[#44757] [ruby-trunk - Bug #5533][Assigned] Pathname's raising "invalid sequence" — Shyouhei Urabe <shyouhei@...>
5 messages
2011/11/01
[#44775] [ruby-trunk - Feature #5549][Open] Comparable#min, Comparable#max — Tsuyoshi Sawada <sawadatsuyoshi@...>
4 messages
2011/11/02
[#44796] [Backport93 - Backport #5565][Open] STDOUT.puts writes LF (not CR+LF) in textmode — Usaku NAKAMURA <redmine@...>
6 messages
2011/11/03
[#44800] [ruby-trunk - Bug #5576][Open] [Universal Newline]改行コードが"\r\n"で出力されない — pegacorn jp <subscriber.jp+ruby-redmine@...>
8 messages
2011/11/06
[#44817] [ruby-trunk - Feature #5584][Open] Array#sample! — Masaki Matsushita <glass.saga@...>
12 messages
2011/11/07
[#44837] [ruby-trunk - Bug #5593][Open] Windows上で \\.\ から始まるデバイスをopenするとクラッシュ — 宗介 相良 <snowjail@...>
5 messages
2011/11/08
[#44850] [ruby-trunk - Feature #5606][Open] String#each_match(regexp) — Tomoaki Nishiyama <tomoakin@...>
5 messages
2011/11/10
[#44853] [ruby-trunk - Bug #5608][Open] make -j 16 sometimes fail — Tomoaki Nishiyama <tomoakin@...>
5 messages
2011/11/10
[#44870] Re: [ruby-cvs:40906] kosaki:r33728 (trunk): * test/ruby/test_io.rb (test_fcntl_dupfd): skip if Fcntl::DUPFD — Tanaka Akira <akr@...>
2011/11/13 <kosaki@ruby-lang.org>:
3 messages
2011/11/14
[#44899] Re: [ruby-cvs:41015] kosaki:r33837 (trunk): * configure.in: turn on PIE if --enable-shared is not specified. — Tanaka Akira <akr@...>
2011/11/25 <kosaki@ruby-lang.org>:
3 messages
2011/11/27
[#44904] [ruby-trunk - Bug #5688][Open] Solaris10 で spawn を繰り返すとメモリリークする — okkez _ <redmine@...>
14 messages
2011/11/29
[#44922] [ruby-trunk - Bug #5688] Solaris10 で spawn を繰り返すとメモリリークする
— okkez _ <redmine@...>
2011/12/02
[#44906] [ruby-trunk - Bug #5689][Open] class variables inside of instance methods inside of "class_eval" — Shyouhei Urabe <shyouhei@...>
5 messages
2011/11/30
[ruby-dev:44905] [ruby-trunk - Bug #5635] String#unpack("M") の不正データ時の振る舞い
From:
Yui NARUSE <naruse@...>
Date:
2011-11-29 20:09:47 UTC
List:
ruby-dev #44905
Issue #5635 has been updated by Yui NARUSE.
わたしには処理を継続しないと読めるんですがどうなんでしょう。
まぁ、RFCよりもこの手の通信系は長いものに巻かれるのが正しい気もするので、他の実装の例でも。
----------------------------------------
Bug #5635: String#unpack("M") の不正データ時の振る舞い
http://redmine.ruby-lang.org/issues/5635
Author: Masahiro Tomita
Status: Open
Priority: Normal
Assignee:
Category:
Target version:
ruby -v: ruby 1.9.3p0 (2011-11-08 revision 33661) [i686-linux]
String#unpack("M") で "=hoge" みたいな不正なデータがあった場合、現在は
そこで処理を中断してしまっていますが、それ以降のデータをすべて捨ててし
まうのはかわいそうなので、ポインタを一つ進めて処理を継続した方がいいん
じゃないかと思うのですがどうでしょうか。
RFC2045 には次のような記述があります。
(2) An "=" followed by a character that is neither a
hexadecimal digit (including "abcdef") nor the CR
character of a CRLF pair is illegal. This case can be
the result of US-ASCII text having been included in a
quoted-printable part of a message without itself
having been subjected to quoted-printable encoding. A
reasonable approach by a robust implementation might be
to include the "=" character and the following
character in the decoded data without any
transformation and, if possible, indicate to the user
that proper decoding was not possible at this point in
the data.
Index: pack.c
===================================================================
--- pack.c (リビジョン 33758)
+++ pack.c (作業コピー)
@@ -2008,20 +2008,23 @@
while (s < send) {
if (*s == '=') {
- if (++s == send) break;
- if (s+1 < send && *s == '\r' && *(s+1) == '\n')
- s++;
- if (*s != '\n') {
- if ((c1 = hex2num(*s)) == -1) break;
- if (++s == send) break;
- if ((c2 = hex2num(*s)) == -1) break;
- *ptr++ = c1 << 4 | c2;
+ if (s+1 < send && *(s+1) == '\n') {
+ s += 2;
+ continue;
+ }
+ if (s+2 < send) {
+ if (*(s+1) == '\r' && *(s+2) == '\n') {
+ s += 3;
+ continue;
+ }
+ if ((c1 = hex2num(*(s+1))) > -1 && (c2 = hex2num(*(s+2))) > -1) {
+ *ptr++ = c1 << 4 | c2;
+ s += 3;
+ continue;
+ }
}
}
- else {
- *ptr++ = *s;
- }
- s++;
+ *ptr++ = *s++;
}
rb_str_set_len(buf, ptr - RSTRING_PTR(buf));
ENCODING_CODERANGE_SET(buf, rb_ascii8bit_encindex(), ENC_CODERANGE_VALID);
Index: test/ruby/test_pack.rb
===================================================================
--- test/ruby/test_pack.rb (リビジョン 33758)
+++ test/ruby/test_pack.rb (作業コピー)
@@ -612,6 +612,17 @@
assert_equal([0x100000000], "\220\200\200\200\000".unpack("w"), [0x100000000])
end
+ def test_pack_unpack_M
+ assert_equal(["pre123after"], "pre=31=32=33after".unpack("M"))
+ assert_equal(["preafter"], "pre=\nafter".unpack("M"))
+ assert_equal(["preafter"], "pre=\r\nafter".unpack("M"))
+ assert_equal(["pre="], "pre=".unpack("M"))
+ assert_equal(["pre=\r"], "pre=\r".unpack("M"))
+ assert_equal(["pre=hoge"], "pre=hoge".unpack("M"))
+ assert_equal(["pre=1after"], "pre==31after".unpack("M"))
+ assert_equal(["pre==1after"], "pre===31after".unpack("M"))
+ end
+
def test_modify_under_safe4
s = "foo"
assert_raise(SecurityError) do
--
http://redmine.ruby-lang.org