From 2061c5bdb3262d96de97547ad5588c3c64e7b640 Mon Sep 17 00:00:00 2001 From: Akira TAGOH Date: Mon, 30 Jun 2008 02:37:44 +0000 Subject: [PATCH] - Backported from upstream SVN to fix a segfault issue. (#452825) - Backported from upstream SVN to fix an integer overflow in rb_ary_fill. --- ruby-1.8.6.230-p238.patch | 58 +++++++++++++++++++++++++++++++++++++++ ruby-1.8.6.230-p248.patch | 16 +++++++++++ ruby.spec | 10 ++++++- 3 files changed, 83 insertions(+), 1 deletion(-) create mode 100644 ruby-1.8.6.230-p238.patch create mode 100644 ruby-1.8.6.230-p248.patch diff --git a/ruby-1.8.6.230-p238.patch b/ruby-1.8.6.230-p238.patch new file mode 100644 index 0000000..1cf26ff --- /dev/null +++ b/ruby-1.8.6.230-p238.patch @@ -0,0 +1,58 @@ +diff -pruN ruby-1.8.6-p230.orig/class.c ruby-1.8.6-p230/class.c +--- ruby-1.8.6-p230.orig/class.c 2008-06-15 21:06:33.000000000 +0900 ++++ ruby-1.8.6-p230/class.c 2008-06-30 11:21:41.000000000 +0900 +@@ -62,10 +62,7 @@ clone_method(mid, body, data) + NODE *fbody = body->nd_body; + + if (fbody && nd_type(fbody) == NODE_SCOPE) { +- VALUE cref = data->klass ? +- (VALUE)NEW_NODE(NODE_CREF,data->klass,0,fbody->nd_rval) : +- fbody->nd_rval; +- fbody = NEW_NODE(NODE_SCOPE, fbody->nd_tbl, cref, fbody->nd_next); ++ fbody = rb_copy_node_scope(fbody, ruby_cref); + } + st_insert(data->tbl, mid, (st_data_t)NEW_METHOD(fbody, body->nd_noex)); + return ST_CONTINUE; +diff -pruN ruby-1.8.6-p230.orig/eval.c ruby-1.8.6-p230/eval.c +--- ruby-1.8.6-p230.orig/eval.c 2008-06-16 15:43:48.000000000 +0900 ++++ ruby-1.8.6-p230/eval.c 2008-06-30 11:19:15.000000000 +0900 +@@ -2239,8 +2239,8 @@ rb_mod_alias_method(mod, newname, oldnam + return mod; + } + +-static NODE* +-copy_node_scope(node, rval) ++NODE* ++rb_copy_node_scope(node, rval) + NODE *node; + NODE *rval; + { +@@ -3948,7 +3948,7 @@ rb_eval(self, n) + noex |= NOEX_NOSUPER; + } + +- defn = copy_node_scope(node->nd_defn, ruby_cref); ++ defn = rb_copy_node_scope(node->nd_defn, ruby_cref); + rb_add_method(ruby_class, node->nd_mid, defn, noex); + if (scope_vmode == SCOPE_MODFUNC) { + rb_add_method(rb_singleton_class(ruby_class), +@@ -3984,7 +3984,7 @@ rb_eval(self, n) + rb_warning("redefine %s", rb_id2name(node->nd_mid)); + } + } +- defn = copy_node_scope(node->nd_defn, ruby_cref); ++ defn = rb_copy_node_scope(node->nd_defn, ruby_cref); + rb_add_method(klass, node->nd_mid, defn, + NOEX_PUBLIC|(body?body->nd_noex&NOEX_UNDEF:0)); + result = Qnil; +diff -pruN ruby-1.8.6-p230.orig/node.h ruby-1.8.6-p230/node.h +--- ruby-1.8.6-p230.orig/node.h 2007-05-23 00:01:22.000000000 +0900 ++++ ruby-1.8.6-p230/node.h 2008-06-30 11:20:06.000000000 +0900 +@@ -371,6 +371,7 @@ typedef unsigned int rb_event_t; + #define RUBY_EVENT_ALL 0xff + + typedef void (*rb_event_hook_func_t) _((rb_event_t,NODE*,VALUE,ID,VALUE)); ++NODE *rb_copy_node_scope _((NODE *, NODE *)); + void rb_add_event_hook _((rb_event_hook_func_t,rb_event_t)); + int rb_remove_event_hook _((rb_event_hook_func_t)); + diff --git a/ruby-1.8.6.230-p248.patch b/ruby-1.8.6.230-p248.patch new file mode 100644 index 0000000..1279c48 --- /dev/null +++ b/ruby-1.8.6.230-p248.patch @@ -0,0 +1,16 @@ +diff -pruN ruby-1.8.6-p230.orig/array.c ruby-1.8.6-p230/array.c +--- ruby-1.8.6-p230.orig/array.c 2008-06-20 15:53:16.000000000 +0900 ++++ ruby-1.8.6-p230/array.c 2008-06-30 11:33:00.000000000 +0900 +@@ -2272,10 +2272,10 @@ rb_ary_fill(argc, argv, ary) + break; + } + rb_ary_modify(ary); +- end = beg + len; +- if (end < 0) { ++ if (len > ARY_MAX_SIZE - beg) { + rb_raise(rb_eArgError, "argument too big"); + } ++ end = beg + len; + if (end > RARRAY(ary)->len) { + if (end >= RARRAY(ary)->aux.capa) { + REALLOC_N(RARRAY(ary)->ptr, VALUE, end); diff --git a/ruby.spec b/ruby.spec index 77dc6a2..07f1c67 100644 --- a/ruby.spec +++ b/ruby.spec @@ -12,7 +12,7 @@ Name: ruby Version: %{rubyver}%{?dotpatchlevel} -Release: 2%{?dist} +Release: 3%{?dist} License: Ruby or GPLv2 URL: http://www.ruby-lang.org/ BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) @@ -35,6 +35,8 @@ Patch22: ruby-deprecated-search-path.patch Patch23: ruby-multilib.patch Patch25: ruby-1.8.6.111-gcc43.patch Patch26: ruby-1.8.6.230-string-str_buf_cat.patch +Patch27: ruby-1.8.6.230-p238.patch +Patch28: ruby-1.8.6.230-p248.patch Summary: An interpreter of object-oriented scripting language Group: Development/Languages @@ -154,6 +156,8 @@ pushd %{name}-%{arcver} %endif %patch25 -p1 %patch26 -p1 +%patch27 -p1 +%patch28 -p1 popd %build @@ -504,6 +508,10 @@ rm -rf tmp-ruby-docs %{_datadir}/emacs/site-lisp/site-start.d/ruby-mode-init.el %changelog +* Mon Jun 30 2008 Akira TAGOH - 1.8.6.230-3 +- Backported from upstream SVN to fix a segfault issue. (#452825) +- Backported from upstream SVN to fix an integer overflow in rb_ary_fill. + * Wed Jun 25 2008 Akira TAGOH - 1.8.6.230-2 - Fix a segfault issue. (#452810)