archive/ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2025-09-18 10:03:59 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 11

merge revision(s) 39208:

Browse source 
* ext/json: merge JSON 1.7.7.
	  This includes security fix. [CVE-2013-0269]
	  d0a62f3ced
	  https://groups.google.com/d/topic/rubyonrails-security/4_YvCpLzL58/discussion


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_0_0@39215 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
naruse 2013-02-13 06:34:48 +00:00
parent 88cc04cf42
commit b7b9aa6609
21 changed files with 271 additions and 101 deletions
Download patch file Download diff file Expand all files Collapse all files

8
ext/json/parser/parser.c
View file

@ -1618,7 +1618,7 @@ static VALUE convert_encoding(VALUE source)
* _opts_ can have the following keys:
* * *max_nesting*: The maximum depth of nesting allowed in the parsed data
* structures. Disable depth checking with :max_nesting => false|nil|0, it
* defaults to 19.
* defaults to 100.
* * *allow_nan*: If set to true, allow NaN, Infinity and -Infinity in
* defiance of RFC 4627 to be parsed by the Parser. This option defaults to
* false.
@ -1655,7 +1655,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
json->max_nesting = 0;
}
} else {
json->max_nesting = 19;
json->max_nesting = 100;
}
tmp = ID2SYM(i_allow_nan);
if (option_given_p(opts, tmp)) {
@ -1680,7 +1680,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
if (option_given_p(opts, tmp)) {
json->create_additions = RTEST(rb_hash_aref(opts, tmp));
} else {
json->create_additions = 1;
json->create_additions = 0;
}
tmp = ID2SYM(i_create_id);
if (option_given_p(opts, tmp)) {
@ -1709,7 +1709,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
}
}
} else {
json->max_nesting = 19;
json->max_nesting = 100;
json->allow_nan = 0;
json->create_additions = 1;
json->create_id = rb_funcall(mJSON, i_create_id, 0);