Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
rubygem-globalid.27667
rubygem-globalid-CVE-2023-22799.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File rubygem-globalid-CVE-2023-22799.patch of Package rubygem-globalid.27667
Index: globalid-0.4.1/lib/global_id/uri/gid.rb =================================================================== --- globalid-0.4.1.orig/lib/global_id/uri/gid.rb +++ globalid-0.4.1/lib/global_id/uri/gid.rb @@ -123,9 +123,6 @@ module URI private COMPONENT = [ :scheme, :app, :model_name, :model_id, :params ].freeze - # Extracts model_name and model_id from the URI path. - PATH_REGEXP = %r(\A/([^/]+)/?([^/]+)?\z) - def check_host(host) validate_component(host) super @@ -145,11 +142,11 @@ module URI end def set_model_components(path, validate = false) - _, model_name, model_id = path.match(PATH_REGEXP).to_a - model_id = CGI.unescape(model_id) if model_id - + _, model_name, model_id = path.split('/', 3) validate_component(model_name) && validate_model_id(model_id, model_name) if validate + model_id = CGI.unescape(model_id) if model_id + @model_name = model_name @model_id = model_id end @@ -162,7 +159,7 @@ module URI end def validate_model_id(model_id, model_name) - return model_id unless model_id.blank? + return model_id unless model_id.blank? || model_id.include?('/') raise MissingModelIdError, "Unable to create a Global ID for " \ "#{model_name} without a model id."
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
