/raddrinfo.c b/ext/socket/raddrinfo.c
index 3deadd1aea..e4cb9c379f 100644
--- a/ext/socket/raddrinfo.c
+++ b/ext/socket/raddrinfo.c
@@ -617,7 +617,8 @@ make_hostent_internal(struct hostent_arg *arg)
     }
     rb_ary_push(ary, rb_str_new2(hostp));
 
-    if (addr->ai_canonname && (h = gethostbyname(addr->ai_canonname))) {
+    if (addr->ai_canonname && strlen(addr->ai_canonname) < NI_MAXHOST &&
+	(h = gethostbyname(addr->ai_canonname))) {
         names = rb_ary_new();
         if (h->h_aliases != NULL) {
             for (pch = h->h_aliases; *pch; pch++) {
diff --git a/version.h b/version.h
index da9550e92c..6240106b43 100644
--- a/version.h
+++ b/version.h
@@ -1,10 +1,10 @@
 #define RUBY_VERSION "2.1.5"
-#define RUBY_RELEASE_DATE "2015-02-13"
-#define RUBY_PATCHLEVEL 292
+#define RUBY_RELEASE_DATE "2015-02-15"
+#define RUBY_PATCHLEVEL 293
 
 #define RUBY_RELEASE_YEAR 2015
 #define RUBY_RELEASE_MONTH 2
-#define RUBY_RELEASE_DAY 13
+#define RUBY_RELEASE_DAY 15
 
 #include "ruby/version.h"