[DRE-commits] [ruby-rack] 03/06: refresh patches

Praveen Arimbrathodiyil praveen at moszumanska.debian.org
Thu Aug 6 08:38:41 UTC 2015


This is an automated email from the git hooks/post-receive script.

praveen pushed a commit to branch master
in repository ruby-rack.

commit 8cde17aaffd43b4493f2e0a5665a17430a03b4a5
Author: Praveen Arimbrathodiyil <praveen at debian.org>
Date:   Thu Aug 6 13:57:58 2015 +0530

    refresh patches
---
 debian/patches/0001-Fix-Params_Depth.patch | 63 +++---------------------------
 1 file changed, 6 insertions(+), 57 deletions(-)

diff --git a/debian/patches/0001-Fix-Params_Depth.patch b/debian/patches/0001-Fix-Params_Depth.patch
index c6f68af..39891fa 100644
--- a/debian/patches/0001-Fix-Params_Depth.patch
+++ b/debian/patches/0001-Fix-Params_Depth.patch
@@ -12,63 +12,12 @@ Conflicts:
  test/spec_utils.rb | 12 ++++++++++++
  2 files changed, 23 insertions(+), 4 deletions(-)
 
-diff --git a/lib/rack/utils.rb b/lib/rack/utils.rb
-index 6576dd2..4656f4a 100644
---- a/lib/rack/utils.rb
-+++ b/lib/rack/utils.rb
-@@ -49,12 +49,17 @@ module Rack
- 
-     class << self
-       attr_accessor :key_space_limit
-+      attr_accessor :param_depth_limit
-     end
- 
-     # The default number of bytes to allow parameter keys to take up.
-     # This helps prevent a rogue client from flooding a Request.
-     self.key_space_limit = 65536
- 
-+    # Default depth at which the parameter parser will raise an exception for
-+    # being too deep.  This helps prevent SystemStackErrors
-+    self.param_depth_limit = 100
-+
-     # Stolen from Mongrel, with some small modifications:
-     # Parses a query string by breaking it up at the '&'
-     # and ';' characters.  You can also use this to parse
-@@ -94,7 +99,9 @@ module Rack
-     end
-     module_function :parse_nested_query
- 
--    def normalize_params(params, name, v = nil)
-+    def normalize_params(params, name, v = nil, depth = Utils.param_depth_limit)
-+      raise RangeError if depth <= 0
-+
-       name =~ %r(\A[\[\]]*([^\[\]]+)\]*)
-       k = $1 || ''
-       after = $' || ''
-@@ -112,14 +119,14 @@ module Rack
-         params[k] ||= []
-         raise TypeError, "expected Array (got #{params[k].class.name}) for param `#{k}'" unless params[k].is_a?(Array)
-         if params_hash_type?(params[k].last) && !params[k].last.key?(child_key)
--          normalize_params(params[k].last, child_key, v)
-+          normalize_params(params[k].last, child_key, v, depth - 1)
-         else
--          params[k] << normalize_params(params.class.new, child_key, v)
-+          params[k] << normalize_params(params.class.new, child_key, v, depth - 1)
-         end
-       else
-         params[k] ||= params.class.new
-         raise TypeError, "expected Hash (got #{params[k].class.name}) for param `#{k}'" unless params_hash_type?(params[k])
--        params[k] = normalize_params(params[k], after, v)
-+        params[k] = normalize_params(params[k], after, v, depth - 1)
-       end
- 
-       return params
-diff --git a/test/spec_utils.rb b/test/spec_utils.rb
-index 69e3fbb..ac1e003 100644
---- a/test/spec_utils.rb
-+++ b/test/spec_utils.rb
-@@ -114,6 +114,18 @@ describe Rack::Utils do
-     Rack::Utils.parse_query("foo%3Dbaz=bar").should.equal "foo=baz" => "bar"
+Index: ruby-rack/test/spec_utils.rb
+===================================================================
+--- ruby-rack.orig/test/spec_utils.rb
++++ ruby-rack/test/spec_utils.rb
+@@ -146,6 +146,18 @@ describe Rack::Utils do
+     }.should.not.raise
    end
  
 +  should "raise an exception if the params are too deep" do

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/ruby-rack.git



More information about the Pkg-ruby-extras-commits mailing list