RubyGems - nokogiri - Versions diffs - 1.6.2.1-x86-mingw32 → 1.6.3.rc1-x86-mingw32 - Mend

nokogiri 1.6.2.1-x86-mingw32 → 1.6.3.rc1-x86-mingw32

This version of nokogiri might be problematic. Click here for more details.

Files changed (10) hide show

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 5f4d1d991f8b668a5eb21c477ed14f5fe116b195
-  data.tar.gz: 7eba13583c2d40dfe9475e109ea26a552bb071da
+  metadata.gz: 0236e503ac3fae3e1f001c995d1b8bb3d56af09d
+  data.tar.gz: 7f6a1882b10c5cc3345bf4cd5484f8c234a88550
 SHA512:
-  metadata.gz: 895e8edb268152e71541cd639d481600488612ce268d279f0dff84c8e85e345db616ce7067a641fc7435869905b06875369838668f97aee50d9d5d6932a4ea11
-  data.tar.gz: 782610000a02aa7ac76473fb3b81ea23ae0edbcdf024651b7377e2cef7019e610967486095a1499a9bd1ca6339fd353b5ac594c317f5add3c4f42e5ee8294120
+  metadata.gz: 82da8e07b2f0d799c271c5e9326a190e6c8517cde88cebecdcef5a152f7f95cd188355f81a270744c0d0ecd46a5983e9a88ed1f853bb4377cbb7773d6c0ce850
+  data.tar.gz: c7b08fa4fe1dc952ce1f88b416bc24ca3bca642cc5153ff5432a3c84a735112f1b9d53d1e5ad3ef99d909c365cc046960beb86592b3885827745de599917e293

data/CHANGELOG.ja.rdoc CHANGED

@@ -1,9 +1,18 @@
-=== 1.6.2.1
+=== 1.6.3 / unreleased
-==== Bugの修正
+==== Bug fixes
+* Fix JRuby memory exhaustion vulnerability. #1087 (Thanks, @ocher!)
+* Fix segfault during GC when using `libxml-ruby` and `nokogiri` together in multi-threaded environment. #895 (Thanks, @ender672!)
+=== 1.6.2.1 / 2014年5月13日
+==== バグ修正
 * Fix statically-linked libxml2 installation when using universal builds of Ruby. #1104
 * Patching `mini_portile` to address the git dependency detailed in #1102.
+* Library load fix to address segfault reported on some systems. #1097
 === 1.6.2 / 2014年5月12日

data/CHANGELOG.rdoc CHANGED

@@ -1,9 +1,18 @@
-=== 1.6.2.1
+=== 1.6.3 / unreleased
-==== Bug fix
+==== Bug fixes
+* Fix JRuby memory exhaustion vulnerability. #1087 (Thanks, @ocher)
+* Fix segfault during GC when using `libxml-ruby` and `nokogiri` together in multi-threaded environment. #895 (Thanks, @ender672!)
+=== 1.6.2.1 / 2014-05-13
+==== Bug fixes
 * Fix statically-linked libxml2 installation when using universal builds of Ruby. #1104
 * Patching `mini_portile` to address the git dependency detailed in #1102.
+* Library load fix to address segfault reported on some systems. #1097
 === 1.6.2 / 2014-05-12

@@ -17,13 +17,29 @@ static int dealloc_node_i(xmlNodePtr key, xmlNodePtr node, xmlDocPtr doc)
   return ST_CONTINUE;
 }
+static void remove_private(xmlNodePtr node)
+{
+  xmlNodePtr child;
+  for (child = node->children; child; child = child->next)
+    remove_private(child);
+  if ((node->type == XML_ELEMENT_NODE ||
+       node->type == XML_XINCLUDE_START ||
+       node->type == XML_XINCLUDE_END) &&
+      node->properties) {
+    for (child = (xmlNodePtr)node->properties; child; child = child->next)
+      remove_private(child);
+  }
+  node->_private = NULL;
+}
 static void dealloc(xmlDocPtr doc)
 {
-  xmlDeregisterNodeFunc func;
   st_table *node_hash;
   NOKOGIRI_DEBUG_START(doc);
-  func = xmlDeregisterNodeDefault(NULL);
   node_hash  = DOC_UNLINKED_NODE_HASH(doc);
@@ -31,10 +47,17 @@ static void dealloc(xmlDocPtr doc)
   st_free_table(node_hash);
   free(doc->_private);
-  doc->_private = NULL;
+  /* When both Nokogiri and libxml-ruby are loaded, make sure that all nodes
+   * have their _private pointers cleared. This is to avoid libxml-ruby's
+   * xmlDeregisterNode callback from accessing VALUE pointers from ruby's GC
+   * free context, which can result in segfaults.
+   */
+  if (xmlDeregisterNodeDefaultValue)
+    remove_private((xmlNodePtr)doc);
   xmlFreeDoc(doc);
-  xmlDeregisterNodeDefault(func);
   NOKOGIRI_DEBUG_END(doc);
 }

Binary file

Binary file

Binary file

data/lib/nokogiri/version.rb CHANGED

@@ -1,6 +1,6 @@
 module Nokogiri
   # The version of Nokogiri you are using
-  VERSION = '1.6.2.1'
+  VERSION = '1.6.3.rc1'
   class VersionInfo # :nodoc:
     def jruby?

data/test/xml/test_document.rb CHANGED

@@ -625,6 +625,12 @@ module Nokogiri
         refute_empty doc.errors
       end
+      def test_memory_explosion_on_wrong_formatted_element_following_the_root_element
+        doc = Nokogiri::XML("<a/><\n")
+        refute_nil doc
+        refute_empty doc.errors
+      end
       def test_document_has_errors
         doc = Nokogiri::XML(<<-eoxml)
           <foo><bar></foo>

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nokogiri
 version: !ruby/object:Gem::Version
-  version: 1.6.2.1
+  version: 1.6.3.rc1
 platform: x86-mingw32
 authors:
 - Aaron Patterson
@@ -12,7 +12,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2014-05-14 00:00:00.000000000 Z
+date: 2014-05-22 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mini_portile
@@ -526,9 +526,9 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: 1.9.2
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
-  - - '>='
+  - - '>'
     - !ruby/object:Gem::Version
-      version: '0'
+      version: 1.3.1
 requirements: []
 rubyforge_project: nokogiri
 rubygems_version: 2.2.2