Age | Commit message (Collapse) | Author |
|
|
|
Not sure why snakeyaml doesn't follow libyaml here. I'll follow
up with them.
|
|
|
|
146a637e2205b2b36a6fa83fc0c6f7ce0c74e123."
This reverts commit f5455216532f33e2b32bb035d14d820d1d37906b.
|
|
|
|
|
|
I had to hard-code two places that referenced a constant under
Psych because neither the Rakefile nor a "gem build" loads that
file. It was picking up the older version in my current JRuby
process.
|
|
The IO object given to Psych::Emitter#initialize is saved inside
LibYAML, yaml_emitter_t. This is a problem because Ruby's GC marker
can't find it, and can lead to use after free.
So, store the IO object in an instance variable and fetch from it every
time the write handler is called.
The segmentation fault can be reproduced with the following snippet:
emitter = Psych::Emitter.new(open("/dev/null", "w"))
GC.start
emitter.start_stream(Psych::Parser::UTF16BE) # make it write something
emitter.end_stream
|
|
|
|
|
|
* 41049830e1252f17bdaa076d816352658025af9c
* 0ed8647f7fe56736bbbd290a0b38f9e21b350769
* 8409644bf70e1be05b16b7984b7b61de321bab90
|
|
|
|
|
|
|
|
|
|
Typo with "indentation"
|
|
Fix typo in error message
|
|
|
|
Intendation => Indentation
|
|
ref. https://github.com/ruby/ruby/commit/3e92b635fb5422207b7bbdc924e292e51e21f040
|
|
https://github.com/ruby/ruby/commit/cc0313436160b735a3d41361cb5e3eeb10fcbdad
https://github.com/ruby/ruby/commit/db48c307944a9a18877236bdf9e9b778875f38ed
|
|
|
|
|
|
|
|
|
|
|
|
* master:
psych: allocate structs with wrapper
update minitest gem to 5.x, add Ruby 2.2 test target
|
|
* ext/psych/psych_emitter.c (allocate): allocate structs with
making new wrapper objects and get rid of potential memory leak.
* ext/psych/psych_parser.c (allocate): ditto.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@50672 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
|
|
Fixes jruby/jruby#2901.
|
|
* master:
Adding Rubinius as an Allowed Failure
bump version
Fix CVE-2014-9130
Adding RVM listing for Rubinius
fix minitest warnings
* ext/psych/lib/psych/visitors/yaml_tree.rb: register nodes when dumping objects with custom coders. [ruby-core:66215] [Bug #10496]
* ext/psych/lib/psych/visitors/to_ruby.rb: fix support for regular expressions with newlines. tenderlove/psych#222
* ext/psych/lib/psych/visitors/to_ruby.rb: fix parsing hashes with instance variables when it is referenced multiple times. * ext/psych/lib/psych.rb: bump version * ext/psych/psych.gemspec: bump version * test/psych/test_hash.rb: test for fix
bump version
Fix anchor
Fix assertion regexps
bump version
Only dump ivars for subclasses of String, not for String. With cf0dd2b93f1552a3c452a0bfa0e996f441d5e27e, fixes #217.
Only dump ivars for subclasses of Hash, not for Hash. Fixes #216. Fixes part of #217.
Fix block chomping and add more tests
Preset @line_width in YAMLTree#initialize for better performance
Use appropriate style for serialized strings
Remove unnnecessary 'str' variable in YAMLTree#visit_String
|
|
use maven to resolve jar dependencies for compilation. setup jar-dependencies
to install the snakeyaml jar when installing the gem via rubygems or bundler.
added java code to reflect the snakeyaml vesion which got finally loaded into
the jruby-classloader.
|
|
See https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9130
This is already fixed in libyaml via this patch:
https://bitbucket.org/xi/libyaml/commits/2b9156756423e967cfd09a61d125d883fca6f4f2
|
|
Conflicts:
.gitignore
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
* ext/psych/yaml/loader.c: ditto
* ext/psych/yaml/parser.c: ditto
* ext/psych/yaml/reader.c: ditto
* ext/psych/yaml/scanner.c: ditto
* ext/psych/yaml/writer.c: ditto
* ext/psych/yaml/yaml_private.h: ditto
|
|
https://github.com/ruby/ruby/pull/506
|
|
s/preceeded/preceded/
|
|
https://github.com/tenderlove/psych/pull/161
|
|
|
|
defined, restricted subset of Ruby object types.
* ext/psych/lib/psych/class_loader.rb: A class loader for
encapsulating the logic for which objects are allowed to be
deserialized.
* ext/psych/lib/psych/deprecated.rb: Changes to use the class loader
* ext/psych/lib/psych/exception.rb: ditto
* ext/psych/lib/psych/json/stream.rb: ditto
* ext/psych/lib/psych/nodes/node.rb: ditto
* ext/psych/lib/psych/scalar_scanner.rb: ditto
* ext/psych/lib/psych/stream.rb: ditto
* ext/psych/lib/psych/streaming.rb: ditto
* ext/psych/lib/psych/visitors/json_tree.rb: ditto
* ext/psych/lib/psych/visitors/to_ruby.rb: ditto
* ext/psych/lib/psych/visitors/yaml_tree.rb: ditto
* ext/psych/psych_to_ruby.c: ditto
* test/psych/helper.rb: ditto
* test/psych/test_safe_load.rb: tests for restricted subset.
* test/psych/test_scalar_scanner.rb: ditto
* test/psych/visitors/test_to_ruby.rb: ditto
* test/psych/visitors/test_yaml_tree.rb: ditto
|
|
|
|
|
|
|
|
|