* lib/net/pop.rb: check for invalid APOP timestamp. (CVE-2007-1558)

[ruby-dev:36631] * test/net/pop/test_pop.rb: ditto. git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@19776 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2008-10-14 02:22:46 +0000
committer: kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2008-10-14 02:22:46 +0000
commit: 0e0d05d5f476df9f900e4686a940b4f5dc336133 (patch)
tree: 01505263c1df1640a380ebc90f806b45238906ed /lib/net/pop.rb
parent: 339ceda4e8c9e58dc7451b91d17a83e816393058 (diff)
download: ruby-0e0d05d5f476df9f900e4686a940b4f5dc336133.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/net/pop.rb b/lib/net/pop.rb
index a8e9987236..7d234c191c 100644
--- a/lib/net/pop.rb
+++ b/lib/net/pop.rb
@@ -870,7 +870,7 @@ module Net
       @socket = sock
       @error_occured = false
       res = check_response(critical { recv_response() })
-      @apop_stamp = res.slice(/<.+>/)
+      @apop_stamp = res.slice(/<[!-~]+@[!-~]+>/)
     end
 
     attr_reader :socket
author	kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2008-10-14 02:22:46 +0000
committer	kazu <kazu@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2008-10-14 02:22:46 +0000
commit	0e0d05d5f476df9f900e4686a940b4f5dc336133 (patch)
tree	01505263c1df1640a380ebc90f806b45238906ed /lib/net/pop.rb
parent	339ceda4e8c9e58dc7451b91d17a83e816393058 (diff)
download	ruby-0e0d05d5f476df9f900e4686a940b4f5dc336133.tar.gz