Fix DoS in the Ruby CGI module.

Obtained from:	ruby CVS
Reviewed by:	trhodes
OK'ed by:	maintainer silence
With hat:	secteam

2 files changed, 28 insertions, 1 deletions

diff --git a/lang/ruby18/Makefile b/lang/ruby18/Makefile
index e1558869f663..e574bcfbde30 100644
--- a/lang/ruby18/Makefile
+++ b/lang/ruby18/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	ruby${RUBY_R}
 PORTVERSION=	${RUBY_PORTVERSION}
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	lang ruby ipv6
 MASTER_SITES=		${MASTER_SITE_RUBY}
 MASTER_SITE_SUBDIR=	${MASTER_SITE_SUBDIR_RUBY}
diff --git a/lang/ruby18/files/patch-cgi.rb b/lang/ruby18/files/patch-cgi.rb
new file mode 100644
index 000000000000..b12660ce0baa
--- /dev/null
+++ b/lang/ruby18/files/patch-cgi.rb
@@ -0,0 +1,27 @@
+--- lib/cgi.rb	2004/07/28 13:26:01	1.68.2.6
++++ lib/cgi.rb	2004/10/27 02:46:50	1.68.2.7
+@@ -284,7 +284,7 @@ class CGI
+   # Standard internet newline sequence
+   EOL = CR + LF
+ 
+-  REVISION = '$Id: cgi.rb,v 1.68.2.6 2004/07/28 13:26:01 matz Exp $' #:nodoc:
++  REVISION = '$Id: cgi.rb,v 1.68.2.7 2004/10/27 02:46:50 matz Exp $' #:nodoc:
+ 
+   NEEDS_BINMODE = true if /WIN/ni.match(RUBY_PLATFORM) 
+ 
+@@ -1012,10 +1012,13 @@     def read_multipart(boundary, content
+           end
+ 
+           c = if bufsize < content_length
+-                stdinput.read(bufsize) or ''
++                stdinput.read(bufsize)
+               else
+-                stdinput.read(content_length) or ''
++                stdinput.read(content_length)
+               end
++          if c.nil?
++            raise EOFError, "bad content body"
++          end
+           buf.concat(c)
+           content_length -= c.size
+         end