← Back to branch summary

~ubuntu-branches/ubuntu/quantal/ruby-activesupport-2.3/quantal-security

« back to all changes in this revision

Viewing changes to .pc/CVE-2013-0333.patch/lib/active_support/json/decoding.rb

  • Committer: Package Import Robot
  • Author(s): Jamie Strandboge
  • Date: 2013-02-13 10:41:04 UTC
  • Revision ID: package-import@ubuntu.com-20130213104104-4iyflucg1axwsbql
Tags: 2.3.14-4ubuntu0.2
https://launchpad.net/bugs/1119256
* SECURITY UPDATE: Add an OkJson backend and remove the YAML backend to
  resolve improper conversion of JSON to YAML (LP: #1119256)
  - debian/patches/CVE-2013-0333.patch: added patch from Debian 2.3.14-6
  - CVE-2013-0333

Show diffs side-by-side

added added

removed removed

Lines of Context:
.pc/CVE-2013-0333.patch/lib/active_support/json/decoding.rb
 
1
require 'active_support/core_ext/module/attribute_accessors'
 
2
 
 
3
module ActiveSupport
 
4
  # Look for and parse json strings that look like ISO 8601 times.
 
5
  mattr_accessor :parse_json_times
 
6
 
 
7
  module JSON
 
8
    # Listed in order of preference.
 
9
    DECODERS = %w(Yajl Yaml)
 
10
 
 
11
    class << self
 
12
      attr_reader :parse_error
 
13
      delegate :decode, :to => :backend
 
14
 
 
15
      def backend
 
16
        set_default_backend unless defined?(@backend)
 
17
        @backend
 
18
      end
 
19
 
 
20
      def backend=(name)
 
21
        if name.is_a?(Module)
 
22
          @backend = name
 
23
        else
 
24
          require "active_support/json/backends/#{name.to_s.downcase}.rb"
 
25
          @backend = ActiveSupport::JSON::Backends::const_get(name)
 
26
        end
 
27
        @parse_error = @backend::ParseError
 
28
      end
 
29
 
 
30
      def with_backend(name)
 
31
        old_backend, self.backend = backend, name
 
32
        yield
 
33
      ensure
 
34
        self.backend = old_backend
 
35
      end
 
36
 
 
37
      def set_default_backend
 
38
        DECODERS.find do |name|
 
39
          begin
 
40
            self.backend = name
 
41
            true
 
42
          rescue LoadError
 
43
            # Try next decoder.
 
44
            false
 
45
          end
 
46
        end
 
47
      end
 
48
    end
 
49
  end
 
50
end