From 5756321cd9e3ca12cb2b8402704c6680b4d7ca2a Mon Sep 17 00:00:00 2001
From: Aaron Patterson <aaron.patterson@gmail.com>
Date: Mon, 11 Jan 2016 14:36:49 -0800
Subject: [PATCH] stop caching mime types globally
Unknown mime types should not be cached globally. This global cache
leads to a memory leak and a denial of service vulnerability.
CVE-2016-0751
---
actionpack/lib/action_dispatch/http/mime_type.rb | 18 ++++++++++++++++--
1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/actionpack/lib/action_dispatch/http/mime_type.rb b/actionpack/lib/action_dispatch/http/mime_type.rb
index 9450be8..fc986f9 100644
--- a/actionpack/lib/action_dispatch/http/mime_type.rb
+++ b/actionpack/lib/action_dispatch/http/mime_type.rb
@@ -23,7 +23,7 @@ module Mime
SET = Mimes.new
EXTENSION_LOOKUP = {}
- LOOKUP = Hash.new { |h, k| h[k] = Type.new(k) unless k.blank? }
+ LOOKUP = {}
class << self
def [](type)
@@ -146,7 +146,7 @@ module Mime
end
def lookup(string)
- LOOKUP[string]
+ LOOKUP[string] || Type.new(string)
end
def lookup_by_extension(extension)
@@ -225,9 +225,12 @@ module Mime
end
end
+ attr_reader :hash
+
def initialize(string, symbol = nil, synonyms = [])
@symbol, @synonyms = symbol, synonyms
@string = string
+ @hash = [@string, @synonyms, @symbol].hash
end
def to_s
@@ -261,6 +264,13 @@ module Mime
end
end
+ def eql?(other)
+ super || (self.class == other.class &&
+ @string == other.string &&
+ @synonyms == other.synonyms &&
+ @symbol == other.symbol)
+ end
+
def =~(mime_type)
return false if mime_type.blank?
regexp = Regexp.new(Regexp.quote(mime_type.to_s))
@@ -274,6 +284,10 @@ module Mime
end
+ protected
+
+ attr_reader :string, :synonyms
+
private
def to_ary; end
--
2.2.1