Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:GA
rubygem-actionpack-5_1.36289
0011-CVE-2024-42228.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0011-CVE-2024-42228.patch of Package rubygem-actionpack-5_1.36289
Index: actionpack-5.1.4/lib/action_dispatch/http/filter_parameters.rb =================================================================== --- actionpack-5.1.4.orig/lib/action_dispatch/http/filter_parameters.rb +++ actionpack-5.1.4/lib/action_dispatch/http/filter_parameters.rb @@ -70,12 +70,17 @@ module ActionDispatch ParameterFilter.new(filters) end - KV_RE = "[^&;=]+" - PAIR_RE = %r{(#{KV_RE})=(#{KV_RE})} def filtered_query_string # :doc: - query_string.gsub(PAIR_RE) do |_| - parameter_filter.filter($1 => $2).first.join("=") + parts = query_string.split(/([&;])/) + filtered_parts = parts.map do |part| + if part.include?("=") + key, value = part.split("=", 2) + parameter_filter.filter(key => value).first.join("=") + else + part + end end + filtered_parts.join("") end end end
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor