Mercurial > hg > soundsoftware-site

annotate config/initializers/bigdecimal-segfault-fix.rb @ 1082:997f6d7738f7 bug_531

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
In repo controller entry action, show the page for the file even if it's binary (so user still has access to history etc links). This makes it possible to use the entry action as the default when a file is clicked on
author Chris Cannam <chris.cannam@soundsoftware.ac.uk>
date Thu, 22 Nov 2012 18:04:17 +0000
parents 513646585e45
children
rev   line source
Chris@0 1 # Copyright (c) 2009 Michael Koziarski <michael@koziarski.com>
Chris@0 2 #
Chris@0 3 # Permission to use, copy, modify, and/or distribute this software for any
Chris@0 4 # purpose with or without fee is hereby granted, provided that the above
Chris@0 5 # copyright notice and this permission notice appear in all copies.
Chris@0 6 #
Chris@0 7 # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
Chris@0 8 # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
Chris@0 9 # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
Chris@0 10 # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
Chris@0 11 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
Chris@0 12 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
Chris@0 13 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
Chris@0 14
Chris@0 15 require 'bigdecimal'
Chris@0 16
Chris@0 17 alias BigDecimalUnsafe BigDecimal
Chris@0 18
Chris@0 19
Chris@0 20 # This fixes CVE-2009-1904 however it removes legitimate functionality that your
Chris@0 21 # application may depend on. You are *strongly* advised to upgrade your ruby
Chris@0 22 # rather than relying on this fix for an extended period of time.
Chris@0 23
Chris@0 24 def BigDecimal(initial, digits=0)
Chris@0 25 if initial.size > 255 || initial =~ /e/i
Chris@0 26 raise "Invalid big Decimal Value"
Chris@0 27 end
Chris@0 28 BigDecimalUnsafe(initial, digits)
Chris@0 29 end
Chris@0 30