sbsm 1.0.5 → 1.0.6

data/History.txt

@@ -1,3 +1,13 @@
+=== 1.0.6 / 20.01.2012
+
+* Added untaint to __FILE__ and request.server.document_root in trans_handler.rb
+* this is to get rid of the Ruby 1.9.3*  error when mod_ruby is compiled against
+* Ruby 1.9.3
+
+	mod_ruby:
+  	/usr/local/lib64/ruby/gems/1.9.1/gems/sbsm-1.0.5/lib/sbsm/trans_handler.rb:21:in
+  	`expand_path': Insecure operation - expand_path (SecurityError)
+
 === 1.0.5 / 17.01.2012
 
 * Removed redefine_19_cookie.rb

data/lib/sbsm/index.rb

@@ -23,7 +23,7 @@
 # Index -- sbsm -- 04.03.2003 -- hwyss@ywesee.com 
 
 module SBSM
-VERSION = '1.0.5'
+VERSION = '1.0.6'
   class Index
 		def initialize
 			@values = []

data/lib/sbsm/trans_handler.rb

@@ -1,5 +1,5 @@
 #!/usr/bin/env ruby
-# SBSM::TransHandler -- sbsm -- 16.01.2012 -- mhatakeyama@ywesee.com
+# SBSM::TransHandler -- sbsm -- 20.01.2012 -- mhatakeyama@ywesee.com
 # SBSM::TransHandler -- sbsm -- 23.09.2004 -- hwyss@ywesee.com
 
 $USING_STRSCAN = true
@@ -19,14 +19,14 @@ module SBSM
 			@parser_name = name
 			@parser_method = "_#{name}_parser"
 			@grammar_path = File.expand_path("../../data/#{name}.grammar", 
-				File.dirname(__FILE__))
+				File.dirname(__FILE__.untaint))
 			@parser_path = File.expand_path("#{name}_parser.rb", 
-				File.dirname(__FILE__))
+				File.dirname(__FILE__.untaint))
 		end
     def config(request)
       config = Hash.new { {} } 
 			begin
-        path = File.expand_path(CONFIG_PATH, request.server.document_root)
+        path = File.expand_path(CONFIG_PATH, request.server.document_root.untaint)
         path.untaint
         config.update(YAML.load(File.read(path)))
         config

metadata

@@ -1,12 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: sbsm
 version: !ruby/object:Gem::Version 
-  prerelease: false
+  hash: 27
+  prerelease: 
   segments: 
   - 1
   - 0
-  - 5
-  version: 1.0.5
+  - 6
+  version: 1.0.6
 platform: ruby
 authors: 
 - Masaomi Hatakeyama, Zeno R.R. Davatz
@@ -14,23 +15,38 @@ autorequire:
 bindir: bin
 cert_chain: []
 
-date: 2012-01-17 00:00:00 +01:00
-default_executable: 
+date: 2012-01-20 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
-  name: hoe
+  name: rdoc
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
     requirements: 
-    - - ">="
+    - - ~>
       - !ruby/object:Gem::Version 
+        hash: 19
         segments: 
-        - 2
-        - 9
-        - 1
-        version: 2.9.1
+        - 3
+        - 10
+        version: "3.10"
   type: :development
   version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: hoe
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 27
+        segments: 
+        - 2
+        - 12
+        version: "2.12"
+  type: :development
+  version_requirements: *id002
 description: Application framework for state based session management
 email: 
 - mhatakeyama@ywesee.com, zdavatz@ywesee.com
@@ -94,7 +110,6 @@ files:
 - test/test_validator.rb
 - usage-en.txt
 - .gemtest
-has_rdoc: true
 homepage: http://scm.ywesee.com/?p=sbsm/.git;a=summary
 licenses: []
 
@@ -105,23 +120,27 @@ rdoc_options:
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 requirements: []
 
 rubyforge_project: sbsm
-rubygems_version: 1.3.6
+rubygems_version: 1.8.15
 signing_key: 
 specification_version: 3
 summary: Application framework for state based session management