pvalena / rpms / ruby

Forked from rpms/ruby 6 years ago
Clone
Source Code
GIT

Files

  1.   e9a1e47fca12f0b28f7a7d9b74cf9707630f376a
  2.   ruby-1.8.6-p287-CVE-2008-5189.patch
Blob Blame History Raw 
--- lib/cgi.rb  (revision 19665)
+++ lib/cgi.rb  (working copy)
@@ -546,6 +546,11 @@
     when Hash
       options = options.dup
     end
+    options.each_value do |value|
+      if /\n(?![ \t])/ === value
+        raise ArgumentError, "potential HTTP header injection detected"
+      end
+    end

     unless options.has_key?("type")
       options["type"] = "text/html"
Powered by Pagure 5.13.3
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.