Upgrade to Ruby 3.1.5.

* Upgrade to Ruby 3.1.5.
  Resolves: RHEL-35748
* Fix buffer overread vulnerability in StringIO.
  Resolves: RHEL-35749
* Fix RCE vulnerability with .rdoc_options in RDoc.
  Resolves: RHEL-35750
* Fix arbitrary memory address read vulnerability with Regex search.
  Resolves: RHEL-35751

Fix fiddle build with libffi versions 3.1 or older.
This commit is contained in:
Jun Aruga 2024-05-07 15:04:06 +02:00
parent 82a19c4144
commit 578b78b080
16 changed files with 193 additions and 804 deletions

View File

@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
index d261ea57b5..3c13076b82 100644 index d261ea57b5..3c13076b82 100644
--- a/configure.ac --- a/configure.ac
+++ b/configure.ac +++ b/configure.ac
@@ -3381,6 +3381,11 @@ AS_IF([test ${multiarch+set}], [ @@ -3388,6 +3388,11 @@ AS_IF([test ${multiarch+set}], [
]) ])
archlibdir='${libdir}/${arch}' archlibdir='${libdir}/${arch}'

View File

@ -14,7 +14,7 @@ diff --git a/configure.ac b/configure.ac
index c42436c23d..d261ea57b5 100644 index c42436c23d..d261ea57b5 100644
--- a/configure.ac --- a/configure.ac
+++ b/configure.ac +++ b/configure.ac
@@ -4039,7 +4039,8 @@ AS_CASE(["$ruby_version_dir_name"], @@ -4046,7 +4046,8 @@ AS_CASE(["$ruby_version_dir_name"],
ruby_version_dir=/'${ruby_version_dir_name}' ruby_version_dir=/'${ruby_version_dir_name}'
if test -z "${ruby_version_dir_name}"; then if test -z "${ruby_version_dir_name}"; then

View File

@ -11,7 +11,7 @@ diff --git a/configure.ac b/configure.ac
index 3c13076b82..93af30321d 100644 index 3c13076b82..93af30321d 100644
--- a/configure.ac --- a/configure.ac
+++ b/configure.ac +++ b/configure.ac
@@ -4103,6 +4103,8 @@ AC_SUBST(vendorarchdir)dnl @@ -4110,6 +4110,8 @@ AC_SUBST(vendorarchdir)dnl
AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl AC_SUBST(CONFIGURE, "`echo $0 | sed 's|.*/||'`")dnl
AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl AC_SUBST(configure_args, "`echo "${ac_configure_args}" | sed 's/\\$/$$/g'`")dnl

View File

@ -15,7 +15,7 @@ diff --git a/configure.ac b/configure.ac
index 93af30321d..bc13397e0e 100644 index 93af30321d..bc13397e0e 100644
--- a/configure.ac --- a/configure.ac
+++ b/configure.ac +++ b/configure.ac
@@ -4075,6 +4075,10 @@ AC_ARG_WITH(vendorarchdir, @@ -4082,6 +4082,10 @@ AC_ARG_WITH(vendorarchdir,
[vendorarchdir=$withval], [vendorarchdir=$withval],
[vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}]) [vendorarchdir=${multiarch+'${rubysitearchprefix}/vendor_ruby'${ruby_version_dir}}${multiarch-'${vendorlibdir}/${sitearch}'}])
@ -26,7 +26,7 @@ index 93af30321d..bc13397e0e 100644
AS_IF([test "${LOAD_RELATIVE+set}"], [ AS_IF([test "${LOAD_RELATIVE+set}"], [
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
RUBY_EXEC_PREFIX='' RUBY_EXEC_PREFIX=''
@@ -4099,6 +4104,7 @@ AC_SUBST(sitearchdir)dnl @@ -4106,6 +4110,7 @@ AC_SUBST(sitearchdir)dnl
AC_SUBST(vendordir)dnl AC_SUBST(vendordir)dnl
AC_SUBST(vendorlibdir)dnl AC_SUBST(vendorlibdir)dnl
AC_SUBST(vendorarchdir)dnl AC_SUBST(vendorarchdir)dnl

View File

@ -20,7 +20,7 @@ diff --git a/configure.ac b/configure.ac
index 80b137e380..63cd3b4f8b 100644 index 80b137e380..63cd3b4f8b 100644
--- a/configure.ac --- a/configure.ac
+++ b/configure.ac +++ b/configure.ac
@@ -3990,9 +3990,6 @@ AS_CASE(["$target_os"], @@ -3997,9 +3997,6 @@ AS_CASE(["$target_os"],
rubyw_install_name='$(RUBYW_INSTALL_NAME)' rubyw_install_name='$(RUBYW_INSTALL_NAME)'
]) ])
@ -30,7 +30,7 @@ index 80b137e380..63cd3b4f8b 100644
rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'} rubyarchprefix=${multiarch+'${archlibdir}/${RUBY_BASE_NAME}'}${multiarch-'${rubylibprefix}/${arch}'}
AC_ARG_WITH(rubyarchprefix, AC_ARG_WITH(rubyarchprefix,
AS_HELP_STRING([--with-rubyarchprefix=DIR], AS_HELP_STRING([--with-rubyarchprefix=DIR],
@@ -4015,56 +4015,62 @@ AC_ARG_WITH(ridir, @@ -4022,56 +4019,62 @@ AC_ARG_WITH(ridir,
AC_SUBST(ridir) AC_SUBST(ridir)
AC_SUBST(RI_BASE_NAME) AC_SUBST(RI_BASE_NAME)
@ -120,7 +120,7 @@ index 80b137e380..63cd3b4f8b 100644
AS_IF([test "${LOAD_RELATIVE+set}"], [ AS_IF([test "${LOAD_RELATIVE+set}"], [
AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE) AC_DEFINE_UNQUOTED(LOAD_RELATIVE, $LOAD_RELATIVE)
@@ -4081,6 +4081,7 @@ AC_SUBST(sitearchincludedir)dnl @@ -4088,6 +4091,7 @@ AC_SUBST(sitearchincludedir)dnl
AC_SUBST(arch)dnl AC_SUBST(arch)dnl
AC_SUBST(sitearch)dnl AC_SUBST(sitearch)dnl
AC_SUBST(ruby_version)dnl AC_SUBST(ruby_version)dnl

View File

@ -1,135 +0,0 @@
From 7af748ba924ba6119251ff959231c126784621e2 Mon Sep 17 00:00:00 2001
From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
Date: Wed, 21 Jun 2023 13:26:37 +0900
Subject: [PATCH 1/2] Bump up v0.12.2
---
lib/uri/rfc2396_parser.rb | 4 ++--
lib/uri/rfc3986_parser.rb | 2 +-
lib/uri/version.rb | 2 +-
test/uri/test_parser.rb | 22 ++++++++++++++++++++++
4 files changed, 26 insertions(+), 4 deletions(-)
diff --git a/lib/uri/rfc2396_parser.rb b/lib/uri/rfc2396_parser.rb
index 76a8f99fd48ccd..00c66cf0422213 100644
--- a/lib/uri/rfc2396_parser.rb
+++ b/lib/uri/rfc2396_parser.rb
@@ -497,8 +497,8 @@ def initialize_regexp(pattern)
ret = {}
# for URI::split
- ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
- ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
+ ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
+ ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
# for URI::extract
ret[:URI_REF] = Regexp.new(pattern[:URI_REF])
diff --git a/lib/uri/rfc3986_parser.rb b/lib/uri/rfc3986_parser.rb
index dd24a409ea174e..9b1663dbb6efe3 100644
--- a/lib/uri/rfc3986_parser.rb
+++ b/lib/uri/rfc3986_parser.rb
@@ -100,7 +100,7 @@ def default_regexp # :nodoc:
QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
OPAQUE: /\A(?:[^\/].*)?\z/,
- PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/,
+ PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/,
}
end
diff --git a/lib/uri/version.rb b/lib/uri/version.rb
index 7497a7d31a5df7..f0aca586acab4f 100644
--- a/lib/uri/version.rb
+++ b/lib/uri/version.rb
@@ -1,6 +1,6 @@
module URI
# :stopdoc:
- VERSION_CODE = '001201'.freeze
+ VERSION_CODE = '001202'.freeze
VERSION = VERSION_CODE.scan(/../).collect{|n| n.to_i}.join('.').freeze
# :startdoc:
end
diff --git a/test/uri/test_parser.rb b/test/uri/test_parser.rb
index 72fb5901d963f6..cee0acb4b57c87 100644
--- a/test/uri/test_parser.rb
+++ b/test/uri/test_parser.rb
@@ -79,4 +79,26 @@ def test_split
assert_equal([nil, nil, "example.com", nil, nil, "", nil, nil, nil], URI.split("//example.com"))
assert_equal([nil, nil, "[0::0]", nil, nil, "", nil, nil, nil], URI.split("//[0::0]"))
end
+
+ def test_rfc2822_parse_relative_uri
+ pre = ->(length) {
+ " " * length + "\0"
+ }
+ parser = URI::RFC2396_Parser.new
+ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |uri|
+ assert_raise(URI::InvalidURIError) do
+ parser.split(uri)
+ end
+ end
+ end
+
+ def test_rfc3986_port_check
+ pre = ->(length) {"\t" * length + "a"}
+ uri = URI.parse("http://my.example.com")
+ assert_linear_performance((1..5).map {|i| 10**i}, pre: pre) do |port|
+ assert_raise(URI::InvalidComponentError) do
+ uri.port = port
+ end
+ end
+ end
end
From b2deea8a2e71ab880370080a9ddf243747abc8fd Mon Sep 17 00:00:00 2001
From: Hiroshi SHIBATA <hsbt@ruby-lang.org>
Date: Wed, 21 Jun 2023 14:15:26 +0900
Subject: [PATCH 2/2] Merge URI-0.10.3 for Bundler
---
lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb | 4 ++--
lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb | 2 +-
lib/bundler/vendor/uri/lib/uri/version.rb | 2 +-
3 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb b/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb
index e48e164f4c13e7..09ed40754d5bfe 100644
--- a/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb
+++ b/lib/bundler/vendor/uri/lib/uri/rfc2396_parser.rb
@@ -491,8 +491,8 @@ def initialize_regexp(pattern)
ret = {}
# for Bundler::URI::split
- ret[:ABS_URI] = Regexp.new('\A\s*' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
- ret[:REL_URI] = Regexp.new('\A\s*' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
+ ret[:ABS_URI] = Regexp.new('\A\s*+' + pattern[:X_ABS_URI] + '\s*\z', Regexp::EXTENDED)
+ ret[:REL_URI] = Regexp.new('\A\s*+' + pattern[:X_REL_URI] + '\s*\z', Regexp::EXTENDED)
# for Bundler::URI::extract
ret[:URI_REF] = Regexp.new(pattern[:URI_REF])
diff --git a/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb b/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb
index cd4dd0c7526630..870720e5b3e8d0 100644
--- a/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb
+++ b/lib/bundler/vendor/uri/lib/uri/rfc3986_parser.rb
@@ -95,7 +95,7 @@ def default_regexp # :nodoc:
QUERY: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
FRAGMENT: /\A(?:%\h\h|[!$&-.0-;=@-Z_a-z~\/?])*\z/,
OPAQUE: /\A(?:[^\/].*)?\z/,
- PORT: /\A[\x09\x0a\x0c\x0d ]*\d*[\x09\x0a\x0c\x0d ]*\z/,
+ PORT: /\A[\x09\x0a\x0c\x0d ]*+\d*[\x09\x0a\x0c\x0d ]*\z/,
}
end
diff --git a/lib/bundler/vendor/uri/lib/uri/version.rb b/lib/bundler/vendor/uri/lib/uri/version.rb
index 3895df0de5c53a..d65b7e5b7574d8 100644
--- a/lib/bundler/vendor/uri/lib/uri/version.rb
+++ b/lib/bundler/vendor/uri/lib/uri/version.rb
@@ -1,6 +1,6 @@
module Bundler::URI
# :stopdoc:
- VERSION_CODE = '001002'.freeze
+ VERSION_CODE = '001003'.freeze
VERSION = VERSION_CODE.scan(/../).collect{|n| n.to_i}.join('.').freeze
# :startdoc:
end

View File

@ -171,7 +171,7 @@ index 1c35856c44..bff0666a17 100644
#if defined(_WIN32) #if defined(_WIN32)
static LPTOP_LEVEL_EXCEPTION_FILTER old_handler; static LPTOP_LEVEL_EXCEPTION_FILTER old_handler;
@@ -9268,13 +9286,7 @@ gc_start_internal(rb_execution_context_t *ec, VALUE self, VALUE full_mark, VALUE @@ -9271,13 +9289,7 @@ gc_start_internal(rb_execution_context_t *ec, VALUE self, VALUE full_mark, VALUE
/* For now, compact implies full mark / sweep, so ignore other flags */ /* For now, compact implies full mark / sweep, so ignore other flags */
if (RTEST(compact)) { if (RTEST(compact)) {
@ -186,7 +186,7 @@ index 1c35856c44..bff0666a17 100644
reason |= GPR_FLAG_COMPACT; reason |= GPR_FLAG_COMPACT;
} }
@@ -9439,7 +9451,7 @@ gc_move(rb_objspace_t *objspace, VALUE scan, VALUE free, size_t slot_size) @@ -9442,7 +9454,7 @@ gc_move(rb_objspace_t *objspace, VALUE scan, VALUE free, size_t slot_size)
return (VALUE)src; return (VALUE)src;
} }
@ -195,7 +195,7 @@ index 1c35856c44..bff0666a17 100644
static int static int
compare_free_slots(const void *left, const void *right, void *dummy) compare_free_slots(const void *left, const void *right, void *dummy)
{ {
@@ -10167,7 +10179,7 @@ gc_update_references(rb_objspace_t *objspace) @@ -10197,7 +10209,7 @@ gc_update_references(rb_objspace_t *objspace)
gc_update_table_refs(objspace, finalizer_table); gc_update_table_refs(objspace, finalizer_table);
} }
@ -204,7 +204,7 @@ index 1c35856c44..bff0666a17 100644
/* /*
* call-seq: * call-seq:
* GC.latest_compact_info -> {:considered=>{:T_CLASS=>11}, :moved=>{:T_CLASS=>11}} * GC.latest_compact_info -> {:considered=>{:T_CLASS=>11}, :moved=>{:T_CLASS=>11}}
@@ -10208,7 +10220,7 @@ gc_compact_stats(VALUE self) @@ -10238,7 +10250,7 @@ gc_compact_stats(VALUE self)
# define gc_compact_stats rb_f_notimplement # define gc_compact_stats rb_f_notimplement
#endif #endif
@ -213,7 +213,7 @@ index 1c35856c44..bff0666a17 100644
static void static void
root_obj_check_moved_i(const char *category, VALUE obj, void *data) root_obj_check_moved_i(const char *category, VALUE obj, void *data)
{ {
@@ -10287,7 +10299,7 @@ gc_compact(VALUE self) @@ -10317,7 +10329,7 @@ gc_compact(VALUE self)
# define gc_compact rb_f_notimplement # define gc_compact rb_f_notimplement
#endif #endif
@ -222,7 +222,7 @@ index 1c35856c44..bff0666a17 100644
/* /*
* call-seq: * call-seq:
* GC.verify_compaction_references(toward: nil, double_heap: false) -> hash * GC.verify_compaction_references(toward: nil, double_heap: false) -> hash
@@ -10818,7 +10830,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _) @@ -10848,7 +10860,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _)
return rb_gc_disable(); return rb_gc_disable();
} }
@ -231,7 +231,7 @@ index 1c35856c44..bff0666a17 100644
/* /*
* call-seq: * call-seq:
* GC.auto_compact = flag * GC.auto_compact = flag
@@ -10832,8 +10844,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _) @@ -10862,8 +10874,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _)
static VALUE static VALUE
gc_set_auto_compact(VALUE _, VALUE v) gc_set_auto_compact(VALUE _, VALUE v)
{ {
@ -241,7 +241,7 @@ index 1c35856c44..bff0666a17 100644
ruby_enable_autocompact = RTEST(v); ruby_enable_autocompact = RTEST(v);
return v; return v;
@@ -10842,7 +10853,8 @@ gc_set_auto_compact(VALUE _, VALUE v) @@ -10872,7 +10883,8 @@ gc_set_auto_compact(VALUE _, VALUE v)
# define gc_set_auto_compact rb_f_notimplement # define gc_set_auto_compact rb_f_notimplement
#endif #endif
@ -251,7 +251,7 @@ index 1c35856c44..bff0666a17 100644
/* /*
* call-seq: * call-seq:
* GC.auto_compact -> true or false * GC.auto_compact -> true or false
@@ -13753,11 +13776,21 @@ Init_GC(void) @@ -13791,11 +13803,21 @@ Init_GC(void)
rb_define_singleton_method(rb_mGC, "malloc_allocated_size", gc_malloc_allocated_size, 0); rb_define_singleton_method(rb_mGC, "malloc_allocated_size", gc_malloc_allocated_size, 0);
rb_define_singleton_method(rb_mGC, "malloc_allocations", gc_malloc_allocations, 0); rb_define_singleton_method(rb_mGC, "malloc_allocations", gc_malloc_allocations, 0);
#endif #endif
@ -278,7 +278,7 @@ index 1c35856c44..bff0666a17 100644
#if GC_DEBUG_STRESS_TO_CLASS #if GC_DEBUG_STRESS_TO_CLASS
rb_define_singleton_method(rb_mGC, "add_stress_to_class", rb_gcdebug_add_stress_to_class, -1); rb_define_singleton_method(rb_mGC, "add_stress_to_class", rb_gcdebug_add_stress_to_class, -1);
@@ -13781,6 +13803,7 @@ Init_GC(void) @@ -13819,6 +13841,7 @@ Init_GC(void)
OPT(MALLOC_ALLOCATED_SIZE); OPT(MALLOC_ALLOCATED_SIZE);
OPT(MALLOC_ALLOCATED_SIZE_CHECK); OPT(MALLOC_ALLOCATED_SIZE_CHECK);
OPT(GC_PROFILE_DETAIL_MEMORY); OPT(GC_PROFILE_DETAIL_MEMORY);

View File

@ -22,7 +22,7 @@ diff --git a/gc.c b/gc.c
index ef9327df1f..1c35856c44 100644 index ef9327df1f..1c35856c44 100644
--- a/gc.c --- a/gc.c
+++ b/gc.c +++ b/gc.c
@@ -10165,8 +10165,20 @@ gc_update_references(rb_objspace_t *objspace) @@ -10195,8 +10195,20 @@ gc_update_references(rb_objspace_t *objspace)
gc_update_table_refs(objspace, finalizer_table); gc_update_table_refs(objspace, finalizer_table);
} }
@ -44,7 +44,7 @@ index ef9327df1f..1c35856c44 100644
{ {
size_t i; size_t i;
rb_objspace_t *objspace = &rb_objspace; rb_objspace_t *objspace = &rb_objspace;
@@ -10239,22 +10251,70 @@ heap_check_moved_i(void *vstart, void *vend, size_t stride, void *data) @@ -10269,22 +10281,70 @@ heap_check_moved_i(void *vstart, void *vend, size_t stride, void *data)
return 0; return 0;
} }
@ -120,7 +120,7 @@ index ef9327df1f..1c35856c44 100644
RB_VM_LOCK_ENTER(); RB_VM_LOCK_ENTER();
{ {
@@ -10274,12 +10334,12 @@ gc_verify_compaction_references(rb_execution_context_t *ec, VALUE self, VALUE do @@ -10304,12 +10364,12 @@ gc_verify_compaction_references(rb_execution_context_t *ec, VALUE self, VALUE do
} }
RB_VM_LOCK_LEAVE(); RB_VM_LOCK_LEAVE();
@ -135,7 +135,7 @@ index ef9327df1f..1c35856c44 100644
} }
VALUE VALUE
@@ -10740,8 +10800,18 @@ gc_disable(rb_execution_context_t *ec, VALUE _) @@ -10770,8 +10830,18 @@ gc_disable(rb_execution_context_t *ec, VALUE _)
return rb_gc_disable(); return rb_gc_disable();
} }
@ -155,7 +155,7 @@ index ef9327df1f..1c35856c44 100644
{ {
/* If not MinGW, Windows, or does not have mmap, we cannot use mprotect for /* If not MinGW, Windows, or does not have mmap, we cannot use mprotect for
* the read barrier, so we must disable automatic compaction. */ * the read barrier, so we must disable automatic compaction. */
@@ -10755,8 +10825,14 @@ gc_set_auto_compact(rb_execution_context_t *ec, VALUE _, VALUE v) @@ -10785,8 +10855,14 @@ gc_set_auto_compact(rb_execution_context_t *ec, VALUE _, VALUE v)
return v; return v;
} }
@ -171,7 +171,7 @@ index ef9327df1f..1c35856c44 100644
{ {
return RBOOL(ruby_enable_autocompact); return RBOOL(ruby_enable_autocompact);
} }
@@ -13656,6 +13732,11 @@ Init_GC(void) @@ -13694,6 +13770,11 @@ Init_GC(void)
rb_define_singleton_method(rb_mGC, "malloc_allocated_size", gc_malloc_allocated_size, 0); rb_define_singleton_method(rb_mGC, "malloc_allocated_size", gc_malloc_allocated_size, 0);
rb_define_singleton_method(rb_mGC, "malloc_allocations", gc_malloc_allocations, 0); rb_define_singleton_method(rb_mGC, "malloc_allocations", gc_malloc_allocations, 0);
#endif #endif
@ -305,7 +305,7 @@ diff --git a/gc.c b/gc.c
index 92ed76cf96..d71924846a 100644 index 92ed76cf96..d71924846a 100644
--- a/gc.c --- a/gc.c
+++ b/gc.c +++ b/gc.c
@@ -9439,6 +9439,7 @@ gc_move(rb_objspace_t *objspace, VALUE scan, VALUE free, size_t slot_size) @@ -9442,6 +9442,7 @@ gc_move(rb_objspace_t *objspace, VALUE scan, VALUE free, size_t slot_size)
return (VALUE)src; return (VALUE)src;
} }
@ -313,7 +313,7 @@ index 92ed76cf96..d71924846a 100644
static int static int
compare_free_slots(const void *left, const void *right, void *dummy) compare_free_slots(const void *left, const void *right, void *dummy)
{ {
@@ -9486,6 +9487,7 @@ gc_sort_heap_by_empty_slots(rb_objspace_t *objspace) @@ -9489,6 +9490,7 @@ gc_sort_heap_by_empty_slots(rb_objspace_t *objspace)
free(page_list); free(page_list);
} }
} }
@ -321,7 +321,7 @@ index 92ed76cf96..d71924846a 100644
static void static void
gc_ref_update_array(rb_objspace_t * objspace, VALUE v) gc_ref_update_array(rb_objspace_t * objspace, VALUE v)
@@ -10165,6 +10167,7 @@ gc_update_references(rb_objspace_t *objspace) @@ -10195,6 +10197,7 @@ gc_update_references(rb_objspace_t *objspace)
gc_update_table_refs(objspace, finalizer_table); gc_update_table_refs(objspace, finalizer_table);
} }
@ -329,7 +329,7 @@ index 92ed76cf96..d71924846a 100644
/* /*
* call-seq: * call-seq:
* GC.latest_compact_info -> {:considered=>{:T_CLASS=>11}, :moved=>{:T_CLASS=>11}} * GC.latest_compact_info -> {:considered=>{:T_CLASS=>11}, :moved=>{:T_CLASS=>11}}
@@ -10201,7 +10204,11 @@ gc_compact_stats(VALUE self) @@ -10231,7 +10234,11 @@ gc_compact_stats(VALUE self)
return h; return h;
} }
@ -341,7 +341,7 @@ index 92ed76cf96..d71924846a 100644
static void static void
root_obj_check_moved_i(const char *category, VALUE obj, void *data) root_obj_check_moved_i(const char *category, VALUE obj, void *data)
{ {
@@ -10263,6 +10270,10 @@ heap_check_moved_i(void *vstart, void *vend, size_t stride, void *data) @@ -10293,6 +10300,10 @@ heap_check_moved_i(void *vstart, void *vend, size_t stride, void *data)
* *
* This method is implementation specific and not expected to be implemented * This method is implementation specific and not expected to be implemented
* in any implementation besides MRI. * in any implementation besides MRI.
@ -352,7 +352,7 @@ index 92ed76cf96..d71924846a 100644
*/ */
static VALUE static VALUE
gc_compact(VALUE self) gc_compact(VALUE self)
@@ -10272,7 +10283,11 @@ gc_compact(VALUE self) @@ -10302,7 +10313,11 @@ gc_compact(VALUE self)
return gc_compact_stats(self); return gc_compact_stats(self);
} }
@ -364,7 +364,7 @@ index 92ed76cf96..d71924846a 100644
/* /*
* call-seq: * call-seq:
* GC.verify_compaction_references(toward: nil, double_heap: false) -> hash * GC.verify_compaction_references(toward: nil, double_heap: false) -> hash
@@ -10341,6 +10356,9 @@ gc_verify_compaction_references(int argc, VALUE *argv, VALUE self) @@ -10371,6 +10386,9 @@ gc_verify_compaction_references(int argc, VALUE *argv, VALUE self)
return gc_compact_stats(self); return gc_compact_stats(self);
} }
@ -374,7 +374,7 @@ index 92ed76cf96..d71924846a 100644
VALUE VALUE
rb_gc_start(void) rb_gc_start(void)
@@ -10800,6 +10818,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _) @@ -10830,6 +10848,7 @@ gc_disable(rb_execution_context_t *ec, VALUE _)
return rb_gc_disable(); return rb_gc_disable();
} }
@ -382,7 +382,7 @@ index 92ed76cf96..d71924846a 100644
/* /*
* call-seq: * call-seq:
* GC.auto_compact = flag * GC.auto_compact = flag
@@ -10815,16 +10834,15 @@ gc_set_auto_compact(VALUE _, VALUE v) @@ -10845,16 +10864,15 @@ gc_set_auto_compact(VALUE _, VALUE v)
{ {
/* If not MinGW, Windows, or does not have mmap, we cannot use mprotect for /* If not MinGW, Windows, or does not have mmap, we cannot use mprotect for
* the read barrier, so we must disable automatic compaction. */ * the read barrier, so we must disable automatic compaction. */
@ -403,7 +403,7 @@ index 92ed76cf96..d71924846a 100644
/* /*
* call-seq: * call-seq:
* GC.auto_compact -> true or false * GC.auto_compact -> true or false
@@ -10836,6 +10854,9 @@ gc_get_auto_compact(VALUE _) @@ -10866,6 +10884,9 @@ gc_get_auto_compact(VALUE _)
{ {
return RBOOL(ruby_enable_autocompact); return RBOOL(ruby_enable_autocompact);
} }

View File

@ -1,256 +0,0 @@
From d3933fc753187a055a4904af82f5f3794c88c416 Mon Sep 17 00:00:00 2001
From: Sorah Fukumori <her@sorah.jp>
Date: Mon, 1 Jan 2024 20:45:54 +0900
Subject: [PATCH] [ruby/net-http] Renew test certificates
The private key is replaced with a public known test key published at
[RFC 9500].
Also lifetime has been extended to 10 years from 4 years.
[RFC 9500]: https://www.rfc-editor.org/rfc/rfc9500.html
https://github.com/ruby/net-http/commit/4ab6c4a500
---
test/net/fixtures/Makefile | 6 +--
test/net/fixtures/cacert.pem | 44 ++++++++--------
test/net/fixtures/server.crt | 99 +++++++-----------------------------
test/net/fixtures/server.key | 55 ++++++++++----------
4 files changed, 71 insertions(+), 133 deletions(-)
diff --git a/test/net/fixtures/Makefile b/test/net/fixtures/Makefile
index b2bc9c7368ee2..88c232e3b6c16 100644
--- a/test/net/fixtures/Makefile
+++ b/test/net/fixtures/Makefile
@@ -5,11 +5,11 @@ regen_certs:
make server.crt
cacert.pem: server.key
- openssl req -new -x509 -days 1825 -key server.key -out cacert.pem -text -subj "/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org"
+ openssl req -new -x509 -days 3650 -key server.key -out cacert.pem -subj "/C=JP/ST=Shimane/L=Matz-e city/O=Ruby Core Team/CN=Ruby Test CA/emailAddress=security@ruby-lang.org"
server.csr:
- openssl req -new -key server.key -out server.csr -text -subj "/C=JP/ST=Shimane/O=Ruby Core Team/OU=Ruby Test/CN=localhost"
+ openssl req -new -key server.key -out server.csr -subj "/C=JP/ST=Shimane/O=Ruby Core Team/OU=Ruby Test/CN=localhost"
server.crt: server.csr cacert.pem
- openssl x509 -days 1825 -CA cacert.pem -CAkey server.key -set_serial 00 -in server.csr -req -text -out server.crt
+ openssl x509 -days 3650 -CA cacert.pem -CAkey server.key -set_serial 00 -in server.csr -req -out server.crt
rm server.csr
diff --git a/test/net/fixtures/cacert.pem b/test/net/fixtures/cacert.pem
index f623bd62ed375..24c83f1c65225 100644
--- a/test/net/fixtures/cacert.pem
+++ b/test/net/fixtures/cacert.pem
@@ -1,24 +1,24 @@
-----BEGIN CERTIFICATE-----
-MIID7TCCAtWgAwIBAgIJAIltvxrFAuSnMA0GCSqGSIb3DQEBCwUAMIGMMQswCQYD
-VQQGEwJKUDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkx
-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0Ex
-JTAjBgkqhkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwHhcNMTkwMTAy
-MDI1ODI4WhcNMjQwMTAxMDI1ODI4WjCBjDELMAkGA1UEBhMCSlAxEDAOBgNVBAgM
-B1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQKDA5SdWJ5IENv
-cmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZIhvcNAQkBFhZz
-ZWN1cml0eUBydWJ5LWxhbmcub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
-CgKCAQEAznlbjRVhz1NlutHVrhcGnK8W0qug2ujKXv1njSC4U6nJF6py7I9EeehV
-SaKePyv+I9z3K1LnfUHOtUbdwdKC77yN66A6q2aqzu5q09/NSykcZGOIF0GuItYI
-3nvW3IqBddff2ffsyR+9pBjfb5AIPP08WowF9q4s1eGULwZc4w2B8PFhtxYANd7d
-BvGLXFlcufv9tDtzyRi4t7eqxCRJkZQIZNZ6DHHIJrNxejOILfHLarI12yk8VK6L
-2LG4WgGqyeePiRyd1o1MbuiAFYqAwpXNUbRKg5NaZGwBHZk8UZ+uFKt1QMBURO5R
-WFy1c349jbWszTqFyL4Lnbg9HhAowQIDAQABo1AwTjAdBgNVHQ4EFgQU9tEiKdU9
-I9derQyc5nWPnc34nVMwHwYDVR0jBBgwFoAU9tEiKdU9I9derQyc5nWPnc34nVMw
-DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAxj7F/u3C3fgq24N7hGRA
-of7ClFQxGmo/IGT0AISzW3HiVYiFaikKhbO1NwD9aBpD8Zwe62sCqMh8jGV/b0+q
-aOORnWYNy2R6r9FkASAglmdF6xn3bhgGD5ls4pCvcG9FynGnGc24g6MrjFNrBYUS
-2iIZsg36i0IJswo/Dy6HLphCms2BMCD3DeWtfjePUiTmQHJo6HsQIKP/u4N4Fvee
-uMBInei2M4VU74fLXbmKl1F9AEX7JDP3BKSZG19Ch5pnUo4uXM1uNTGsi07P4Y0s
-K44+SKBC0bYEFbDK0eQWMrX3kIhkPxyIWhxdq9/NqPYjShuSEAhA6CSpmRg0pqc+
-mA==
+MIID+zCCAuOgAwIBAgIUGMvHl3EhtKPKcgc3NQSAYfFuC+8wDQYJKoZIhvcNAQEL
+BQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRQwEgYDVQQHDAtN
+YXR6LWUgY2l0eTEXMBUGA1UECgwOUnVieSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1
+YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJARYWc2VjdXJpdHlAcnVieS1sYW5nLm9y
+ZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEyMjkxMTQ3MjNaMIGMMQswCQYDVQQGEwJK
+UDEQMA4GA1UECAwHU2hpbWFuZTEUMBIGA1UEBwwLTWF0ei1lIGNpdHkxFzAVBgNV
+BAoMDlJ1YnkgQ29yZSBUZWFtMRUwEwYDVQQDDAxSdWJ5IFRlc3QgQ0ExJTAjBgkq
+hkiG9w0BCQEWFnNlY3VyaXR5QHJ1YnktbGFuZy5vcmcwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCw+egZQ6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI
++1GSqyi1bFBgsRjM0THllIdMbKmJtWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0f
+qXmG8UTz0VTWdlAXXmhUs6lSADvAaIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0
+yg+801SXzoFTTa+UGIRLE66jH51aa5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIe
+NWMF32wHqIOOPvQcWV3M5D2vxJEj702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1
+JNPc/n3dVUm+fM6NoDXPoLP7j55G9zKyqGtGAWXAj1MTAgMBAAGjUzBRMB0GA1Ud
+DgQWBBSJGVleDvFp9cu9R+E0/OKYzGkwkTAfBgNVHSMEGDAWgBSJGVleDvFp9cu9
+R+E0/OKYzGkwkTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBl
+8GLB8skAWlkSw/FwbUmEV3zyqu+p7PNP5YIYoZs0D74e7yVulGQ6PKMZH5hrZmHo
+orFSQU+VUUirG8nDGj7Rzce8WeWBxsaDGC8CE2dq6nC6LuUwtbdMnBrH0LRWAz48
+jGFF3jHtVz8VsGfoZTZCjukWqNXvU6hETT9GsfU+PZqbqcTVRPH52+XgYayKdIbD
+r97RM4X3+aXBHcUW0b76eyyi65RR/Xtvn8ioZt2AdX7T2tZzJyXJN3Hupp77s6Ui
+AZR35SToHCZeTZD12YBvLBdaTPLZN7O/Q/aAO9ZiJaZ7SbFOjz813B2hxXab4Fob
+2uJX6eMWTVxYK5D4M9lm
-----END CERTIFICATE-----
diff --git a/test/net/fixtures/server.crt b/test/net/fixtures/server.crt
index 5ca78a6d146a0..5d2923795dabc 100644
--- a/test/net/fixtures/server.crt
+++ b/test/net/fixtures/server.crt
@@ -1,82 +1,21 @@
-Certificate:
- Data:
- Version: 3 (0x2)
- Serial Number: 2 (0x2)
- Signature Algorithm: sha256WithRSAEncryption
- Issuer: C=JP, ST=Shimane, L=Matz-e city, O=Ruby Core Team, CN=Ruby Test CA/emailAddress=security@ruby-lang.org
- Validity
- Not Before: Jan 2 03:27:13 2019 GMT
- Not After : Jan 1 03:27:13 2024 GMT
- Subject: C=JP, ST=Shimane, O=Ruby Core Team, OU=Ruby Test, CN=localhost
- Subject Public Key Info:
- Public Key Algorithm: rsaEncryption
- Public-Key: (2048 bit)
- Modulus:
- 00:e8:da:9c:01:2e:2b:10:ec:49:cd:5e:07:13:07:
- 9c:70:9e:c6:74:bc:13:c2:e1:6f:c6:82:fd:e3:48:
- e0:2c:a5:68:c7:9e:42:de:60:54:65:e6:6a:14:57:
- 7a:30:d0:cc:b5:b6:d9:c3:d2:df:c9:25:97:54:67:
- cf:f6:be:5e:cb:8b:ee:03:c5:e1:e2:f9:e7:f7:d1:
- 0c:47:f0:b8:da:33:5a:ad:41:ad:e7:b5:a2:7b:b7:
- bf:30:da:60:f8:e3:54:a2:bc:3a:fd:1b:74:d9:dc:
- 74:42:e9:29:be:df:ac:b4:4f:eb:32:f4:06:f1:e1:
- 8c:4b:a8:8b:fb:29:e7:b1:bf:1d:01:ee:73:0f:f9:
- 40:dc:d5:15:79:d9:c6:73:d0:c0:dd:cb:e4:da:19:
- 47:80:c6:14:04:72:fd:9a:7c:8f:11:82:76:49:04:
- 79:cc:f2:5c:31:22:95:13:3e:5d:40:a6:4d:e0:a3:
- 02:26:7d:52:3b:bb:ed:65:a1:0f:ed:6b:b0:3c:d4:
- de:61:15:5e:d3:dd:68:09:9f:4a:57:a5:c2:a9:6d:
- 86:92:c5:f4:a4:d4:b7:13:3b:52:63:24:05:e2:cc:
- e3:8a:3c:d4:35:34:2b:10:bb:58:72:e7:e1:8d:1d:
- 74:8c:61:16:20:3d:d0:1c:4e:8f:6e:fd:fe:64:10:
- 4f:41
- Exponent: 65537 (0x10001)
- X509v3 extensions:
- X509v3 Basic Constraints:
- CA:FALSE
- Netscape Comment:
- OpenSSL Generated Certificate
- X509v3 Subject Key Identifier:
- ED:28:C2:7E:AB:4B:C8:E8:FE:55:6D:66:95:31:1C:2D:60:F9:02:36
- X509v3 Authority Key Identifier:
- keyid:F6:D1:22:29:D5:3D:23:D7:5E:AD:0C:9C:E6:75:8F:9D:CD:F8:9D:53
-
- Signature Algorithm: sha256WithRSAEncryption
- 1d:b8:c5:8b:72:41:20:65:ad:27:6f:15:63:06:26:12:8d:9c:
- ad:ca:f4:db:97:b4:90:cb:ff:35:94:bb:2a:a7:a1:ab:1e:35:
- 2d:a5:3f:c9:24:b0:1a:58:89:75:3e:81:0a:2c:4f:98:f9:51:
- fb:c0:a3:09:d0:0a:9b:e7:a2:b7:c3:60:40:c8:f4:6d:b2:6a:
- 56:12:17:4c:00:24:31:df:9c:60:ae:b1:68:54:a9:e6:b5:4a:
- 04:e6:92:05:86:d9:5a:dc:96:30:a5:58:de:14:99:0f:e5:15:
- 89:3e:9b:eb:80:e3:bd:83:c3:ea:33:35:4b:3e:2f:d3:0d:64:
- 93:67:7f:8d:f5:3f:0c:27:bc:37:5a:cc:d6:47:16:af:5a:62:
- d2:da:51:f8:74:06:6b:24:ad:28:68:08:98:37:7d:ed:0e:ab:
- 1e:82:61:05:d0:ba:75:a0:ab:21:b0:9a:fd:2b:54:86:1d:0d:
- 1f:c2:d4:77:1f:72:26:5e:ad:8a:9f:09:36:6d:44:be:74:c2:
- 5a:3e:ff:5c:9d:75:d6:38:7b:c5:39:f9:44:6e:a1:d1:8e:ff:
- 63:db:c4:bb:c6:91:92:ca:5c:60:9b:1d:eb:0a:de:08:ee:bf:
- da:76:03:65:62:29:8b:f8:7f:c7:86:73:1e:f6:1f:2d:89:69:
- fd:be:bd:6e
-----BEGIN CERTIFICATE-----
-MIID4zCCAsugAwIBAgIBAjANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSlAx
-EDAOBgNVBAgMB1NoaW1hbmUxFDASBgNVBAcMC01hdHotZSBjaXR5MRcwFQYDVQQK
-DA5SdWJ5IENvcmUgVGVhbTEVMBMGA1UEAwwMUnVieSBUZXN0IENBMSUwIwYJKoZI
-hvcNAQkBFhZzZWN1cml0eUBydWJ5LWxhbmcub3JnMB4XDTE5MDEwMjAzMjcxM1oX
-DTI0MDEwMTAzMjcxM1owYDELMAkGA1UEBhMCSlAxEDAOBgNVBAgMB1NoaW1hbmUx
-FzAVBgNVBAoMDlJ1YnkgQ29yZSBUZWFtMRIwEAYDVQQLDAlSdWJ5IFRlc3QxEjAQ
-BgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
-AOjanAEuKxDsSc1eBxMHnHCexnS8E8Lhb8aC/eNI4CylaMeeQt5gVGXmahRXejDQ
-zLW22cPS38kll1Rnz/a+XsuL7gPF4eL55/fRDEfwuNozWq1Bree1onu3vzDaYPjj
-VKK8Ov0bdNncdELpKb7frLRP6zL0BvHhjEuoi/sp57G/HQHucw/5QNzVFXnZxnPQ
-wN3L5NoZR4DGFARy/Zp8jxGCdkkEeczyXDEilRM+XUCmTeCjAiZ9Uju77WWhD+1r
-sDzU3mEVXtPdaAmfSlelwqlthpLF9KTUtxM7UmMkBeLM44o81DU0KxC7WHLn4Y0d
-dIxhFiA90BxOj279/mQQT0ECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhC
-AQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFO0o
-wn6rS8jo/lVtZpUxHC1g+QI2MB8GA1UdIwQYMBaAFPbRIinVPSPXXq0MnOZ1j53N
-+J1TMA0GCSqGSIb3DQEBCwUAA4IBAQAduMWLckEgZa0nbxVjBiYSjZytyvTbl7SQ
-y/81lLsqp6GrHjUtpT/JJLAaWIl1PoEKLE+Y+VH7wKMJ0Aqb56K3w2BAyPRtsmpW
-EhdMACQx35xgrrFoVKnmtUoE5pIFhtla3JYwpVjeFJkP5RWJPpvrgOO9g8PqMzVL
-Pi/TDWSTZ3+N9T8MJ7w3WszWRxavWmLS2lH4dAZrJK0oaAiYN33tDqsegmEF0Lp1
-oKshsJr9K1SGHQ0fwtR3H3ImXq2Knwk2bUS+dMJaPv9cnXXWOHvFOflEbqHRjv9j
-28S7xpGSylxgmx3rCt4I7r/adgNlYimL+H/HhnMe9h8tiWn9vr1u
+MIIDYTCCAkkCAQAwDQYJKoZIhvcNAQELBQAwgYwxCzAJBgNVBAYTAkpQMRAwDgYD
+VQQIDAdTaGltYW5lMRQwEgYDVQQHDAtNYXR6LWUgY2l0eTEXMBUGA1UECgwOUnVi
+eSBDb3JlIFRlYW0xFTATBgNVBAMMDFJ1YnkgVGVzdCBDQTElMCMGCSqGSIb3DQEJ
+ARYWc2VjdXJpdHlAcnVieS1sYW5nLm9yZzAeFw0yNDAxMDExMTQ3MjNaFw0zMzEy
+MjkxMTQ3MjNaMGAxCzAJBgNVBAYTAkpQMRAwDgYDVQQIDAdTaGltYW5lMRcwFQYD
+VQQKDA5SdWJ5IENvcmUgVGVhbTESMBAGA1UECwwJUnVieSBUZXN0MRIwEAYDVQQD
+DAlsb2NhbGhvc3QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCw+egZ
+Q6eumJKq3hfKfED4dE/tL4FI5sjqont9ABVI+1GSqyi1bFBgsRjM0THllIdMbKmJ
+tWwnKW8J+5OgNN8y6Xxv8JmM/Y5vQt2lis0fqXmG8UTz0VTWdlAXXmhUs6lSADvA
+aIe4RVrCsZ97L3ZQTryY7JRVcbB4khUN3Gp0yg+801SXzoFTTa+UGIRLE66jH51a
+a5VXu99hnv1OiH8tQrjdi8mH6uG/icq4XuIeNWMF32wHqIOOPvQcWV3M5D2vxJEj
+702Ku6k9OQXkAo17qRSEonWW4HtLbtmS8He1JNPc/n3dVUm+fM6NoDXPoLP7j55G
+9zKyqGtGAWXAj1MTAgMBAAEwDQYJKoZIhvcNAQELBQADggEBACtGNdj5TEtnJBYp
+M+LhBeU3oNteldfycEm993gJp6ghWZFg23oX8fVmyEeJr/3Ca9bAgDqg0t9a0npN
+oWKEY6wVKqcHgu3gSvThF5c9KhGbeDDmlTSVVNQmXWX0K2d4lS2cwZHH8mCm2mrY
+PDqlEkSc7k4qSiqigdS8i80Yk+lDXWsm8CjsiC93qaRM7DnS0WPQR0c16S95oM6G
+VklFKUSDAuFjw9aVWA/nahOucjn0w5fVW6lyIlkBslC1ChlaDgJmvhz+Ol3iMsE0
+kAmFNu2KKPVrpMWaBID49QwQTDyhetNLaVVFM88iUdA9JDoVMEuP1mm39JqyzHTu
+uBrdP4Q=
-----END CERTIFICATE-----
diff --git a/test/net/fixtures/server.key b/test/net/fixtures/server.key
index 7f2380e71e637..6a83d5bcf4a52 100644
--- a/test/net/fixtures/server.key
+++ b/test/net/fixtures/server.key
@@ -1,28 +1,27 @@
------BEGIN PRIVATE KEY-----
-MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQDo2pwBLisQ7EnN
-XgcTB5xwnsZ0vBPC4W/Ggv3jSOAspWjHnkLeYFRl5moUV3ow0My1ttnD0t/JJZdU
-Z8/2vl7Li+4DxeHi+ef30QxH8LjaM1qtQa3ntaJ7t78w2mD441SivDr9G3TZ3HRC
-6Sm+36y0T+sy9Abx4YxLqIv7Keexvx0B7nMP+UDc1RV52cZz0MDdy+TaGUeAxhQE
-cv2afI8RgnZJBHnM8lwxIpUTPl1Apk3gowImfVI7u+1loQ/ta7A81N5hFV7T3WgJ
-n0pXpcKpbYaSxfSk1LcTO1JjJAXizOOKPNQ1NCsQu1hy5+GNHXSMYRYgPdAcTo9u
-/f5kEE9BAgMBAAECggEBAOHkwhc7DLh8IhTDNSW26oMu5OP2WU1jmiYAigDmf+OQ
-DBgrZj+JQBci8qINQxL8XLukSZn5hvQCLc7Kbyu1/wyEEUFDxSGGwwzclodr9kho
-LX2LDASPZrOSzD2+fPi2wTKmXKuS6Uc44OjQfZkYMNkz9r4Vkm8xGgOD3VipjIYX
-QXlhhdqkXZcNABsihCV52GKkDFSVm8jv95YJc5xhoYCy/3a4/qPdF0aT2R7oYUej
-hKrxVDskyooe8Zg/JTydZNV5GQEDmW01/K3r6XGT26oPi1AqMU1gtv/jkW56CRQQ
-1got8smnqM+AV7Slf9R6DauIPdQJ2S8wsr/o8ISBsOECgYEA9YrqEP2gAYSGFXRt
-liw0WI2Ant8BqXS6yvq1jLo/qWhLw/ph4Di73OQ2mpycVTpgfGr2wFPQR1XJ+0Fd
-U+Ir/C3Q7FK4VIGHK7B0zNvZr5tEjlFfeRezo2JMVw5YWeSagIFcSwK+KqCTH9qc
-pw/Eb8nB/4XNcpTZu7Fg0Wc+ooUCgYEA8sVaicn1Wxkpb45a4qfrA6wOr5xdJ4cC
-A5qs7vjX2OdPIQOmoQhdI7bCWFXZzF33wA4YCws6j5wRaySLIJqdms8Gl9QnODy1
-ZlA5gwKToBC/jqPmWAXSKb8EH7cHilaxU9OKnQ7CfwlGLHqjMtjrhR7KHlt3CVRs
-oRmvsjZVXI0CgYAmPedslAO6mMhFSSfULrhMXmV82OCqYrrA6EEkVNGbcdnzAOkD
-gfKIWabDd8bFY10po4Mguy0CHzNhBXIioWQWV5BlbhC1YKMLw+S9DzSdLAKGY9gJ
-xQ4+UQ3wtRQ/k+IYR413RUsW2oFvgZ3KSyNeAb9MK6uuv84VdG/OzVSs/QKBgQDn
-kap//l2EbObiWyaERunckdVcW0lcN+KK75J/TGwPoOwQsLvTpPe65kxRGGrtDsEQ
-uCDk/+v3KkZPLgdrrTAih9FhJ+PVN8tMcb+6IM4SA4fFFr/UPJEwct0LJ3oQ0grJ
-y+HPWFHb/Uurh7t99/4H98uR02sjQh1wOeEmm78mzQKBgQDm+LzGH0se6CXQ6cdZ
-g1JRZeXkDEsrW3hfAsW62xJQmXcWxBoblP9OamMY+A06rM5og3JbDk5Zm6JsOaA8
-wS2gw4ilp46jors4eQey8ux7kB9LzdBoDBBElnsbjLO8oBNZlVcYXg+6BOl/CUi7
-2whRF0FEjKA8ehrNhAq+VFfFNw==
------END PRIVATE KEY-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIEowIBAAKCAQEAsPnoGUOnrpiSqt4XynxA+HRP7S+BSObI6qJ7fQAVSPtRkqso
+tWxQYLEYzNEx5ZSHTGypibVsJylvCfuToDTfMul8b/CZjP2Ob0LdpYrNH6l5hvFE
+89FU1nZQF15oVLOpUgA7wGiHuEVawrGfey92UE68mOyUVXGweJIVDdxqdMoPvNNU
+l86BU02vlBiESxOuox+dWmuVV7vfYZ79Toh/LUK43YvJh+rhv4nKuF7iHjVjBd9s
+B6iDjj70HFldzOQ9r8SRI+9NirupPTkF5AKNe6kUhKJ1luB7S27ZkvB3tSTT3P59
+3VVJvnzOjaA1z6Cz+4+eRvcysqhrRgFlwI9TEwIDAQABAoIBAEEYiyDP29vCzx/+
+dS3LqnI5BjUuJhXUnc6AWX/PCgVAO+8A+gZRgvct7PtZb0sM6P9ZcLrweomlGezI
+FrL0/6xQaa8bBr/ve/a8155OgcjFo6fZEw3Dz7ra5fbSiPmu4/b/kvrg+Br1l77J
+aun6uUAs1f5B9wW+vbR7tzbT/mxaUeDiBzKpe15GwcvbJtdIVMa2YErtRjc1/5B2
+BGVXyvlJv0SIlcIEMsHgnAFOp1ZgQ08aDzvilLq8XVMOahAhP1O2A3X8hKdXPyrx
+IVWE9bS9ptTo+eF6eNl+d7htpKGEZHUxinoQpWEBTv+iOoHsVunkEJ3vjLP3lyI/
+fY0NQ1ECgYEA3RBXAjgvIys2gfU3keImF8e/TprLge1I2vbWmV2j6rZCg5r/AS0u
+pii5CvJ5/T5vfJPNgPBy8B/yRDs+6PJO1GmnlhOkG9JAIPkv0RBZvR0PMBtbp6nT
+Y3yo1lwamBVBfY6rc0sLTzosZh2aGoLzrHNMQFMGaauORzBFpY5lU50CgYEAzPHl
+u5DI6Xgep1vr8QvCUuEesCOgJg8Yh1UqVoY/SmQh6MYAv1I9bLGwrb3WW/7kqIoD
+fj0aQV5buVZI2loMomtU9KY5SFIsPV+JuUpy7/+VE01ZQM5FdY8wiYCQiVZYju9X
+Wz5LxMNoz+gT7pwlLCsC4N+R8aoBk404aF1gum8CgYAJ7VTq7Zj4TFV7Soa/T1eE
+k9y8a+kdoYk3BASpCHJ29M5R2KEA7YV9wrBklHTz8VzSTFTbKHEQ5W5csAhoL5Fo
+qoHzFFi3Qx7MHESQb9qHyolHEMNx6QdsHUn7rlEnaTTyrXh3ifQtD6C0yTmFXUIS
+CW9wKApOrnyKJ9nI0HcuZQKBgQCMtoV6e9VGX4AEfpuHvAAnMYQFgeBiYTkBKltQ
+XwozhH63uMMomUmtSG87Sz1TmrXadjAhy8gsG6I0pWaN7QgBuFnzQ/HOkwTm+qKw
+AsrZt4zeXNwsH7QXHEJCFnCmqw9QzEoZTrNtHJHpNboBuVnYcoueZEJrP8OnUG3r
+UjmopwKBgAqB2KYYMUqAOvYcBnEfLDmyZv9BTVNHbR2lKkMYqv5LlvDaBxVfilE0
+2riO4p6BaAdvzXjKeRrGNEKoHNBpOSfYCOM16NjL8hIZB1CaV3WbT5oY+jp7Mzd5
+7d56RZOE+ERK2uz/7JX9VSsM/LbH9pJibd4e8mikDS9ntciqOH/3
+-----END RSA PRIVATE KEY-----

View File

@ -0,0 +1,128 @@
From beb0358d90ad77e59cf5d13cc2469de94fe06331 Mon Sep 17 00:00:00 2001
From: Sutou Kouhei <kou@clear-code.com>
Date: Thu, 15 Sep 2022 07:08:20 +0900
Subject: [PATCH] merge revision(s) a4ad6bd9aac564e93219284c912b26a72f9e82fc:
[ruby/fiddle] closure: free resources when an exception is raised in
Closure.new
GitHub: GH-102
https://github.com/ruby/fiddle/commit/81a8a56239
---
ext/fiddle/closure.c | 56 ++++++++++++++++++++++++++++++++++++++++------------
1 file changed, 43 insertions(+), 13 deletions(-)
---
ext/fiddle/closure.c | 56 ++++++++++++++++++++++++++++++++++----------
1 file changed, 43 insertions(+), 13 deletions(-)
diff --git a/ext/fiddle/closure.c b/ext/fiddle/closure.c
index 27f448a24f..c08ec5940d 100644
--- a/ext/fiddle/closure.c
+++ b/ext/fiddle/closure.c
@@ -224,9 +224,16 @@ allocate(VALUE klass)
return i;
}
+typedef struct {
+ VALUE self;
+ int argc;
+ VALUE *argv;
+} initialize_data;
+
static VALUE
-initialize(int rbargc, VALUE argv[], VALUE self)
+initialize_body(VALUE user_data)
{
+ initialize_data *data = (initialize_data *)user_data;
VALUE ret;
VALUE args;
VALUE normalized_args;
@@ -237,14 +244,14 @@ initialize(int rbargc, VALUE argv[], VALUE self)
ffi_status result;
int i, argc;
- if (2 == rb_scan_args(rbargc, argv, "21", &ret, &args, &abi))
- abi = INT2NUM(FFI_DEFAULT_ABI);
+ if (2 == rb_scan_args(data->argc, data->argv, "21", &ret, &args, &abi))
+ abi = INT2NUM(FFI_DEFAULT_ABI);
Check_Type(args, T_ARRAY);
argc = RARRAY_LENINT(args);
- TypedData_Get_Struct(self, fiddle_closure, &closure_data_type, cl);
+ TypedData_Get_Struct(data->self, fiddle_closure, &closure_data_type, cl);
cl->argv = (ffi_type **)xcalloc(argc + 1, sizeof(ffi_type *));
@@ -257,8 +264,8 @@ initialize(int rbargc, VALUE argv[], VALUE self)
cl->argv[argc] = NULL;
ret = rb_fiddle_type_ensure(ret);
- rb_iv_set(self, "@ctype", ret);
- rb_iv_set(self, "@args", normalized_args);
+ rb_iv_set(data->self, "@ctype", ret);
+ rb_iv_set(data->self, "@args", normalized_args);
cif = &cl->cif;
pcl = cl->pcl;
@@ -269,25 +276,48 @@ initialize(int rbargc, VALUE argv[], VALUE self)
rb_fiddle_int_to_ffi_type(NUM2INT(ret)),
cl->argv);
- if (FFI_OK != result)
- rb_raise(rb_eRuntimeError, "error prepping CIF %d", result);
+ if (FFI_OK != result) {
+ rb_raise(rb_eRuntimeError, "error prepping CIF %d", result);
+ }
#if USE_FFI_CLOSURE_ALLOC
result = ffi_prep_closure_loc(pcl, cif, callback,
- (void *)self, cl->code);
+ (void *)(data->self), cl->code);
#else
result = ffi_prep_closure(pcl, cif, callback, (void *)(data->self));
cl->code = (void *)pcl;
i = mprotect(pcl, sizeof(*pcl), PROT_READ | PROT_EXEC);
if (i) {
- rb_sys_fail("mprotect");
+ rb_sys_fail("mprotect");
}
#endif
- if (FFI_OK != result)
- rb_raise(rb_eRuntimeError, "error prepping closure %d", result);
+ if (FFI_OK != result) {
+ rb_raise(rb_eRuntimeError, "error prepping closure %d", result);
+ }
+
+ return data->self;
+}
- return self;
+static VALUE
+initialize_rescue(VALUE user_data, VALUE exception)
+{
+ initialize_data *data = (initialize_data *)user_data;
+ dealloc(RTYPEDDATA_DATA(data->self));
+ RTYPEDDATA_DATA(data->self) = NULL;
+ rb_exc_raise(exception);
+ return data->self;
+}
+
+static VALUE
+initialize(int argc, VALUE *argv, VALUE self)
+{
+ initialize_data data;
+ data.self = self;
+ data.argc = argc;
+ data.argv = argv;
+ return rb_rescue(initialize_body, (VALUE)&data,
+ initialize_rescue, (VALUE)&data);
}
static VALUE
--
2.44.0

View File

@ -1,6 +1,6 @@
%global major_version 3 %global major_version 3
%global minor_version 1 %global minor_version 1
%global teeny_version 4 %global teeny_version 5
%global major_minor_version %{major_version}.%{minor_version} %global major_minor_version %{major_version}.%{minor_version}
%global ruby_version %{major_minor_version}.%{teeny_version} %global ruby_version %{major_minor_version}.%{teeny_version}
@ -22,7 +22,7 @@
%endif %endif
%global release 142 %global release 143
%{!?release_string:%define release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}} %{!?release_string:%define release_string %{?development_release:0.}%{release}%{?development_release:.%{development_release}}%{?dist}}
# The RubyGems library has to stay out of Ruby directory tree, since the # The RubyGems library has to stay out of Ruby directory tree, since the
@ -30,13 +30,13 @@
%global rubygems_dir %{_datadir}/rubygems %global rubygems_dir %{_datadir}/rubygems
# Bundled libraries versions # Bundled libraries versions
%global rubygems_version 3.3.26 %global rubygems_version 3.3.27
%global rubygems_molinillo_version 0.7.0 %global rubygems_molinillo_version 0.7.0
%global rubygems_optparse_version 0.2.0 %global rubygems_optparse_version 0.2.0
%global rubygems_tsort_version 0.1.0 %global rubygems_tsort_version 0.1.0
# Default gems. # Default gems.
%global bundler_version 2.3.26 %global bundler_version 2.3.27
%global bundler_connection_pool_version 2.3.0 %global bundler_connection_pool_version 2.3.0
%global bundler_fileutils_version 1.4.1 %global bundler_fileutils_version 1.4.1
%global bundler_molinillo_version 0.8.0 %global bundler_molinillo_version 0.8.0
@ -45,7 +45,7 @@
%global bundler_tmpdir_version 0.1.0 %global bundler_tmpdir_version 0.1.0
# TODO: Check the version if/when available in library. # TODO: Check the version if/when available in library.
%global bundler_tsort_version 0.1.1 %global bundler_tsort_version 0.1.1
%global bundler_uri_version 0.10.3 %global bundler_uri_version 0.10.1
%global bigdecimal_version 3.1.1 %global bigdecimal_version 3.1.1
%global did_you_mean_version 1.6.1 %global did_you_mean_version 1.6.1
@ -56,8 +56,8 @@
%global openssl_version 3.0.1 %global openssl_version 3.0.1
%global psych_version 4.0.4 %global psych_version 4.0.4
%global racc_version 1.6.0 %global racc_version 1.6.0
%global rdoc_version 6.4.0 %global rdoc_version 6.4.1.1
%global stringio_version 3.0.1 %global stringio_version 3.0.1.2
# Bundled gems. # Bundled gems.
%global minitest_version 5.15.0 %global minitest_version 5.15.0
@ -66,10 +66,10 @@
%global test_unit_version 3.5.3 %global test_unit_version 3.5.3
%global rexml_version 3.2.5 %global rexml_version 3.2.5
%global rss_version 0.2.9 %global rss_version 0.2.9
%global net_ftp_version 0.1.3 %global net_ftp_version 0.1.4
%global net_imap_version 0.2.3 %global net_imap_version 0.2.4
%global net_pop_version 0.1.1 %global net_pop_version 0.1.1
%global net_smtp_version 0.3.1 %global net_smtp_version 0.3.1.1
%global matrix_version 0.4.2 %global matrix_version 0.4.2
%global prime_version 0.1.2 %global prime_version 0.1.2
%global rbs_version 2.7.0 %global rbs_version 2.7.0
@ -165,15 +165,15 @@ Patch19: ruby-2.7.1-Timeout-the-test_bug_reporter_add-witout-raising-err.patch
# https://github.com/ruby/ruby/pull/5934 # https://github.com/ruby/ruby/pull/5934
Patch22: ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch Patch22: ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch
# To regenerate the patch you need to have ruby, autoconf, xz, tar and make installed: # To regenerate the patch you need to have ruby, autoconf, xz, tar and make installed:
# tar -Jxvf ./ruby-3.1.4.tar.xz # tar -Jxvf ./ruby-3.1.5.tar.xz
# git clone https://github.com/ruby/ruby.git # git clone https://github.com/ruby/ruby.git
# cd ruby && git checkout v3_1_4 # cd ruby && git checkout v3_1_5
# patch -p1 < ../ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch # patch -p1 < ../ruby-3.2.0-define-unsupported-gc-compaction-methods-as-rb_f_notimplement.patch
# ./autogen.sh && ./configure # ./autogen.sh && ./configure
# make gc.rbinc miniprelude.c # make gc.rbinc miniprelude.c
# cd .. # cd ..
# diff -u {ruby-3.1.4,ruby}/gc.rbinc > ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch # diff -u {ruby-3.1.5,ruby}/gc.rbinc > ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch
# diff -u {ruby-3.1.4,ruby}/miniprelude.c >> ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch # diff -u {ruby-3.1.5,ruby}/miniprelude.c >> ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch
Patch23: ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch Patch23: ruby-3.2.0-define-unsupported-gc-compaction-methods_generated-files.patch
# Define the GC compaction support macro at run time. # Define the GC compaction support macro at run time.
# https://bugs.ruby-lang.org/issues/18829 # https://bugs.ruby-lang.org/issues/18829
@ -191,30 +191,10 @@ Patch28: ruby-irb-1.4.1-set-rdoc-soft-dep.patch
# https://github.com/ruby/ruby/commit/bffadcd6d46ccfccade79ce0efb60ced8eac4483 # https://github.com/ruby/ruby/commit/bffadcd6d46ccfccade79ce0efb60ced8eac4483
# https://bugs.ruby-lang.org/issues/19529#note-7 # https://bugs.ruby-lang.org/issues/19529#note-7
Patch29: ruby-3.1.4-Skip-test_compaction_bug_19529-if-compaction-unsupported.patch Patch29: ruby-3.1.4-Skip-test_compaction_bug_19529-if-compaction-unsupported.patch
# Bundler does not correctly resolve archful gems in 2.3.26. # Fix fiddle build with libffi versions 3.1 or older.
# Example of such an issue # https://github.com/ruby/ruby/pull/10696
# https://github.com/sclorg/s2i-ruby-container/issues/469 # https://bugs.ruby-lang.org/issues/20451
# The patch is an amalgamation of the following: Patch30: ruby-fiddle-1.1.1-closure-free-resources.patch
# https://github.com/rubygems/rubygems/pull/6225
# https://github.com/rubygems/rubygems/commit/7b64c64262a7a980c0eb23b96ea56cf72ea06e89
# Backport requested in
# https://bugs.ruby-lang.org/issues/19576
Patch30: rubygem-bundler-2.3.26-Provide-fix-for-bundler-Gemfile-resolving-regression.patch
Patch31: rubygem-bundler-2.3.26-Tests-from-bundler-PR-6225.patch
# Continuation of the bundler fix for s2i-ruby-container #469 issue.
# Additionally to already described problem, when bundler is run with
# --deployment it again resolves to the incorrect gem from Rubygems repository.
# Fix and test from:
# https://github.com/rubygems/rubygems/pull/6261
# https://bugs.ruby-lang.org/issues/19576#note-4
Patch32: rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back.patch
Patch33: rubygem-bundler-2.3.26-Backport-Fix-another-issue-of-Bundler-not-falling-back-test.patch
# Renew expired test certificates.
# https://github.com/ruby/net-http/pull/169
Patch34: ruby-3.4.0-ruby-net-http-Renew-test-certificates.patch
# Update URI to 0.12.2 and Bundler::URI to 0.10.3 to mitigate CVE-2023-36617.
# https://github.com/ruby/ruby/pull/7996
Patch35: ruby-3.1.5-CVE-2023-36617-for-Ruby-3.1.patch
Requires: %{name}-libs%{?_isa} = %{version}-%{release} Requires: %{name}-libs%{?_isa} = %{version}-%{release}
Suggests: rubypick Suggests: rubypick
@ -677,15 +657,7 @@ rm -rf ext/fiddle/libffi*
%patch27 -p1 %patch27 -p1
%patch28 -p1 %patch28 -p1
%patch29 -p1 %patch29 -p1
%patch30 -p2 %patch30 -p1
%patch32 -p2
%patch34 -p1
%patch35 -p1
pushd spec/bundler
%patch31 -p3
%patch33 -p3
popd
# Provide an example of usage of the tapset: # Provide an example of usage of the tapset:
cp -a %{SOURCE3} . cp -a %{SOURCE3} .
@ -1296,7 +1268,7 @@ DISABLE_TESTS="$DISABLE_TESTS -n !/TestBundledCA/"
%{gem_dir}/specifications/default/ipaddr-1.2.4.gemspec %{gem_dir}/specifications/default/ipaddr-1.2.4.gemspec
%{gem_dir}/specifications/default/logger-1.5.0.gemspec %{gem_dir}/specifications/default/logger-1.5.0.gemspec
%{gem_dir}/specifications/default/mutex_m-0.1.1.gemspec %{gem_dir}/specifications/default/mutex_m-0.1.1.gemspec
%{gem_dir}/specifications/default/net-http-0.3.0.gemspec %{gem_dir}/specifications/default/net-http-0.3.0.1.gemspec
%{gem_dir}/specifications/default/net-protocol-0.1.2.gemspec %{gem_dir}/specifications/default/net-protocol-0.1.2.gemspec
%{gem_dir}/specifications/default/nkf-0.1.1.gemspec %{gem_dir}/specifications/default/nkf-0.1.1.gemspec
%{gem_dir}/specifications/default/observer-0.1.1.gemspec %{gem_dir}/specifications/default/observer-0.1.1.gemspec
@ -1570,6 +1542,16 @@ DISABLE_TESTS="$DISABLE_TESTS -n !/TestBundledCA/"
%changelog %changelog
* Tue May 07 2024 Jun Aruga <jaruga@redhat.com> - 3.1.5-143
- Upgrade to Ruby 3.1.5.
Resolves: RHEL-35748
- Fix buffer overread vulnerability in StringIO.
Resolves: RHEL-35749
- Fix RCE vulnerability with .rdoc_options in RDoc.
Resolves: RHEL-35750
- Fix arbitrary memory address read vulnerability with Regex search.
Resolves: RHEL-35751
* Fri Mar 01 2024 Jarek Prokop <jprokop@redhat.com> - 3.1.4-142 * Fri Mar 01 2024 Jarek Prokop <jprokop@redhat.com> - 3.1.4-142
- Upgrade to Ruby 3.1.4. - Upgrade to Ruby 3.1.4.
Resolves: RHEL-5584 Resolves: RHEL-5584

View File

@ -1,72 +0,0 @@
diff --git a/bundler/spec/install/gemfile/specific_platform_spec.rb b/bundler/spec/install/gemfile/specific_platform_spec.rb
index a29446305..e35d8bc16 100644
--- a/bundler/spec/install/gemfile/specific_platform_spec.rb
+++ b/bundler/spec/install/gemfile/specific_platform_spec.rb
@@ -104,40 +104,53 @@
L
end
- it "still installs the generic RUBY variant if necessary even when running on a legacy lockfile locked only to RUBY" do
- build_repo4 do
- build_gem "nokogiri", "1.3.10"
- build_gem "nokogiri", "1.3.10" do |s|
- s.platform = "arm64-darwin"
- s.required_ruby_version = "< #{Gem.ruby_version}"
+ context "when running on a legacy lockfile locked only to RUBY" do
+ around do |example|
+ build_repo4 do
+ build_gem "nokogiri", "1.3.10"
+ build_gem "nokogiri", "1.3.10" do |s|
+ s.platform = "arm64-darwin"
+ s.required_ruby_version = "< #{Gem.ruby_version}"
+ end
+
+ build_gem "bundler", "2.1.4"
end
- build_gem "bundler", "2.1.4"
- end
-
- gemfile <<~G
+ gemfile <<~G
source "#{file_uri_for(gem_repo4)}"
+
gem "nokogiri"
- G
+ G
- lockfile <<-L
+ lockfile <<-L
GEM
remote: #{file_uri_for(gem_repo4)}/
specs:
nokogiri (1.3.10)
+
PLATFORMS
ruby
+
DEPENDENCIES
nokogiri
+
RUBY VERSION
2.5.3p105
+
BUNDLED WITH
2.1.4
- L
+ L
- simulate_platform "arm64-darwin-22" do
+ simulate_platform "arm64-darwin-22", &example
+ end
+
+ it "still installs the generic RUBY variant if necessary" do
bundle "update --bundler", :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo4.to_s }
end
+
+ it "still installs the generic RUBY variant if necessary, even in frozen mode" do
+ bundle "update --bundler", :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo4.to_s, "BUNDLE_FROZEN" => "true" }
+ end
end
it "doesn't discard previously installed platform specific gem and fall back to ruby on subsequent bundles" do

View File

@ -1,54 +0,0 @@
From 891246c3865ed0af7e277ca50c079f466d035f7c Mon Sep 17 00:00:00 2001
From: Jarek Prokop <jprokop@redhat.com>
Date: Thu, 1 Jun 2023 13:22:24 +0200
Subject: [PATCH] Backport "Fix another issue of Bundler not falling back to an
installable candidate"
In this case, when materializing a legacy lockfile using only "ruby"
platform, and in frozen mode.
=====
Commit adapted from: https://github.com/rubygems/rubygems/pull/6261
---
bundler/lib/bundler/lazy_specification.rb | 11 +++--
.../install/gemfile/specific_platform_spec.rb | 41 ++++++++++++-------
2 files changed, 35 insertions(+), 17 deletions(-)
diff --git a/bundler/lib/bundler/lazy_specification.rb b/bundler/lib/bundler/lazy_specification.rb
index e8bee25ab..a65020e6c 100644
--- a/bundler/lib/bundler/lazy_specification.rb
+++ b/bundler/lib/bundler/lazy_specification.rb
@@ -85,7 +85,7 @@ def materialize_for_installation
installable_candidates = GemHelpers.select_best_platform_match(matching_specs, target_platform)
- specification = __materialize__(installable_candidates)
+ specification = __materialize__(installable_candidates, :fallback_to_non_installable => false)
return specification unless specification.nil?
if target_platform != platform
@@ -98,13 +98,18 @@ def materialize_for_installation
__materialize__(candidates)
end
- def __materialize__(candidates)
+ # If in frozen mode, we fallback to a non-installable candidate because by
+ # doing this we avoid re-resolving and potentially end up changing the
+ # lock file, which is not allowed. In that case, we will give a proper error
+ # about the mismatch higher up the stack, right before trying to install the
+ # bad gem.
+ def __materialize__(candidates, fallback_to_non_installable: Bundler.frozen_bundle?)
search = candidates.reverse.find do |spec|
spec.is_a?(StubSpecification) ||
(spec.matches_current_ruby? &&
spec.matches_current_rubygems?)
end
- if search.nil? && Bundler.frozen_bundle?
+ if search.nil? && fallback_to_non_installable
search = candidates.last
else
search.dependencies = dependencies if search && search.full_name == full_name && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification))
--
2.41.0.rc1

View File

@ -1,144 +0,0 @@
From 0985592ad2d815ac461100807f5b2621e5f49b21 Mon Sep 17 00:00:00 2001
From: Jarek Prokop <jprokop@redhat.com>
Date: Fri, 31 Mar 2023 11:54:07 +0200
Subject: [PATCH 1/2] Provide fix for bundler Gemfile resolving regression.
Instead of resolving to correct Ruby platform, it preferred the
archful package, that is actually incompatible.
See https://github.com/sclorg/s2i-ruby-container/issues/469
for an example of the bug.
Commit taken from:
<https://github.com/rubygems/rubygems/pull/6225>
and adapted:
<https://github.com/rubygems/rubygems/commit/7b64c64262a7a980c0eb23b96ea56cf72ea06e89>
for the PR#6225.
---
bundler/lib/bundler/index.rb | 5 ++
bundler/lib/bundler/lazy_specification.rb | 64 ++++++++++-------------
2 files changed, 34 insertions(+), 35 deletions(-)
diff --git a/bundler/lib/bundler/index.rb b/bundler/lib/bundler/index.rb
index ed16c90a3..903e220d5 100644
--- a/bundler/lib/bundler/index.rb
+++ b/bundler/lib/bundler/index.rb
@@ -71,6 +71,7 @@ def local_search(query)
when Gem::Specification, RemoteSpecification, LazySpecification, EndpointSpecification then search_by_spec(query)
when String then specs_by_name(query)
when Gem::Dependency then search_by_dependency(query)
+ when Array then search_by_name_and_version(*query)
else
raise "You can't search for a #{query.inspect}."
end
@@ -173,6 +174,10 @@ def search_by_dependency(dependency)
end
end
+ def search_by_name_and_version(name, version)
+ specs_by_name(name).select { |spec| spec.version == version }
+ end
+
EMPTY_SEARCH = [].freeze
def search_by_spec(spec)
diff --git a/bundler/lib/bundler/lazy_specification.rb b/bundler/lib/bundler/lazy_specification.rb
index 949e8264b..e8bee25ab 100644
--- a/bundler/lib/bundler/lazy_specification.rb
+++ b/bundler/lib/bundler/lazy_specification.rb
@@ -13,7 +13,6 @@ def initialize(name, version, platform, source = nil)
@dependencies = []
@platform = platform || Gem::Platform::RUBY
@source = source
- @specification = nil
end
def full_name
@@ -76,37 +75,41 @@ def to_lock
def materialize_for_installation
source.local!
- candidates = if source.is_a?(Source::Path) || !ruby_platform_materializes_to_ruby_platform?
- target_platform = ruby_platform_materializes_to_ruby_platform? ? platform : local_platform
+ matching_specs = source.specs.search(use_exact_resolved_specifications? ? self : [name, version])
+ return self if matching_specs.empty?
- GemHelpers.select_best_platform_match(source.specs.search(Dependency.new(name, version)), target_platform)
- else
- source.specs.search(self)
- end
+ candidates = if use_exact_resolved_specifications?
+ matching_specs
+ else
+ target_platform = ruby_platform_materializes_to_ruby_platform? ? platform : local_platform
+
+ installable_candidates = GemHelpers.select_best_platform_match(matching_specs, target_platform)
+
+ specification = __materialize__(installable_candidates)
+ return specification unless specification.nil?
- return self if candidates.empty?
+ if target_platform != platform
+ installable_candidates = GemHelpers.select_best_platform_match(matching_specs, platform)
+ end
+
+ installable_candidates
+ end
__materialize__(candidates)
end
def __materialize__(candidates)
- @specification = begin
- search = candidates.reverse.find do |spec|
- spec.is_a?(StubSpecification) ||
- (spec.matches_current_ruby? &&
- spec.matches_current_rubygems?)
- end
- if search.nil? && Bundler.frozen_bundle?
- search = candidates.last
- else
- search.dependencies = dependencies if search && search.full_name == full_name && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification))
- end
- search
+ search = candidates.reverse.find do |spec|
+ spec.is_a?(StubSpecification) ||
+ (spec.matches_current_ruby? &&
+ spec.matches_current_rubygems?)
end
- end
-
- def respond_to?(*args)
- super || @specification ? @specification.respond_to?(*args) : nil
+ if search.nil? && Bundler.frozen_bundle?
+ search = candidates.last
+ else
+ search.dependencies = dependencies if search && search.full_name == full_name && (search.is_a?(RemoteSpecification) || search.is_a?(EndpointSpecification))
+ end
+ search
end
def to_s
@@ -127,17 +130,8 @@ def git_version
end
private
-
- def to_ary
- nil
- end
-
- def method_missing(method, *args, &blk)
- raise "LazySpecification has not been materialized yet (calling :#{method} #{args.inspect})" unless @specification
-
- return super unless respond_to?(method)
-
- @specification.send(method, *args, &blk)
+ def use_exact_resolved_specifications?
+ @use_exact_resolved_specifications ||= !source.is_a?(Source::Path) && ruby_platform_materializes_to_ruby_platform?
end
#
--
2.40.0

View File

@ -1,60 +0,0 @@
From cb3d287a91e9b6762e47635137d6024fe39e117d Mon Sep 17 00:00:00 2001
From: Jarek Prokop <jprokop@redhat.com>
Date: Fri, 31 Mar 2023 12:06:21 +0200
Subject: [PATCH] Tests from bundler's PR#6225.
See <https://github.com/rubygems/rubygems/pull/6225>.
---
.../install/gemfile/specific_platform_spec.rb | 36 +++++++++++++++++++
1 file changed, 36 insertions(+)
diff --git a/bundler/spec/install/gemfile/specific_platform_spec.rb b/bundler/spec/install/gemfile/specific_platform_spec.rb
index 98efec396..a29446305 100644
--- a/bundler/spec/install/gemfile/specific_platform_spec.rb
+++ b/bundler/spec/install/gemfile/specific_platform_spec.rb
@@ -104,6 +104,42 @@
L
end
+ it "still installs the generic RUBY variant if necessary even when running on a legacy lockfile locked only to RUBY" do
+ build_repo4 do
+ build_gem "nokogiri", "1.3.10"
+ build_gem "nokogiri", "1.3.10" do |s|
+ s.platform = "arm64-darwin"
+ s.required_ruby_version = "< #{Gem.ruby_version}"
+ end
+
+ build_gem "bundler", "2.1.4"
+ end
+
+ gemfile <<~G
+ source "#{file_uri_for(gem_repo4)}"
+ gem "nokogiri"
+ G
+
+ lockfile <<-L
+ GEM
+ remote: #{file_uri_for(gem_repo4)}/
+ specs:
+ nokogiri (1.3.10)
+ PLATFORMS
+ ruby
+ DEPENDENCIES
+ nokogiri
+ RUBY VERSION
+ 2.5.3p105
+ BUNDLED WITH
+ 2.1.4
+ L
+
+ simulate_platform "arm64-darwin-22" do
+ bundle "update --bundler", :artifice => "compact_index", :env => { "BUNDLER_SPEC_GEM_REPO" => gem_repo4.to_s }
+ end
+ end
+
it "doesn't discard previously installed platform specific gem and fall back to ruby on subsequent bundles" do
build_repo2 do
build_gem("libv8", "8.4.255.0")
--
2.40.0

View File

@ -1 +1 @@
SHA512 (ruby-3.1.4.tar.xz) = a627bb629a10750b8b2081ad451a41faea0fc85d95aa1e267e3d2a0f56a35bb58195d4a8d13bbdbd82f4197a96dae22b1cee1dfc83861ec33a67ece07aef5633 SHA512 (ruby-3.1.5.tar.xz) = a9883f4d074825bb1f54ef3429a9a71341274bd2de1aa8ea32bce19b6b9c1bac5e5dc4c34a92b8e7caa73ba71d7ed7c546a6fec6f1fd3d8986974dce214f6d49