Skip to content

Commit 0861772

Browse files
author
David Heinemeier Hansson
committed
Account for two different REXML::Version/VERSION constants in version check
1 parent ef3ac6e commit 0861772

File tree

1 file changed

+13
-16
lines changed
  • activesupport/lib/active_support/core_ext

1 file changed

+13
-16
lines changed

activesupport/lib/active_support/core_ext/rexml.rb

Lines changed: 13 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -5,21 +5,18 @@
55
# http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/
66
# This fix is identical to rexml-expansion-fix version 1.0.1
77

8-
module REXML
9-
class Entity < Child
10-
undef_method :unnormalized
11-
def unnormalized
12-
document.record_entity_expansion! if document
13-
v = value()
14-
return nil if v.nil?
15-
@unnormalized = Text::unnormalize(v, parent)
16-
@unnormalized
17-
end
18-
end
19-
class Document < Element
20-
@@entity_expansion_limit = 10_000
21-
def self.entity_expansion_limit= val
22-
@@entity_expansion_limit = val
8+
# Earlier versions of rexml defined REXML::Version, newer ones REXML::VERSION
9+
unless (defined?(REXML::VERSION) ? REXML::VERSION : REXML::Version) > "3.1.7.2"
10+
module REXML
11+
class Entity < Child
12+
undef_method :unnormalized
13+
def unnormalized
14+
document.record_entity_expansion! if document
15+
v = value()
16+
return nil if v.nil?
17+
@unnormalized = Text::unnormalize(v, parent)
18+
@unnormalized
19+
end
2320
end
2421

2522
def record_entity_expansion!
@@ -30,4 +27,4 @@ def record_entity_expansion!
3027
end
3128
end
3229
end
33-
end
30+
end

0 commit comments

Comments
 (0)