kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

* ext/json: merge JSON 1.7.7.

Browse source 
This includes security fix. [CVE-2013-0269]
  d0a62f3ced
  https://groups.google.com/d/topic/rubyonrails-security/4_YvCpLzL58/discussion

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@39208 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
naruse 2013-02-12 03:05:45 +00:00
parent f1194eb9b0
commit 062d2ee6f7
20 changed files with 269 additions and 99 deletions
Download patch file Download diff file Expand all files Collapse all files

8
ext/json/parser/parser.rl
View file

@ -602,7 +602,7 @@ static VALUE convert_encoding(VALUE source)
* _opts_ can have the following keys:
* * *max_nesting*: The maximum depth of nesting allowed in the parsed data
* structures. Disable depth checking with :max_nesting => false|nil|0, it
* defaults to 19.
* defaults to 100.
* * *allow_nan*: If set to true, allow NaN, Infinity and -Infinity in
* defiance of RFC 4627 to be parsed by the Parser. This option defaults to
* false.
@ -639,7 +639,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
json->max_nesting = 0;
}
} else {
json->max_nesting = 19;
json->max_nesting = 100;
}
tmp = ID2SYM(i_allow_nan);
if (option_given_p(opts, tmp)) {
@ -664,7 +664,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
if (option_given_p(opts, tmp)) {
json->create_additions = RTEST(rb_hash_aref(opts, tmp));
} else {
json->create_additions = 1;
json->create_additions = 0;
}
tmp = ID2SYM(i_create_id);
if (option_given_p(opts, tmp)) {
@ -693,7 +693,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
}
}
} else {
json->max_nesting = 19;
json->max_nesting = 100;
json->allow_nan = 0;
json->create_additions = 1;
json->create_id = rb_funcall(mJSON, i_create_id, 0);