escape_utils 0.2.0 → 0.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. data/CHANGELOG.md +3 -0
  2. data/ext/escape_utils/escape_utils.c +4 -4
  3. data/lib/escape_utils/version.rb +1 -1
  4. metadata +4 -5
  5. data/VERSION +0 -1
data/CHANGELOG.md CHANGED
@@ -1,5 +1,8 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.2.1 (February 21st, 2011)
4
+ * fix buffer over read in unescape_url and unescape_uri
5
+
3
6
  ## 0.2.0 (February 8th, 2011)
4
7
  * fixed a couple of compilation warnings on 1.9.3
5
8
  * moved to rspec2
data/ext/escape_utils/escape_utils.c CHANGED
@@ -233,6 +233,7 @@ static size_t unescape_url(unsigned char *out, const unsigned char *in, size_t i
233
233
  if (IS_HEX(*in) && IS_HEX(*(in+1))) {
234
234
  *out++ = (UNHEX(*in) << 4) + UNHEX(*(in+1));
235
235
  in+=2;
236
+ len-=2;
236
237
  total-=2;
237
238
  } else {
238
239
  /* incomplete escape, pass it through */
@@ -283,6 +284,7 @@ static size_t unescape_uri(unsigned char *out, const unsigned char *in, size_t i
283
284
  if (IS_HEX(*in) && IS_HEX(*(in+1))) {
284
285
  *out++ = (UNHEX(*in) << 4) + UNHEX(*(in+1));
285
286
  in+=2;
287
+ len-=2;
286
288
  total-=2;
287
289
  } else {
288
290
  /* incomplete escape, pass it through */
@@ -622,13 +624,11 @@ static VALUE rb_unescape_uri(VALUE self, VALUE str) {
622
624
  return rb_output_buf;
623
625
  }
624
626
 
625
- static VALUE rb_s_get_html_secure(VALUE self)
626
- {
627
+ static VALUE rb_s_get_html_secure(VALUE self) {
627
628
  return rb_cvar_get(self, rb_html_secure);
628
629
  }
629
630
 
630
- static VALUE rb_s_set_html_secure(VALUE self, VALUE val)
631
- {
631
+ static VALUE rb_s_set_html_secure(VALUE self, VALUE val) {
632
632
  html_secure = RTEST(val);
633
633
  rb_cvar_set(self, rb_html_secure, val);
634
634
 
data/lib/escape_utils/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module EscapeUtils
2
- VERSION = "0.2.0"
2
+ VERSION = "0.2.1"
3
3
  end
metadata CHANGED
@@ -1,13 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: escape_utils
3
3
  version: !ruby/object:Gem::Version
4
- hash: 23
4
+ hash: 21
5
5
  prerelease:
6
6
  segments:
7
7
  - 0
8
8
  - 2
9
- - 0
10
- version: 0.2.0
9
+ - 1
10
+ version: 0.2.1
11
11
  platform: ruby
12
12
  authors:
13
13
  - Brian Lopez
@@ -15,7 +15,7 @@ autorequire:
15
15
  bindir: bin
16
16
  cert_chain: []
17
17
 
18
- date: 2011-02-08 00:00:00 -08:00
18
+ date: 2011-02-21 00:00:00 -08:00
19
19
  default_executable:
20
20
  dependencies:
21
21
  - !ruby/object:Gem::Dependency
@@ -136,7 +136,6 @@ files:
136
136
  - MIT-LICENSE
137
137
  - README.rdoc
138
138
  - Rakefile
139
- - VERSION
140
139
  - benchmark/html_escape.rb
141
140
  - benchmark/html_unescape.rb
142
141
  - benchmark/javascript_escape.rb
data/VERSION DELETED
@@ -1 +0,0 @@
1
- 0.1.9