38 lines
1.3 KiB
Diff
38 lines
1.3 KiB
Diff
|
From 85487773ba69ec2179cac77ed725cec1b6cdffc8 Mon Sep 17 00:00:00 2001
|
||
|
|
Subject: [PATCH] fix CVE-2020-10663
|
||
|
|
|
||
|
|
---
|
||
|
|
ext/json/parser/parser.c | 2 +-
|
||
|
|
ext/json/parser/parser.rl | 2 +-
|
||
|
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
||
|
|
|
||
|
|
diff --git a/ext/json/parser/parser.c b/ext/json/parser/parser.c
|
||
|
|
index d2e4eb6..ae90b2e 100644
|
||
|
|
--- a/ext/json/parser/parser.c
|
||
|
|
+++ b/ext/json/parser/parser.c
|
||
|
|
@@ -1815,7 +1815,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
|
||
|
|
} else {
|
||
|
|
json->max_nesting = 100;
|
||
|
|
json->allow_nan = 0;
|
||
|
|
- json->create_additions = 1;
|
||
|
|
+ json->create_additions = 0;
|
||
|
|
json->create_id = rb_funcall(mJSON, i_create_id, 0);
|
||
|
|
json->object_class = Qnil;
|
||
|
|
json->array_class = Qnil;
|
||
|
|
diff --git a/ext/json/parser/parser.rl b/ext/json/parser/parser.rl
|
||
|
|
index 29900a4..f7dbcff 100644
|
||
|
|
--- a/ext/json/parser/parser.rl
|
||
|
|
+++ b/ext/json/parser/parser.rl
|
||
|
|
@@ -710,7 +710,7 @@ static VALUE cParser_initialize(int argc, VALUE *argv, VALUE self)
|
||
|
|
} else {
|
||
|
|
json->max_nesting = 100;
|
||
|
|
json->allow_nan = 0;
|
||
|
|
- json->create_additions = 1;
|
||
|
|
+ json->create_additions = 0;
|
||
|
|
json->create_id = rb_funcall(mJSON, i_create_id, 0);
|
||
|
|
json->object_class = Qnil;
|
||
|
|
json->array_class = Qnil;
|
||
|
|
--
|
||
|
|
2.23.0
|
||
|
|
|