Package: libruby1.8
Version: 1.8.5-4etch3
Severity: normal
After libruby1.8 1.8.5-4etch3, parsing of some XML documents failed.
For example,
% ruby -r rexml/document -r open-uri -e
'REXML::Document.new(URI.parse("http://github.com/bioruby/bioruby/tree/master%2Ftest%2Fdata%2Fblast%2Fb0002.faa.m7?raw=true";).read).root.each_element_with_text
{ |e| p e.name }'
"BlastOutput_program"
"BlastOutput_version"
/usr/lib/ruby/1.8/rexml/entity.rb:76:in `unnormalized': undefined method
`record_entity_expansion' for nil:NilClass (NoMethodError)
from /usr/lib/ruby/1.8/rexml/doctype.rb:143:in `entity'
from /usr/lib/ruby/1.8/rexml/text.rb:323:in `unnormalize'
from /usr/lib/ruby/1.8/rexml/text.rb:321:in `each'
from /usr/lib/ruby/1.8/rexml/text.rb:321:in `unnormalize'
from /usr/lib/ruby/1.8/rexml/text.rb:173:in `value'
from /usr/lib/ruby/1.8/rexml/element.rb:457:in `text'
from /usr/lib/ruby/1.8/rexml/element.rb:438:in `has_text?'
from /usr/lib/ruby/1.8/rexml/element.rb:389:in `each_element_with_text'
from /usr/lib/ruby/1.8/rexml/element.rb:734:in `call'
from /usr/lib/ruby/1.8/rexml/element.rb:734:in `each_with_something'
from /usr/lib/ruby/1.8/rexml/element.rb:939:in `each'
from /usr/lib/ruby/1.8/rexml/xpath.rb:53:in `each'
from /usr/lib/ruby/1.8/rexml/element.rb:939:in `each'
from /usr/lib/ruby/1.8/rexml/element.rb:733:in `each_with_something'
from /usr/lib/ruby/1.8/rexml/element.rb:393:in `each_element_with_text'
from -e:1
With 1.8.5-4etch2, no error occurred.
% ruby -r rexml/document -r open-uri -e
'REXML::Document.new(URI.parse("http://github.com/bioruby/bioruby/tree/master%2Ftest%2Fdata%2Fblast%2Fb0002.faa.m7?raw=true";).read).root.each_element_with_text
{ |e| p e.name }'
"BlastOutput_program"
"BlastOutput_version"
"BlastOutput_reference"
"BlastOutput_db"
"BlastOutput_query-ID"
"BlastOutput_query-def"
"BlastOutput_query-len"
"BlastOutput_param"
"BlastOutput_iterations"
The same problem is reported in a blog.
http://mashing-it-up.blogspot.com/2008/09/dos-vulnerability-in-rexml-patch-fix.html
Following patch can fix this bug.
--- /usr/lib/ruby/1.8/rexml/entity.rb.ORIG 2008-10-11 04:35:02.000000000
+0900
+++ /usr/lib/ruby/1.8/rexml/entity.rb 2008-10-17 21:18:59.731379482 +0900
@@ -73,7 +73,7 @@
# all entities -- both %ent; and &ent; entities. This differs
from
# +value()+ in that +value+ only replaces %ent; entities.
def unnormalized
- document.record_entity_expansion
+ document.record_entity_expansion unless document.nil?
v = value()
return nil if v.nil?
@unnormalized = Text::unnormalize(v, parent)
The same patch for ruby1.8 source package is:
--- debian/patches/168_rexml_dos.patch.ORIG 2008-10-17 20:56:29.000000000
+0900
+++ debian/patches/168_rexml_dos.patch 2008-10-17 21:16:53.330108500 +0900
@@ -44,7 +44,7 @@
# all entities -- both %ent; and &ent; entities. This differs
from
# +value()+ in that +value+ only replaces %ent; entities.
def unnormalized
-+ document.record_entity_expansion
++ document.record_entity_expansion unless document.nil?
v = value()
return nil if v.nil?
@unnormalized = Text::unnormalize(v, parent)
Thank you.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.25
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages libruby1.8 depends on:
ii libc6 2.3.6.ds1-13etch7 GNU C Library: Shared libraries
ii libncurses5 5.5-5 Shared libraries for terminal hand
ii zlib1g 1:1.2.3-13 compression library - runtime
libruby1.8 recommends no packages.
-- debconf-show failed
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
