[#68478] Looking for MRI projects for Ruby Google Summer of Code 2015 — Tony Arcieri <bascule@...>
Hi ruby-core,
10 messages
2015/03/10
[#68480] Re: Looking for MRI projects for Ruby Google Summer of Code 2015
— SASADA Koichi <ko1@...>
2015/03/10
I have.
[#68549] Re: Looking for MRI projects for Ruby Google Summer of Code 2015
— SASADA Koichi <ko1@...>
2015/03/17
I sent several ideas on previous, mail, but they are seems rejected?
[#68493] [Ruby trunk - Feature #10532] [PATCH] accept_nonblock supports "exception: false" — nobu@...
Issue #10532 has been updated by Nobuyoshi Nakada.
5 messages
2015/03/11
[#68503] Re: [Ruby trunk - Feature #10532] [PATCH] accept_nonblock supports "exception: false"
— Eric Wong <normalperson@...>
2015/03/12
Committed as r49948.
[#68504] Re: [Ruby trunk - Feature #10532] [PATCH] accept_nonblock supports "exception: false"
— Nobuyoshi Nakada <nobu@...>
2015/03/12
On 2015/03/12 12:08, Eric Wong wrote:
[#68506] Seven stacks (and two questions) — Jakub Trzebiatowski <jaktrze1@...>
The Ruby Hacking Guide says that Ruby has=E2=80=A6 seven stacks. Is it =
5 messages
2015/03/12
[#68520] Possible regression in 2.1 and 2.2 in binding when combined with delegate? — Joe Swatosh <joe.swatosh@...>
# The following code
3 messages
2015/03/14
[#68604] GSOC project Cross-thread Fiber support — surya pratap singh raghuvanshi <oshosurya@...>
- *hi i am a third year computer science student interested in working
6 messages
2015/03/22
[#68606] Re: GSOC project Cross-thread Fiber support
— Tony Arcieri <bascule@...>
2015/03/22
Hi Surya,
[#68619] Re: GSOC project Cross-thread Fiber support
— surya pratap singh raghuvanshi <oshosurya@...>
2015/03/23
hi tony,
[ruby-core:68586] [Ruby trunk - Bug #10988] [PATCH] Raise ArgumentError when string passed to String#crypt contains null
From:
nobu@...
Date:
2015-03-21 06:21:32 UTC
List:
ruby-core #68586
Issue #10988 has been updated by Nobuyoshi Nakada.
I agree this behavior would be better, but maybe a feature request?
----------------------------------------
Bug #10988: [PATCH] Raise ArgumentError when string passed to String#crypt contains null
https://bugs.ruby-lang.org/issues/10988#change-51897
* Author: Jan Rusnacko
* Status: Open
* Priority: Normal
* Assignee:
* ruby -v: 2.3.0dev
* Backport: 2.0.0: UNKNOWN, 2.1: UNKNOWN, 2.2: UNKNOWN
----------------------------------------
Currently String#crypt assumes that it is called on a password typed
by the user, specifically, that it does not contain null character.
When it does:
"abc\0def".crypt("pass") == "abc".crypt("pass")
=> true
This may not be desirable, and developers invoking crypt on strings
that potentially include null may expect different results. To
prevent security failures, this patch changes String#crypt to throw
ArgumentError when invoked on String that includes null character.
https://www.reddit.com/r/netsec/comments/2yugos/null_bytes_bcrypt_problem/
Also PR: https://github.com/ruby/ruby/pull/853
---Files--------------------------------
0001-Raise-ArgumentError-when-string-passed-to-String-cry.patch (1.87 KB)
--
https://bugs.ruby-lang.org/