File tree Expand file tree Collapse file tree 1 file changed +13
-16
lines changed
activesupport/lib/active_support/core_ext Expand file tree Collapse file tree 1 file changed +13
-16
lines changed Original file line number Diff line number Diff line change 5
5
# http://www.ruby-lang.org/en/news/2008/08/23/dos-vulnerability-in-rexml/
6
6
# This fix is identical to rexml-expansion-fix version 1.0.1
7
7
8
- module REXML
9
- class Entity < Child
10
- undef_method :unnormalized
11
- def unnormalized
12
- document . record_entity_expansion! if document
13
- v = value ( )
14
- return nil if v . nil?
15
- @unnormalized = Text ::unnormalize ( v , parent )
16
- @unnormalized
17
- end
18
- end
19
- class Document < Element
20
- @@entity_expansion_limit = 10_000
21
- def self . entity_expansion_limit = val
22
- @@entity_expansion_limit = val
8
+ # Earlier versions of rexml defined REXML::Version, newer ones REXML::VERSION
9
+ unless ( defined? ( REXML ::VERSION ) ? REXML ::VERSION : REXML ::Version ) > "3.1.7.2"
10
+ module REXML
11
+ class Entity < Child
12
+ undef_method :unnormalized
13
+ def unnormalized
14
+ document . record_entity_expansion! if document
15
+ v = value ( )
16
+ return nil if v . nil?
17
+ @unnormalized = Text ::unnormalize ( v , parent )
18
+ @unnormalized
19
+ end
23
20
end
24
21
25
22
def record_entity_expansion!
@@ -30,4 +27,4 @@ def record_entity_expansion!
30
27
end
31
28
end
32
29
end
33
- end
30
+ end
You can’t perform that action at this time.
0 commit comments