merge revision(s) 20072:

* dir.c (dir_globs): need taint check.  reported by steve
	  <oksteev at gmail.com>


git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_1_8_6@22026 b2dd03c8-39d4-4d8f-98ff-823fe69b080e

ChangeLog

@@ -1,3 +1,8 @@
+Wed Feb  4 14:25:44 2009  Yukihiro Matsumoto  <matz@ruby-lang.org>
+
+	* dir.c (dir_globs): need taint check.  reported by steve
+	  <oksteev at gmail.com>
+
 Tue Feb  3 14:33:08 2009  Kazuhiro NISHIYAMA  <zn@mbf.nifty.com>
 
 	* lib/net/pop.rb: check for invalid APOP timestamp. (CVE-2007-1558)

dir.c

@@ -1659,7 +1659,7 @@ dir_globs(argc, argv, flags)
     for (i = 0; i < argc; ++i) {
 	int status;
 	VALUE str = argv[i];
-	StringValue(str);
+	SafeStringValue(str);
 	status = push_glob(ary, RSTRING(str)->ptr, flags);
 	if (status) GLOB_JUMP_TAG(status);
     }

version.h

@@ -1,15 +1,15 @@
 #define RUBY_VERSION "1.8.6"
-#define RUBY_RELEASE_DATE "2009-02-03"
+#define RUBY_RELEASE_DATE "2009-02-04"
 #define RUBY_VERSION_CODE 186
-#define RUBY_RELEASE_CODE 20090203
-#define RUBY_PATCHLEVEL 318
+#define RUBY_RELEASE_CODE 20090204
+#define RUBY_PATCHLEVEL 319
 
 #define RUBY_VERSION_MAJOR 1
 #define RUBY_VERSION_MINOR 8
 #define RUBY_VERSION_TEENY 6
 #define RUBY_RELEASE_YEAR 2009
 #define RUBY_RELEASE_MONTH 2
-#define RUBY_RELEASE_DAY 3
+#define RUBY_RELEASE_DAY 4
 
 #ifdef RUBY_EXTERN
 RUBY_EXTERN const char ruby_version[];