jro_apps/redmine Files · config/initializers/bigdecimal-segfault-fix.rb

Allow referencing issue numbers in brackets. This style is used by other...

Allow referencing issue numbers in brackets. This style is used by other bug trackers. Examples: * "[#nnn] Worked on this issue" * "[#nnn, #mmm] Worked on these" * "[#nnn #mmm] Working some more" git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@2854 e93f8b46-1217-0410-a6f0-8f06a7374b81

Eric Davis - - Load All Authors

File last commit:

r2690:2221d68c4d2c


                r2749:609faba6a3d3

Download file

             bigdecimal-segfault-fix.rb
        
                    30 lines
            
             | 1.2 KiB
            
                | text/x-ruby
            
             |
                RubyLexer
            
             / config / initializers / bigdecimal-segfault-fix.rb
          
                    History
                
                 |
                  Annotation
                 | Raw
                 |Copy content
                 |Copy permalink

      # Copyright (c) 2009 Michael Koziarski <michael@koziarski.com>

      # 

      # Permission to use, copy, modify, and/or distribute this software for any

      # purpose with or without fee is hereby granted, provided that the above

      # copyright notice and this permission notice appear in all copies.

      # 

      # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES

      # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF

      # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR

      # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES

      # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN

      # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF

      # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

      require 'bigdecimal'

      alias BigDecimalUnsafe BigDecimal

      # This fixes CVE-2009-1904 however it removes legitimate functionality that your

      # application may depend on.  You are *strongly* advised to upgrade your ruby

      # rather than relying on this fix for an extended period of time.

      def BigDecimal(initial, digits=0)

        if initial.size > 255 || initial =~ /e/i

          raise "Invalid big Decimal Value"

        end

        BigDecimalUnsafe(initial, digits)

      end

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

				# Copyright (c) 2009 Michael Koziarski <michael@koziarski.com>
				#
				# Permission to use, copy, modify, and/or distribute this software for any
				# purpose with or without fee is hereby granted, provided that the above
				# copyright notice and this permission notice appear in all copies.
				#
				# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
				# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
				# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
				# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
				# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
				# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
				# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.

				require 'bigdecimal'

				alias BigDecimalUnsafe BigDecimal


				# This fixes CVE-2009-1904 however it removes legitimate functionality that your
				# application may depend on. You are strongly advised to upgrade your ruby
				# rather than relying on this fix for an extended period of time.

				def BigDecimal(initial, digits=0)
				if initial.size > 255 \|\| initial =~ /e/i
				raise "Invalid big Decimal Value"
				end
				BigDecimalUnsafe(initial, digits)
				end