annotate config/initializers/bigdecimal-segfault-fix.rb @ 1452:d6b9fd02bb89
feature_36_js_refactoring
Deprecated develoment branch.
| author |
luisf <luis.figueira@eecs.qmul.ac.uk> |
| date |
Fri, 11 Oct 2013 17:01:24 +0100 |
| parents |
513646585e45 |
| children |
|
| rev |
line source |
|
Chris@0
|
1 # Copyright (c) 2009 Michael Koziarski <michael@koziarski.com>
|
|
Chris@0
|
2 #
|
|
Chris@0
|
3 # Permission to use, copy, modify, and/or distribute this software for any
|
|
Chris@0
|
4 # purpose with or without fee is hereby granted, provided that the above
|
|
Chris@0
|
5 # copyright notice and this permission notice appear in all copies.
|
|
Chris@0
|
6 #
|
|
Chris@0
|
7 # THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
|
|
Chris@0
|
8 # WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
|
|
Chris@0
|
9 # MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
|
|
Chris@0
|
10 # ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
|
|
Chris@0
|
11 # WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
|
|
Chris@0
|
12 # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
|
|
Chris@0
|
13 # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
|
|
Chris@0
|
14
|
|
Chris@0
|
15 require 'bigdecimal'
|
|
Chris@0
|
16
|
|
Chris@0
|
17 alias BigDecimalUnsafe BigDecimal
|
|
Chris@0
|
18
|
|
Chris@0
|
19
|
|
Chris@0
|
20 # This fixes CVE-2009-1904 however it removes legitimate functionality that your
|
|
Chris@0
|
21 # application may depend on. You are *strongly* advised to upgrade your ruby
|
|
Chris@0
|
22 # rather than relying on this fix for an extended period of time.
|
|
Chris@0
|
23
|
|
Chris@0
|
24 def BigDecimal(initial, digits=0)
|
|
Chris@0
|
25 if initial.size > 255 || initial =~ /e/i
|
|
Chris@0
|
26 raise "Invalid big Decimal Value"
|
|
Chris@0
|
27 end
|
|
Chris@0
|
28 BigDecimalUnsafe(initial, digits)
|
|
Chris@0
|
29 end
|
|
Chris@0
|
30
|
