[#390730] break from a loop which is run on a xml — "mythpills P." <pillay.mithun@...>
how do i loop through a xml and break when i find the node with a
[#390738] Is it useful to run GC.start periodically? — Iñaki Baz Castillo <ibc@...>
Hi, I've a server based on Ruby EventMachine. I'm wondering if it
[#390740] GC.malloc_allocated_size and GC.malloc_allocations not available (#if CALC_EXACT_MALLOC_SIZE) — Iñaki Baz Castillo <ibc@...>
Hi, using Ruby 1.9.3 I cannot use methods GC.malloc_allocated_size and
I単aki Baz Castillo <ibc@aliax.net> wrote:
2011/12/1 Eric Wong <normalperson@yhbt.net>:
[#390745] yaml.h is missing / Failed to configure psych. — Fearless Fool <r@...>
I'm doing a fresh sandboxed install of Ruby 'n Rails 'n such. The
[#390746] RTensor v0.0.1 Released — Admin Tensor <admin@...>
Hi,
[#390748] embedded ruby event hooks — Steve Hart <steve@...>
Hi
[#390749] Why are there so many similar/identical methods in core classes — Kassym Dorsel <k.dorsel@...>
Let's look at the Array class and start with method aliases.
Ah. The reason why I wrote "minimalistic syntax" is because I do agree
[#390752] net/sftp hangs — "Peyman O." <peymano@...>
Hi all,
[#390755] Inverse Operation of Module#include — Su Zhang <su.comp.lang.ruby@...>
Hi list,
I would suggest an Adapter pattern use here. IF there is something that has
Abstract base classes are silly in Ruby; why bother with that
On Fri, Dec 2, 2011 at 1:49 PM, Steve Klabnik <steve@steveklabnik.com>wrote:
On Fri, Dec 2, 2011 at 7:28 PM, Peter Vandenabeele
[#390763] Using OpenSSL for making a network TLS server — Iñaki Baz Castillo <ibc@...>
Hi, Ruby EventMachine has some issues in its TLS implementation (coded
Ruby's OpenSSL library has an SSLServer class that will do exactly what
2011/12/2 John Downey <jdowney@gmail.com>:
2011/12/2 I=C3=B1aki Baz Castillo <ibc@aliax.net>:
Any suggestion about this please? Maybe the only response is that
[#390768] Native extension: arguments as a hash — "Darryl L. Pierce" <mcpierce@...>
I'm working on a native extension in C for Ruby 1.8.7. The method I'm
[#390777] rake --dry-run: how to see what sh commands will be run? — La Wi <lw2011@...>
I am trying to set up some rules to build files with locally installed
[#390788] How to write a sorting program — Samuel Mensah <sasogeek@...>
I'm supposed to write my own sorting method for a list of words entered
[#390795] Is there a better way to check this array? — Wayne Brissette <wbrisett@...>
I have an array which contains items that need to be renamed. =
Wayne Brissette wrote in post #1034881:
Thanks. Both of these have given me more food for thought. I knew grep =
On Sat, Dec 3, 2011 at 2:06 PM, Wayne Brissette <wbrisett@att.net> wrote:
[#390804] Dynamic instances of a class. — "Andres M." <andres.mrad@...>
Hi everyone, i'm really new to ruby and i'm trying to solve the next
OK, hate to multi-post, but wanted to let you know that i made it, is =
[#390808] help with recursive method def'n using eval — Chuck Remes <cremes.devlist@...>
I would like to solve a problem where a writer of a class can provide an array of fields and those fields are turned into two things.
On Saturday, December 3, 2011 4:44:58 PM UTC-5, Chuck Remes wrote:
On Dec 3, 2011, at 8:49 PM, Intransition wrote:
On Sun, Dec 4, 2011 at 9:57 AM, Chuck Remes <cremes.devlist@mac.com> wrote:
[#390833] 'open().each' doesn't close file — Mc Ben <viertelvor12@...>
On Ruby 1.9.3 (win7(64))
On Sun, Dec 4, 2011 at 1:47 PM, Mc Ben <viertelvor12@gmx.net> wrote:
On Sun, Dec 4, 2011 at 08:19, Michael Fellinger <m.fellinger@gmail.com> wro=
On 12/04/2011 06:27 PM, Dave Aronson wrote:
On Sun, Dec 4, 2011 at 21:47, Joel VanderWerf <joelvanderwerf@gmail.com> wrote:
[#390841] Using DATA_PTR in multiple methods — "Matthew S." <mattbastard@...>
I'm writing a Ruby extension in C to utilize a library (tsk3, aka. The
[#390876] black magical hash element vivification — Chad Perrin <code@...>
Ruby (1.9.3p0 to be precise, installed with RVM) is not behaving as I
On Mon, Dec 5, 2011 at 16:28, Chad Perrin <code@apotheon.net> wrote:
On Mon, Dec 5, 2011 at 5:28 PM, Chad Perrin <code@apotheon.net> wrote:
On Tue, Dec 06, 2011 at 01:40:17AM +0900, Jes俍 Gabriel y Gal疣 wrote:
[#390918] WEB SURVEY about Ruby Community — Intransition <transfire@...>
Did any one else get this survey request?
On Wed, Dec 7, 2011 at 12:23 AM, Intransition <transfire@gmail.com> wrote:
On Wed, Dec 7, 2011 at 14:02, Josh Cheek <josh.cheek@gmail.com> wrote:
[#390923] binman 2.0.0 — "Suraj N. Kurapati" <sunaku@...>
[#390942] Truncation using Pixels — "Dhanuja B." <thanuja_16@...>
Is there any method available to truncate string based on Pixels in
[#390951] terrible_timeout 0.1.0 - an alternative to timeout — Eric Wong <normalperson@...>
This module still sucks, don't use it without knowing its caveats. Read
[#390961] Using any trick to omit () in constant lookup? — Marc Heiler <shevegen@...>
Hi.
[#390971] Removing a multiple array layer — "Sébastien M." <stkfdt@...>
Hi,
[#390972] Which is the best online document conversion site? — "Maria M." <mariamoore952@...>
Can anyone tell me that which is the best online document conversion
[#390976] Confusing results from string multiplication — Rob Marshall <robmarshall@...>
Hi,
On 08.12.2011 17:16, Rob Marshall wrote:
Hi Robert,
[#391003] how to view the structure of a hash — eggman2001 <sodani@...>
I keep finding myself trying to decipher the structure of hash objects
Syntax from memory, so please forgive errors...
[#391006] What is a good ruby tutorial / book for a beginner? — Samuel Mensah <sasogeek@...>
I have been reading Chris Pine's book for a while now and I'm stuck at
[#391019] How can I do h["foo"] += "bar" if h["foo"] does not exist? — "Andrew S." <andrewinfosec@...>
Hi there,
On Fri, Dec 9, 2011 at 11:28 AM, Andrew S. <andrewinfosec@gmail.com> wrote:
On Fri, Dec 9, 2011 at 8:38 AM, Ryan Davis <ryand-ruby@zenspider.com> wrote:
[#391027] reading from file without end-of-lines — Janko Muzykant <umrzykus@...>
hi,
> i'm trying to read a few text values from single file:
On Fri, Dec 9, 2011 at 9:58 AM, Gavin Sinclair <gsinclair@gmail.com> wrote:
On Fri, Dec 9, 2011 at 8:18 PM, Robert Klemme
On Fri, Dec 9, 2011 at 7:28 AM, Gavin Sinclair <gsinclair@gmail.com> wrote:
On Sat, Dec 10, 2011 at 1:38 AM, Josh Cheek <josh.cheek@gmail.com> wrote:
> What isn't elegant about the `&'?
On Sat, Dec 10, 2011 at 2:18 PM, Marc Heiler <shevegen@linuxmail.org> wrote:
[#391029] Learn To Program (Chris Pine) - Building and Sorting Array — Emeka Patrick <emekapatrick@...>
Hi,
On Fri, Dec 9, 2011 at 9:58 AM, Emeka Patrick <emekapatrick@gmail.com> wrot=
Hi Robert,
[#391040] CONCEPT OF INSTANCE VARIABLE IN RUBY — Manav Gupta <manavkbgupta@...>
@x = 'Hello world'
[#391058] gem build options -- how to make them persist? — Joel VanderWerf <joelvanderwerf@...>
[#391061] REST CLient Example — rubythemystery ruby <rubythemystery@...>
Hi all,
[#391074] Building a method - Learn to Program Section 9.5 — Emeka Patrick <emekapatrick@...>
In this program
[#391097] How to call a method from a different class — "Darren H." <dhulem1@...>
Hi all,
[#391101] HELP: i need to programm a traffic light an it doesn't work — "Akvile K." <akviliukasledinukas@...>
Hello Everabody,
[#391105] Scope and Instance Variable Question — Cleverlemming <cleverlemming@...>
Hail Caesars!
[#391111] How can i make this procedure into a function? — "Akvile K." <akviliukasledinukas@...>
Hello _everybody in the Ruy Community,
[#391124] enforcing module contract with self.included? — Grary Stimon <grary.stimon@...>
Hey,
[#391129] How to access Hash containing Array of Hashes ? — rubythemystery ruby <rubythemystery@...>
Can anyone give me an example of getting each individual elements of
[#391135] I need advice on what to do next. — Nathan Kossaeth <system_freak_2004@...>
I am new to programming. I read the ebook "Learn to Program" by Chris
I would like to do web programming, integration, and coding mainly. I
So basically what you're saying Marc is write a simple program that
OOP is Object Oriented Programming, Ruby is an Object Oriented Programming
[#391137] Send rtf files to printer — Glenn <glenn_ritz@...>
Hi,=0A=0AI have a hundred or so rtf files and I need to print them.=A0 I'd =
[#391151] jobQueue 1.0.1 - Running stuff with a user defined number of threads — Ralf Mueller <ralf.mueller@...>
Hi!
On Mon, Dec 12, 2011 at 11:25 AM, Ralf Mueller <ralf.mueller@zmaw.de> wrote:
On 12/12/2011 01:23 PM, Robert Klemme wrote:
[#391158] WIN32OLE taking 100% CPU utilisation — "Shareef J." <shareef@...>
Hi there,
[#391159] How to call method of one class in another class — rubythemystery ruby <rubythemystery@...>
Hi all,
[#391183] Searching an array for a pattern derived from another array — Chaim Keren-Tzion <chaim@...>
Hi,
[#391191] Fixing Net::TFTP — Reid Wightman <reid.ruby-forum@...>
Hi all -
[#391216] perf optimization using profile results — Chuck Remes <cremes.devlist@...>
I need some help with optimizing a set of libraries that I use. They are ffi-rzmq, zmqmachine and rzmq_brokers (all up on github).
On Dec 13, 2011, at 9:57 AM, Chuck Remes wrote:
A couple quick observations.
On Dec 13, 2011, at 7:03 PM, Charles Oliver Nutter wrote:
On Tue, Dec 13, 2011 at 8:03 PM, Chuck Remes <cremes.devlist@mac.com> wrote=
For those of you following along, I was able to shave off another 50 microseconds per client. I learned a few things along the way.
[#391224] Servers, Threads, and the Ruby Way -- Architecture Question — EP PG <epasquali@...>
Hi there, I'm a TOTAL Ruby newbie, but not new to programming.
EP PG wrote in post #1036583:
[#391227] how to generate a pdf calendar? — Dan Quach <danbus@...>
I want to generate a pdf calendar, and I have incoming calendar data
[#391237] How to pass a list of conditions as parameters — Thescholar Thescholar <thescholar@...>
I=E2=80=99m unsure how to explain this one so I'll do my best.
On 14/12/11 14:28, Thescholar Thescholar wrote:
On Wed, Dec 14, 2011 at 3:05 AM, Sam Duncan <sduncan@wetafx.co.nz> wrote:
[#391268] round float to integer if whole number — Ronnie Aa <liquid98@...>
Hi,
Possible tests:
Gunther Diemant wrote in post #1036785:
[#391279] Encoding woes with command promt output — Chris Lervag <chris.lervag@...>
Im working on a script which is going to be printing some non-ascii
[#391296] Writing My Own Sorting Method (New to Ruby) — Emeka Patrick <emekapatrick@...>
Hi,
[#391305] Rounding error? — Jan Hendrickx <jan@...>
Hi there,
Hi,
[#391324] ruby 1.9 threading performance goes non-linear — Joel VanderWerf <joelvanderwerf@...>
Joel VanderWerf <joelvanderwerf@gmail.com> wrote:
Eric Wong писал 17.12.2011 02:27:
Peter Zotov <whitequark@whitequark.org> wrote:
[#391337] Writing ruby to [LANGUAGE] "compiler" — Marc Heiler <shevegen@...>
Hi.
[#391338] ruby multithread — rubix Rubix <aggouni2002@...>
Hi,
[#391339] def initialize — Junayeed Ahnaf Nirjhor <zombiegenerator@...>
Hello,
[#391345] Single quoted string to become double quoted - is it possible? — "ANDREW BIZYAEV (GMAIL)" <andrew.bizyaev@...>
Hello, Ruby experts.
On Sun, Dec 18, 2011 at 05:20:19AM +0900, ANDREW BIZYAEV (GMAIL) wrote:
[#391359] Ruby, SAFE, method interception, and plugins — Garthy D <garthy_lmkltybr@...>
[#391361] Scheduling jobs on PCs after work hours — Mohit Sindhwani <mo_mail@...>
Hi All,
[#391364] Encoding problem, YARD and JSON — Intransition <transfire@...>
I have a Hash object I am trying to convert to JSON using the `json` gem.
[#391383] gtk2 TreeView question — Michel Demazure <michel@...>
Does anyone knows how to decrease the default (vertical) spacing between
[#391388] Windows, CreateFile and IO objects — Alex Young <alex@...>
I'm porting some code from Linux to Windows which relies on direct
[#391410] I am too noob to embed an interpreter in my MSVC project. Plz denoob me. — Khat Harr <myphatproxy@...>
I'm trying to embed an interpreter in a DirectX project, so I'm using
[#391420] Accessing class instance variables from an instance? — "Shareef J." <shareef@...>
Hi there,
Actually, now that I'm thinking about it the existing behavior sort of
On Tue, Dec 20, 2011 at 9:42 PM, Khat Harr <myphatproxy@hotmail.com> wrote:
On Wed, Dec 21, 2011 at 5:34 AM, Josh Cheek <josh.cheek@gmail.com> wrote:
On Wed, Dec 21, 2011 at 2:50 AM, Robert Klemme
On Wed, Dec 21, 2011 at 3:08 PM, Josh Cheek <josh.cheek@gmail.com> wrote:
On Thu, Dec 22, 2011 at 2:09 AM, Garthy D
>> In my case, I ended up solving it by adding an "abar" method that just
Concerning an attr for civ's, would it really be detrimental, though?
[#391421] "System" command — "Leo M." <leo.mmcm@...>
Hello!
[#391449] return_bang 1.0 Released — Eric Hodel <drbrain@...7.net>
return_bang version 1.0 has been released!
[#391491] vlad 2.2.4 Released — Ryan Davis <ryand-ruby@...>
vlad version 2.2.4 has been released!
On Thu, Dec 22, 2011 at 09:56:13AM +0900, Ryan Davis wrote:
[#391497] Free an Object — Tridib Bandopadhyay <tridib04@...>
Hello
[#391525] new curse in spanish for beginning ruby on rails — Curso Ruby on Rails <cursorubyonrails@...>
Hello guys!
[#391545] Kernel#exit raises an exception? — Khat Harr <myphatproxy@...>
While I was working on embedding an interpreter I wrote a function to
[#391556] How to Combo — Intransition <transfire@...>
Easiest implementation of "some_method" in Ruby?
[#391559] LoadError: cannot load such file -- feedtools — mapreferee ruby <support@...>
This problem is found when typing the following code into irb after
[#391568] Scan - variable as pattern — "Sashi K." <sashidkr@...>
I want to define a variable, like:
[#391569] make error: symbol lookup error: undefined symbol — Steve Johnston <steve.r.johnston@...>
Any help on this would be greatly appreciated. I am trying to install
[#391572] Mixin for Mixins — Intransition <transfire@...>
Going through some old code snippets and came across this clever bit. Back
[#391592] Simple CSV and Excel problem. — cristian cristian <currambero@...>
Hello all!
[#391594] JRuby 1.6.5.1 Released — Thomas E Enebo <tom.enebo@...>
The JRuby community is pleased to announce the release of JRuby 1.6.5.1.
For whatever reason the CERT link is not quite live yet. It will be
[#391603] Segmentation fault - Ruby 1.8.7 and Rails 3.1.3 — Rodrigo Emygdio <rodrigo.emygdio@...>
HI,
[#391606] ruby 1.8.7 patchlevel 357 released — Urabe Shyouhei <shyouhei@...>
Hello all.
[#391618] rvmsh: An easy installer for RVM — Bryan Dunsmore <dunsmoreb@...>
I have recently begun work on a project called [rvmsh]
On Thu, Dec 29, 2011 at 11:28:16AM +0900, Bryan Dunsmore wrote:
[#391783] Mailspam — Gunther Diemant <g.diemant@...>
Is there a way to stop this mailspam of Luca (Mail)?
Due to this Spam, I unsubscribed :(
unsubscribe...
I'm still trying to figure out how to UNSUBSCRIBE.
On Sat, Dec 31, 2011 at 5:25 PM, Cathy Alomari <cathy1428@gmail.com> wrote:
Also if you look at you mail headers you will find a header that is
[#391790] What’s the standard way of implementing #hash for value objects in Ruby? — Nikolai Weibull <now@...>
Hi!
I think you can't access instance variables from a class method, so
On Thu, Dec 29, 2011 at 15:52, Gunther Diemant <g.diemant@gmx.net> wrote:
On Thu, Dec 29, 2011 at 4:06 PM, Nikolai Weibull <now@bitwi.se> wrote:
On Fri, Dec 30, 2011 at 00:26, Robert Klemme <shortcutter@googlemail.com> w=
On Thu, Dec 29, 2011 at 5:47 PM, Nikolai Weibull <now@bitwi.se> wrote:
On Fri, Dec 30, 2011 at 06:25, Josh Cheek <josh.cheek@gmail.com> wrote:
On Fri, Dec 30, 2011 at 3:09 AM, Nikolai Weibull <now@bitwi.se> wrote:
On Fri, Dec 30, 2011 at 12:47 AM, Nikolai Weibull <now@bitwi.se> wrote:
I found this recent discussion interesting in a somewhat related
On Fri, Dec 30, 2011 at 15:02, Robert Klemme <shortcutter@googlemail.com> w=
On Fri, Dec 30, 2011 at 3:43 PM, Nikolai Weibull <now@bitwi.se> wrote:
[#391804] Making questionable headway with erubis... — Xeno Campanoli <xeno.campanoli@...>
I am using the example here:
[#391817] Hash access — Josh Cheek <josh.cheek@...>
Hi, was playing around with an idea after reading the thread about defining
[#391831] How to report a bug in ruby-1.9.3-p0 that is not present in ruby-1.9.3-head (ruby-1.9.3-p6) — Peter Vandenabeele <peter@...>
Hi,
Peter Vandenabeele wrote in post #1038848:
On Fri, Dec 30, 2011 at 6:36 PM, Luis Lavena <luislavena@gmail.com> wrote:
[#391839] If else not working — sathish babu <sathish.babu@...>
I'm getting error like comparison of string with 50 failed
[#391849] output file from variable — Alex Sweps <alexszepes@...>
Hello Everyone
[#391876] Check my terminology and understanding please — "Nate Lindstrom" <nathan@...>
Am I understanding this correctly, and are my terms correct? Thanks in
A 'receiver' is also an object, and your 'object' is also a receiver,
I'm afraid I don't follow. What's the different message you speak of, if
[ANN] JRuby 1.6.5.1 Released
The JRuby community is pleased to announce the release of JRuby 1.6.5.1.
- Homepage: http://www.jruby.org/
- Download: http://www.jruby.org/download
JRuby 1.6.5.1 is a special release with a single patch applied to our
JRuby 1.6.5 source to correct CERT vulnerability CERT-2011-003
(http://www.ocert.org/advisories/ocert-2011-003.html). All users are
recommended to upgrade to JRuby 1.6.5.1 to get this security fix.
A fuller JRuby 1.6.6 with bug fixes from the last two months will be
released mid-January...
**Background for the CERT advisory:**
(for the impatient: predictable hashing algorithm and open access to a
hash from a server can possibly allow Denial of Service (DOS) attacks)
**Hashing 101**
Hash tables apply a math function (hashing function) to the key of a
key-value pair. The result of the hashing function is a location to a
hash bucket which stores the key/value pair internally:
a[:heh] =3D 1
hashing_function(:heh) -> store :heh/1 in hash bucket #3
a[:foo] =3D 2
hashing_function(:foo) -> store :foo/2 in hash bucket #13
a[:bar] =3D 3
hashing_function(:bar) -> store :bar/3 in hash bucket #1
Hashes have many buckets and in theory all key/value pairs added to a
hash will get spread out evenly across the hashes buckets. In
practice, some number of keys will end up hashing into the same hash
bucket (known as a hashing collision). As you get more key/value
pairs stored to the same hash bucket the time to access those
particular key/value pairs will slow down. This is because you need
to walk some portion of the entries in the bucket to find the specific
one you are looking for (hash structures will often make entries in an
individual bucket a simple list structure).
a[:gar] =3D 4
hashing_function(:gar) -> store gar/4 in hash bucket #3 (same
bucket as :heh)
In this example, accessing a[:gar] and a[:heh] may take longer than
the other keys because they are sharing a hash bucket.
**The Attack**
The general application of the attack is for "the bad guys" to figure
out a large set of values which will hash to the same hash bucket.
Once they create this list they will send all those values to a
server. The server will store them in a hash (think parameter list in
Rack, for example). The act of storing or accessing any of those
values takes longer and longer as the number of entries in a single
hash bucket grows. The result will be a Denial Of Service (DOS)
attack if enough values get stored.
hashing_function(:hostname) -> hash bucket #3
hashing_function(:aZ1) -> hash bucket #3
hashing_function(:cvg) -> hash bucket #3
hashing_function(:azr) -> hash bucket #3
... # many elided
hashing_function(:1fr) -> hash bucket #3
hashing_function(:yu3) -> hash bucket #3
hashing_function(:hyX) -> hash bucket #3
host =3D params[:hostname] # Uh oh! need to find this amongst many
bucket buddies
**The Fix**
Adding a little bit of randomization to the hashing algorithm ends up
making it much, much more difficult to figure out how to generate this
type of attack. JRuby 1.6.5.1 (and all later JRuby releases) all have
this additional randomization built into the hashing algorithm. The
result should be decent hash bucket distribution that is difficult for
attackers to predict.
More information
This vulnerability is not exclusively an issue of JRuby. Other Ruby
implementations also have a similar issue (also patched today/soon).
In fact, Java and PHP also appear to be susceptible to this style of
attack. For more information, please see the CERT announcement
(http://www.ocert.org/advisories/ocert-2011-003.html) .
Also, consider that language implementations are really only
susceptible to this attack via frameworks which allow an external
hacker to store arbitrary and/or unbounded key/values into a hash.
Ruby Rack had this vulnerability, but they have fixed things so that
the amount of parameters stored is bounded by a size to remove the
possibility of a DOS attack. Rack users should upgrade to the latest
version.
--=20
blog: http://blog.enebo.com=A0 =A0 =A0=A0 twitter: tom_enebo
mail: tom.enebo@gmail.com