[#24105] [Bug #1711] Marshal Failing to Round-Trip Certain Recurisve Data Structures — Run Paint Run Run <redmine@...>
Bug #1711: Marshal Failing to Round-Trip Certain Recurisve Data Structures
[#24116] [Bug #1715] Numeric#arg for NaN is Inconsistent Across Versions — Run Paint Run Run <redmine@...>
Bug #1715: Numeric#arg for NaN is Inconsistent Across Versions
[#24120] [Bug #1717] Thread local variables not visible from within a Fiber — Muhammad Ali <redmine@...>
Bug #1717: Thread local variables not visible from within a Fiber
Hi,
[#24145] [Bug #1728] gem installed binaries don't honor program-suffix — Christian Höltje <redmine@...>
Bug #1728: gem installed binaries don't honor program-suffix
[#24152] [Bug #1732] Inconsistency in Transference of Inherited Traits ('Tainted' and 'Untrusted') with #join — Run Paint Run Run <redmine@...>
Bug #1732: Inconsistency in Transference of Inherited Traits ('Tainted' and 'Untrusted') with #join
[#24153] [Bug #1733] require does not look at current directory anymore ? — Chauk-Mean Proum <redmine@...>
Bug #1733: require does not look at current directory anymore ?
[#24188] [Bug #1740] ruby regexp 100% usage cpu. — paranormal dev <redmine@...>
Bug #1740: ruby regexp 100% usage cpu.
[#24211] [Backport #1744] Error with Marshal dump/load on a delegated class. — Guillaume Delugré <redmine@...>
Backport #1744: Error with Marshal dump/load on a delegated class.
[#24215] Performance issue with Prime class under Ruby 1.8.6 in Windows — Srdjan Pejic <spejic@...>
Hello all,
> I approached this problem a few different ways: my own solution, a Ruby
> So you're suggesting that the Prime class be optimized is that right?
[#24221] [Bug #1747] Immediate Values Can be Frozen — Run Paint Run Run <redmine@...>
Bug #1747: Immediate Values Can be Frozen
[#24229] threaded gc for the sweep phase? — Roger Pack <rogerdpack@...>
Typically for me the GC spends about 50% of its time in mark phase,
[#24240] [Bug #1755] IO#reopen Doesn't Fully Associate with Given Stream on 1.9; Ignores pos on 1.8 — Run Paint Run Run <redmine@...>
Bug #1755: IO#reopen Doesn't Fully Associate with Given Stream on 1.9; Ignores pos on 1.8
[#24271] [Bug #1765] rdoc runs out of memory on Windows XP with 4GB RAM — Björn Günzel <redmine@...>
Bug #1765: rdoc runs out of memory on Windows XP with 4GB RAM
[#24307] is this expected? — Roger Pack <rogerdpack@...>
currently:
[#24311] [RCR] allow for cleaner multi-line comments — Roger Pack <rogerdpack@...>
Forgive the radicalness of this idea.
Hi,
> Comment is for comment, not to keep unused code.
[#24322] [Bug #1775] autoconf failing on cygwin — Martin Dürst <redmine@...>
Bug #1775: autoconf failing on cygwin
> On a pristine anonymous svn checkout of trunk head, I'm not able to run autoconf successfully. The error message I'm getting is as follows:
On 2009/07/14 22:23, Roger Pack wrote:
[#24326] [Bug #1777] <main>:330: [BUG] Segmentation fault — Alexandre Quintela <redmine@...>
Bug #1777: <main>:330: [BUG] Segmentation fault
[#24387] __DIR__ follow up [RCR] — Roger Pack <rogerdpack@...>
__DIR__ would be a nice constant.
[#24390] [Feature #1784] More encoding (Big5 series) support? — Lin Jen-Shin <redmine@...>
Feature #1784: More encoding (Big5 series) support?
[#24395] [Bug #1785] ObjectSpace::define_finalizer on Fixnum segfaults with recent ruby — Pascal Terjan <redmine@...>
Bug #1785: ObjectSpace::define_finalizer on Fixnum segfaults with recent ruby
[#24406] [RCR] println or sprint — Roger Pack <rogerdpack@...>
Currently there is no built in utility for printing variable number of
[#24421] lvar_propagate — Yehuda Katz <wycats@...>
Matz,
[#24425] [Bug #1786] unexpected #inspect behaviour — Andy Bogdanov <redmine@...>
Bug #1786: unexpected #inspect behaviour
[#24443] Hash[[1,2]] => {} ?? — "David A. Black" <dblack@...>
Hi --
[#24451] [Bug #1793] eventmachine-0.12.8-x86-mswin32-60 BUG — Jaume Arús Sangenís <redmine@...>
Bug #1793: eventmachine-0.12.8-x86-mswin32-60 BUG
[#24455] [Backport #1795] Provide SMTP STARTTLS support — Roger Pack <redmine@...>
Backport #1795: Provide SMTP STARTTLS support
[#24463] [Bug #1797] trace instruction not generated by compiler — Mark Moseley <redmine@...>
Bug #1797: trace instruction not generated by compiler
[#24467] Re: [ruby-cvs:31226] Ruby:r24008 (ruby_1_8_6): Removed private on to_date and to_datetime. — Urabe Shyouhei <shyouhei@...>
Hello.
On Tue, Jul 21, 2009 at 3:14 AM, Urabe Shyouhei<shyouhei@ruby-lang.org> wro=
Kirk Haines wrote:
[#24472] [Feature #1800] rubygems can replace system executable files — Kazuhiro NISHIYAMA <redmine@...>
Feature #1800: rubygems can replace system executable files
Issue #1800 has been updated by Yusuke Endoh.
[#24476] [Bug #1801] parse error on variable/method collision — caleb clausen <redmine@...>
Bug #1801: parse error on variable/method collision
Hi,
[#24485] require_relative for 1.8.x possible? — Roger Pack <rogerdpack@...>
Any chance of a backport for require_relative to 1.8.x?
On Tue, Jul 21, 2009 at 12:53 PM, Roger Pack<rogerdpack@gmail.com> wrote:
> You could use the "require_all" gem, which provides 'require_rel'.
[#24488] Ruby 1.9.2: No longer possible to use send to call protected methods — Philip Ross <phil.ross@...>
With Ruby 1.9.2-preview1, it is no longer possible to use send to call
[#24502] [Bug #1805] UDPSocket#recvfrom hangs — Daniel Berger <redmine@...>
Bug #1805: UDPSocket#recvfrom hangs
[#24520] Proposal: savepoints — Yehuda Katz <wycats@...>
Matz,
[#24525] request: backport unique requires to 1.8.x — Roger Pack <rogerdpack@...>
Background:
I'd like to see all require features backported (including require_relative)
On Fri, Jul 24, 2009 at 5:50 AM, Yehuda Katz<wycats@gmail.com> wrote:
On Fri, Jul 24, 2009 at 10:56 AM, Kirk Haines<wyhaines@gmail.com> wrote:
On Sat, Jul 25, 2009 at 2:34 AM, Luis Lavena<luislavena@gmail.com> wrote:
[#24530] [Feature #1811] Default BasicSocket.do_not_reverse_lookup to true — Roger Pack <redmine@...>
Feature #1811: Default BasicSocket.do_not_reverse_lookup to true
Issue #1811 has been updated by Daniel Berger.
[#24568] Proposal: match? with no backrefs — Yehuda Katz <wycats@...>
I was doing some work today to optimize the allocation in certain parts of
Yehuda Katz wrote:
In both of those cases, $1 is set. I'm looking for a way to check if a
[#24571] Request: add better information to website download page. — Luis Lavena <luislavena@...>
Hello,
On Jul 27, 2009, at 2:32 AM, Luis Lavena wrote:
On Mon, Jul 27, 2009 at 3:21 PM, James Gray<james@grayproductions.net> wrot=
[#24580] [Bug #1822] WEBrick::HTTPServlet::AbstractServlet#do_OPTIONS raises an exception — Aaron Patterson <redmine@...>
Bug #1822: WEBrick::HTTPServlet::AbstractServlet#do_OPTIONS raises an exception
[#24593] [Feature #1831] Suggestion: warn on repeated character in character class — Brian Candler <redmine@...>
Feature #1831: Suggestion: warn on repeated character in character class
[#24594] [Feature #1832] irb -w — Brian Candler <redmine@...>
Feature #1832: irb -w
[#24601] [Bug #1834] 1.9.2-dev fails to compile socket with IPv6 and MinGW 3.4.5 — Luis Lavena <redmine@...>
Bug #1834: 1.9.2-dev fails to compile socket with IPv6 and MinGW 3.4.5
[#24621] [Bug #1843] Symbol#inspect raises exception — Brian Candler <redmine@...>
Bug #1843: Symbol#inspect raises exception
[#24624] [Bug #1844] Immediates Should Not Respond to :dup — Run Paint Run Run <redmine@...>
Bug #1844: Immediates Should Not Respond to :dup
Issue #1844 has been updated by Shyouhei Urabe.
[#24644] [Bug #1849] Failed to compile ruby 1.9.1-p129 with MinGW 4.4.0 — Mario Ray Mahardhika <redmine@...>
Bug #1849: Failed to compile ruby 1.9.1-p129 with MinGW 4.4.0
[ruby-core:24297] [Bug #1767] cgi/session/pstore generating filenames with to less randomness
Bug #1767: cgi/session/pstore generating filenames with to less randomness http://redmine.ruby-lang.org/issues/show/1767 Author: Christian Kruse Status: Open, Priority: Normal ruby -v: ruby 1.9.1p129 (2009-05-12 revision 23412) [x86_64-linux] Hi there, after looking through the code of cgi/session/pstore.rb of ruby 1.9.1 I noticed how filenames are created. Line 48 ff a md5 digest is generated over the session id and then the first 16 bytes of the hex string representation of the checksum are used as the filename (together with a prefix). 48 id = session.session_id 49 require 'digest/md5' 50 md5 = Digest::MD5.hexdigest(id)[0,16] 51 path = dir+"/"+prefix+md5 While I undestand that one cannot use a full blown SHA512 hash due to the restrictions of the filename, I really don't understand to do something like that. Since MD5 already is considered weak, the count of possible hashes generated by this method are shortened by 50%. It seems to be pretty clear to me that this makes the algorithm vulnerable to several collision attacks for session hijacking; the attacker doesn't has to get the full MD5 hash, he only has to get the HALF MD5 hash to hijack the session. With the additional known collisions for the MD5 algorithm itself I think it would be relatively easy to hijack the session just bei intelligent brute force. Greetings, CK ---------------------------------------- http://redmine.ruby-lang.org