1 files changed, 293 insertions, 19 deletions
diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2017-14064.patch b/meta/recipes-devtools/ruby/ruby/CVE-2017-14064.patch
index 073d214d88..700d1bc58e 100644
--- a/meta/recipes-devtools/ruby/ruby/CVE-2017-14064.patch
+++ b/meta/recipes-devtools/ruby/ruby/CVE-2017-14064.patch
@@ -1,19 +1,54 @@
-From 8f782fd8e181d9cfe9387ded43a5ca9692266b85 Mon Sep 17 00:00:00 2001
+From d86d283fcb35d1442a121b92030884523908a331 Mon Sep 17 00:00:00 2001
-From: Florian Frank <flori@ping.de>
+From: nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
-Date: Thu, 2 Mar 2017 12:12:33 +0100
+Date: Sat, 22 Apr 2017 07:29:01 +0000
-Subject: [PATCH] Fix arbitrary heap exposure problem
+Subject: [PATCH] merge revision(s) 58323,58324:
+        Merge json-2.0.4.
+          * https://github.com/flori/json/releases/tag/v2.0.4
+          * https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204
+        Use `assert_raise` instead of `assert_raises`.
+git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@58445 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
 Upstream-Status: Backport
 CVE: CVE-2017-14064
-Signed-off-by: Rajkumar Veer<rveer@mvista.com>
+Signed-off-by: Armin Kuster <akuster@mvisa.com>
 ---
- ext/json/ext/generator/generator.c | 12 ++++++------
+ ext/json/fbuffer/fbuffer.h       |   3 ---
- ext/json/ext/generator/generator.h |  1 -
+ ext/json/generator/generator.c   |  12 +++++-----
- 2 files changed, 6 insertions(+), 7 deletions(-)
+ ext/json/generator/generator.h   |   1 -
--- a/ext/json/generator/generator.c
+ ext/json/json.gemspec            | Bin 5473 -> 5474 bytes
-+++ b/ext/json/generator/generator.c
+ ext/json/lib/json/version.rb     |   2 +-
-@@ -301,7 +301,7 @@
+ ext/json/parser/parser.c         |  48 +++++++++++++++++++++++----------------
+ ext/json/parser/parser.rl        |  14 +++++++++---
+ test/json/json_encoding_test.rb  |   2 ++
+ test/json/json_generator_test.rb |   0
+ version.h                        |   2 +-
+ 10 files changed, 49 insertions(+), 35 deletions(-)
+ mode change 100755 => 100644 test/json/json_generator_test.rb
+Index: ruby-2.4.0/ext/json/fbuffer/fbuffer.h
+===================================================================
+--- ruby-2.4.0.orig/ext/json/fbuffer/fbuffer.h
+++ ruby-2.4.0/ext/json/fbuffer/fbuffer.h
+@@ -12,9 +12,6 @@
+ #define RFLOAT_VALUE(val) (RFLOAT(val)->value)
+ #endif
+ 
+-#ifndef RARRAY_PTR
+-#define RARRAY_PTR(ARRAY) RARRAY(ARRAY)->ptr
+-#endif
+ #ifndef RARRAY_LEN
+ #define RARRAY_LEN(ARRAY) RARRAY(ARRAY)->len
+ #endif
+Index: ruby-2.4.0/ext/json/generator/generator.c
+===================================================================
+--- ruby-2.4.0.orig/ext/json/generator/generator.c
+++ ruby-2.4.0/ext/json/generator/generator.c
+@@ -308,7 +308,7 @@ static char *fstrndup(const char *ptr, u
   char *result;
   if (len <= 0) return NULL;
   result = ALLOC_N(char, len);
@@ -22,7 +57,7 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
   return result;
 }
 
-@@ -1055,7 +1055,7 @@
+@@ -1062,7 +1062,7 @@ static VALUE cState_indent_set(VALUE sel
         }
     } else {
         if (state->indent) ruby_xfree(state->indent);
@@ -31,7 +66,7 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
         state->indent_len = len;
     }
     return Qnil;
-@@ -1093,7 +1093,7 @@
+@@ -1100,7 +1100,7 @@ static VALUE cState_space_set(VALUE self
         }
     } else {
         if (state->space) ruby_xfree(state->space);
@@ -40,7 +75,7 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
         state->space_len = len;
     }
     return Qnil;
-@@ -1129,7 +1129,7 @@
+@@ -1136,7 +1136,7 @@ static VALUE cState_space_before_set(VAL
         }
     } else {
         if (state->space_before) ruby_xfree(state->space_before);
@@ -49,7 +84,7 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
         state->space_before_len = len;
     }
     return Qnil;
-@@ -1166,7 +1166,7 @@
+@@ -1173,7 +1173,7 @@ static VALUE cState_object_nl_set(VALUE
         }
     } else {
         if (state->object_nl) ruby_xfree(state->object_nl);
@@ -58,17 +93,19 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
         state->object_nl_len = len;
     }
     return Qnil;
-@@ -1201,7 +1201,7 @@
+@@ -1208,7 +1208,7 @@ static VALUE cState_array_nl_set(VALUE s
         }
     } else {
         if (state->array_nl) ruby_xfree(state->array_nl);
 -        state->array_nl = strdup(RSTRING_PTR(array_nl));
-+        state->array_nl = fstrndup(RSTRING_PTR(array_nl), len); 
+        state->array_nl = fstrndup(RSTRING_PTR(array_nl), len);
         state->array_nl_len = len;
     }
     return Qnil;
--- a/ext/json/generator/generator.h
+Index: ruby-2.4.0/ext/json/generator/generator.h
-+++ b/ext/json/generator/generator.h
+===================================================================
+--- ruby-2.4.0.orig/ext/json/generator/generator.h
+++ ruby-2.4.0/ext/json/generator/generator.h
 @@ -1,7 +1,6 @@
 #ifndef _GENERATOR_H_
 #define _GENERATOR_H_
@@ -77,3 +114,240 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
 #include <math.h>
 #include <ctype.h>
 
+Index: ruby-2.4.0/ext/json/lib/json/version.rb
+===================================================================
+--- ruby-2.4.0.orig/ext/json/lib/json/version.rb
+++ ruby-2.4.0/ext/json/lib/json/version.rb
+@@ -1,7 +1,7 @@
+ # frozen_string_literal: false
+ module JSON
+   # JSON version
+-  VERSION         = '2.0.2'
+  VERSION         = '2.0.4'
+   VERSION_ARRAY   = VERSION.split(/\./).map { |x| x.to_i } # :nodoc:
+   VERSION_MAJOR   = VERSION_ARRAY[0] # :nodoc:
+   VERSION_MINOR   = VERSION_ARRAY[1] # :nodoc:
+Index: ruby-2.4.0/ext/json/parser/parser.c
+===================================================================
+--- ruby-2.4.0.orig/ext/json/parser/parser.c
+++ ruby-2.4.0/ext/json/parser/parser.c
+@@ -1435,13 +1435,21 @@ static VALUE json_string_unescape(VALUE
+                     break;
+                 case 'u':
+                     if (pe > stringEnd - 4) {
+-                        return Qnil;
+                      rb_enc_raise(
+                        EXC_ENCODING eParserError,
+                        "%u: incomplete unicode character escape sequence at '%s'", __LINE__, p
+                      );
+                     } else {
+                         UTF32 ch = unescape_unicode((unsigned char *) ++pe);
+                         pe += 3;
+                         if (UNI_SUR_HIGH_START == (ch & 0xFC00)) {
+                             pe++;
+-                            if (pe > stringEnd - 6) return Qnil;
+                            if (pe > stringEnd - 6) {
+                              rb_enc_raise(
+                                EXC_ENCODING eParserError,
+                                "%u: incomplete surrogate pair at '%s'", __LINE__, p
+                                );
+                            }
+                             if (pe[0] == '\\' && pe[1] == 'u') {
+                                 UTF32 sur = unescape_unicode((unsigned char *) pe + 2);
+                                 ch = (((ch & 0x3F) << 10) | ((((ch >> 6) & 0xF) + 1) << 16)
+@@ -1471,7 +1479,7 @@ static VALUE json_string_unescape(VALUE
+ }
+ 
+ 
+-#line 1475 "parser.c"
+#line 1483 "parser.c"
+ enum {JSON_string_start = 1};
+ enum {JSON_string_first_final = 8};
+ enum {JSON_string_error = 0};
+@@ -1479,7 +1487,7 @@ enum {JSON_string_error = 0};
+ enum {JSON_string_en_main = 1};
+ 
+ 
+-#line 504 "parser.rl"
+#line 512 "parser.rl"
+ 
+ 
+ static int
+@@ -1501,15 +1509,15 @@ static char *JSON_parse_string(JSON_Pars
+ 
+     *result = rb_str_buf_new(0);
+ 
+-#line 1505 "parser.c"
+#line 1513 "parser.c"
+        {
+        cs = JSON_string_start;
+        }
+ 
+-#line 525 "parser.rl"
+#line 533 "parser.rl"
+     json->memo = p;
+ 
+-#line 1513 "parser.c"
+#line 1521 "parser.c"
+        {
+        if ( p == pe )
+                goto _test_eof;
+@@ -1534,7 +1542,7 @@ case 2:
+                goto st0;
+        goto st2;
+ tr2:
+-#line 490 "parser.rl"
+#line 498 "parser.rl"
+        {
+         *result = json_string_unescape(*result, json->memo + 1, p);
+         if (NIL_P(*result)) {
+@@ -1545,14 +1553,14 @@ tr2:
+             {p = (( p + 1))-1;}
+         }
+     }
+-#line 501 "parser.rl"
+#line 509 "parser.rl"
+        { p--; {p++; cs = 8; goto _out;} }
+        goto st8;
+ st8:
+        if ( ++p == pe )
+                goto _test_eof8;
+ case 8:
+-#line 1556 "parser.c"
+#line 1564 "parser.c"
+        goto st0;
+ st3:
+        if ( ++p == pe )
+@@ -1628,7 +1636,7 @@ case 7:
+        _out: {}
+        }
+ 
+-#line 527 "parser.rl"
+#line 535 "parser.rl"
+ 
+     if (json->create_additions && RTEST(match_string = json->match_string)) {
+           VALUE klass;
+@@ -1675,7 +1683,7 @@ static VALUE convert_encoding(VALUE sour
+     }
+     FORCE_UTF8(source);
+   } else {
+-    source = rb_str_conv_enc(source, NULL, rb_utf8_encoding());
+    source = rb_str_conv_enc(source, rb_enc_get(source), rb_utf8_encoding());
+   }
+ #endif
+     return source;
+@@ -1808,7 +1816,7 @@ static VALUE cParser_initialize(int argc
+ }
+ 
+ 
+-#line 1812 "parser.c"
+#line 1820 "parser.c"
+ enum {JSON_start = 1};
+ enum {JSON_first_final = 10};
+ enum {JSON_error = 0};
+@@ -1816,7 +1824,7 @@ enum {JSON_error = 0};
+ enum {JSON_en_main = 1};
+ 
+ 
+-#line 720 "parser.rl"
+#line 728 "parser.rl"
+ 
+ 
+ /*
+@@ -1833,16 +1841,16 @@ static VALUE cParser_parse(VALUE self)
+   GET_PARSER;
+ 
+ 
+-#line 1837 "parser.c"
+#line 1845 "parser.c"
+        {
+        cs = JSON_start;
+        }
+ 
+-#line 736 "parser.rl"
+#line 744 "parser.rl"
+   p = json->source;
+   pe = p + json->len;
+ 
+-#line 1846 "parser.c"
+#line 1854 "parser.c"
+        {
+        if ( p == pe )
+                goto _test_eof;
+@@ -1876,7 +1884,7 @@ st0:
+ cs = 0;
+        goto _out;
+ tr2:
+-#line 712 "parser.rl"
+#line 720 "parser.rl"
+        {
+         char *np = JSON_parse_value(json, p, pe, &result, 0);
+         if (np == NULL) { p--; {p++; cs = 10; goto _out;} } else {p = (( np))-1;}
+@@ -1886,7 +1894,7 @@ st10:
+        if ( ++p == pe )
+                goto _test_eof10;
+ case 10:
+-#line 1890 "parser.c"
+#line 1898 "parser.c"
+        switch( (*p) ) {
+                case 13: goto st10;
+                case 32: goto st10;
+@@ -1975,7 +1983,7 @@ case 9:
+        _out: {}
+        }
+ 
+-#line 739 "parser.rl"
+#line 747 "parser.rl"
+ 
+   if (cs >= JSON_first_final && p == pe) {
+     return result;
+Index: ruby-2.4.0/ext/json/parser/parser.rl
+===================================================================
+--- ruby-2.4.0.orig/ext/json/parser/parser.rl
+++ ruby-2.4.0/ext/json/parser/parser.rl
+@@ -446,13 +446,21 @@ static VALUE json_string_unescape(VALUE
+                     break;
+                 case 'u':
+                     if (pe > stringEnd - 4) {
+-                        return Qnil;
+                      rb_enc_raise(
+                        EXC_ENCODING eParserError,
+                        "%u: incomplete unicode character escape sequence at '%s'", __LINE__, p
+                      );
+                     } else {
+                         UTF32 ch = unescape_unicode((unsigned char *) ++pe);
+                         pe += 3;
+                         if (UNI_SUR_HIGH_START == (ch & 0xFC00)) {
+                             pe++;
+-                            if (pe > stringEnd - 6) return Qnil;
+                            if (pe > stringEnd - 6) {
+                              rb_enc_raise(
+                                EXC_ENCODING eParserError,
+                                "%u: incomplete surrogate pair at '%s'", __LINE__, p
+                                );
+                            }
+                             if (pe[0] == '\\' && pe[1] == 'u') {
+                                 UTF32 sur = unescape_unicode((unsigned char *) pe + 2);
+                                 ch = (((ch & 0x3F) << 10) | ((((ch >> 6) & 0xF) + 1) << 16)
+@@ -570,7 +578,7 @@ static VALUE convert_encoding(VALUE sour
+     }
+     FORCE_UTF8(source);
+   } else {
+-    source = rb_str_conv_enc(source, NULL, rb_utf8_encoding());
+    source = rb_str_conv_enc(source, rb_enc_get(source), rb_utf8_encoding());
+   }
+ #endif
+     return source;
+Index: ruby-2.4.0/test/json/json_encoding_test.rb
+===================================================================
+--- ruby-2.4.0.orig/test/json/json_encoding_test.rb
+++ ruby-2.4.0/test/json/json_encoding_test.rb
+@@ -79,6 +79,8 @@ class JSONEncodingTest < Test::Unit::Tes
+     json = '["\ud840\udc01"]'
+     assert_equal json, generate(utf8, :ascii_only => true)
+     assert_equal utf8, parse(json)
+    assert_raise(JSON::ParserError) { parse('"\u"') }
+    assert_raise(JSON::ParserError) { parse('"\ud800"') }
+   end
+ 
+   def test_chars

diff --git a/meta/recipes-devtools/ruby/ruby/CVE-2017-14064.patch b/meta/recipes-devtools/ruby/ruby/CVE-2017-14064.patch index 073d214d88..700d1bc58e 100644 --- a/meta/recipes-devtools/ruby/ruby/CVE-2017-14064.patch +++ b/meta/recipes-devtools/ruby/ruby/CVE-2017-14064.patch
@@ -1,19 +1,54 @@
1	From 8f782fd8e181d9cfe9387ded43a5ca9692266b85 Mon Sep 17 00:00:00 2001	1	From d86d283fcb35d1442a121b92030884523908a331 Mon Sep 17 00:00:00 2001
2	From: Florian Frank <flori@ping.de>	2	From: nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
3	Date: Thu, 2 Mar 2017 12:12:33 +0100	3	Date: Sat, 22 Apr 2017 07:29:01 +0000
4	Subject: [PATCH] Fix arbitrary heap exposure problem	4	Subject: [PATCH] merge revision(s) 58323,58324:
		5
		6	Merge json-2.0.4.
		7
		8	* https://github.com/flori/json/releases/tag/v2.0.4
		9	* https://github.com/flori/json/blob/09fabeb03e73ed88dc8ce8f19d76ac59e51dae20/CHANGES.md#2017-03-23-204
		10	Use `assert_raise` instead of `assert_raises`.
		11
		12	git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@58445 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
5		13
6	Upstream-Status: Backport	14	Upstream-Status: Backport
7	CVE: CVE-2017-14064	15	CVE: CVE-2017-14064
8		16
9	Signed-off-by: Rajkumar Veer<rveer@mvista.com>	17	Signed-off-by: Armin Kuster <akuster@mvisa.com>
		18
10	---	19	---
11	ext/json/ext/generator/generator.c \| 12 ++++++------	20	ext/json/fbuffer/fbuffer.h \| 3 ---
12	ext/json/ext/generator/generator.h \| 1 -	21	ext/json/generator/generator.c \| 12 +++++-----
13	2 files changed, 6 insertions(+), 7 deletions(-)	22	ext/json/generator/generator.h \| 1 -
14	--- a/ext/json/generator/generator.c	23	ext/json/json.gemspec \| Bin 5473 -> 5474 bytes
15	+++ b/ext/json/generator/generator.c	24	ext/json/lib/json/version.rb \| 2 +-
16	@@ -301,7 +301,7 @@	25	ext/json/parser/parser.c \| 48 +++++++++++++++++++++++----------------
		26	ext/json/parser/parser.rl \| 14 +++++++++---
		27	test/json/json_encoding_test.rb \| 2 ++
		28	test/json/json_generator_test.rb \| 0
		29	version.h \| 2 +-
		30	10 files changed, 49 insertions(+), 35 deletions(-)
		31	mode change 100755 => 100644 test/json/json_generator_test.rb
		32
		33	Index: ruby-2.4.0/ext/json/fbuffer/fbuffer.h
		34	===================================================================
		35	--- ruby-2.4.0.orig/ext/json/fbuffer/fbuffer.h
		36	+++ ruby-2.4.0/ext/json/fbuffer/fbuffer.h
		37	@@ -12,9 +12,6 @@
		38	#define RFLOAT_VALUE(val) (RFLOAT(val)->value)
		39	#endif
		40
		41	-#ifndef RARRAY_PTR
		42	-#define RARRAY_PTR(ARRAY) RARRAY(ARRAY)->ptr
		43	-#endif
		44	#ifndef RARRAY_LEN
		45	#define RARRAY_LEN(ARRAY) RARRAY(ARRAY)->len
		46	#endif
		47	Index: ruby-2.4.0/ext/json/generator/generator.c
		48	===================================================================
		49	--- ruby-2.4.0.orig/ext/json/generator/generator.c
		50	+++ ruby-2.4.0/ext/json/generator/generator.c
		51	@@ -308,7 +308,7 @@ static char fstrndup(const char ptr, u
17	char *result;	52	char *result;
18	if (len <= 0) return NULL;	53	if (len <= 0) return NULL;
19	result = ALLOC_N(char, len);	54	result = ALLOC_N(char, len);
@@ -22,7 +57,7 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
22	return result;	57	return result;
23	}	58	}
24		59
25	@@ -1055,7 +1055,7 @@	60	@@ -1062,7 +1062,7 @@ static VALUE cState_indent_set(VALUE sel
26	}	61	}
27	} else {	62	} else {
28	if (state->indent) ruby_xfree(state->indent);	63	if (state->indent) ruby_xfree(state->indent);
@@ -31,7 +66,7 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
31	state->indent_len = len;	66	state->indent_len = len;
32	}	67	}
33	return Qnil;	68	return Qnil;
34	@@ -1093,7 +1093,7 @@	69	@@ -1100,7 +1100,7 @@ static VALUE cState_space_set(VALUE self
35	}	70	}
36	} else {	71	} else {
37	if (state->space) ruby_xfree(state->space);	72	if (state->space) ruby_xfree(state->space);
@@ -40,7 +75,7 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
40	state->space_len = len;	75	state->space_len = len;
41	}	76	}
42	return Qnil;	77	return Qnil;
43	@@ -1129,7 +1129,7 @@	78	@@ -1136,7 +1136,7 @@ static VALUE cState_space_before_set(VAL
44	}	79	}
45	} else {	80	} else {
46	if (state->space_before) ruby_xfree(state->space_before);	81	if (state->space_before) ruby_xfree(state->space_before);
@@ -49,7 +84,7 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
49	state->space_before_len = len;	84	state->space_before_len = len;
50	}	85	}
51	return Qnil;	86	return Qnil;
52	@@ -1166,7 +1166,7 @@	87	@@ -1173,7 +1173,7 @@ static VALUE cState_object_nl_set(VALUE
53	}	88	}
54	} else {	89	} else {
55	if (state->object_nl) ruby_xfree(state->object_nl);	90	if (state->object_nl) ruby_xfree(state->object_nl);
@@ -58,17 +93,19 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
58	state->object_nl_len = len;	93	state->object_nl_len = len;
59	}	94	}
60	return Qnil;	95	return Qnil;
61	@@ -1201,7 +1201,7 @@	96	@@ -1208,7 +1208,7 @@ static VALUE cState_array_nl_set(VALUE s
62	}	97	}
63	} else {	98	} else {
64	if (state->array_nl) ruby_xfree(state->array_nl);	99	if (state->array_nl) ruby_xfree(state->array_nl);
65	- state->array_nl = strdup(RSTRING_PTR(array_nl));	100	- state->array_nl = strdup(RSTRING_PTR(array_nl));
66	+ state->array_nl = fstrndup(RSTRING_PTR(array_nl), len);	101	+ state->array_nl = fstrndup(RSTRING_PTR(array_nl), len);
67	state->array_nl_len = len;	102	state->array_nl_len = len;
68	}	103	}
69	return Qnil;	104	return Qnil;
70	--- a/ext/json/generator/generator.h	105	Index: ruby-2.4.0/ext/json/generator/generator.h
71	+++ b/ext/json/generator/generator.h	106	===================================================================
		107	--- ruby-2.4.0.orig/ext/json/generator/generator.h
		108	+++ ruby-2.4.0/ext/json/generator/generator.h
72	@@ -1,7 +1,6 @@	109	@@ -1,7 +1,6 @@
73	#ifndef _GENERATOR_H_	110	#ifndef _GENERATOR_H_
74	#define _GENERATOR_H_	111	#define _GENERATOR_H_
@@ -77,3 +114,240 @@ Signed-off-by: Rajkumar Veer<rveer@mvista.com>
77	#include <math.h>	114	#include <math.h>
78	#include <ctype.h>	115	#include <ctype.h>
79		116
		117	Index: ruby-2.4.0/ext/json/lib/json/version.rb
		118	===================================================================
		119	--- ruby-2.4.0.orig/ext/json/lib/json/version.rb
		120	+++ ruby-2.4.0/ext/json/lib/json/version.rb
		121	@@ -1,7 +1,7 @@
		122	# frozen_string_literal: false
		123	module JSON
		124	# JSON version
		125	- VERSION = '2.0.2'
		126	+ VERSION = '2.0.4'
		127	VERSION_ARRAY = VERSION.split(/\./).map { \|x\| x.to_i } # :nodoc:
		128	VERSION_MAJOR = VERSION_ARRAY[0] # :nodoc:
		129	VERSION_MINOR = VERSION_ARRAY[1] # :nodoc:
		130	Index: ruby-2.4.0/ext/json/parser/parser.c
		131	===================================================================
		132	--- ruby-2.4.0.orig/ext/json/parser/parser.c
		133	+++ ruby-2.4.0/ext/json/parser/parser.c
		134	@@ -1435,13 +1435,21 @@ static VALUE json_string_unescape(VALUE
		135	break;
		136	case 'u':
		137	if (pe > stringEnd - 4) {
		138	- return Qnil;
		139	+ rb_enc_raise(
		140	+ EXC_ENCODING eParserError,
		141	+ "%u: incomplete unicode character escape sequence at '%s'", __LINE__, p
		142	+ );
		143	} else {
		144	UTF32 ch = unescape_unicode((unsigned char *) ++pe);
		145	pe += 3;
		146	if (UNI_SUR_HIGH_START == (ch & 0xFC00)) {
		147	pe++;
		148	- if (pe > stringEnd - 6) return Qnil;
		149	+ if (pe > stringEnd - 6) {
		150	+ rb_enc_raise(
		151	+ EXC_ENCODING eParserError,
		152	+ "%u: incomplete surrogate pair at '%s'", __LINE__, p
		153	+ );
		154	+ }
		155	if (pe[0] == '\\' && pe[1] == 'u') {
		156	UTF32 sur = unescape_unicode((unsigned char *) pe + 2);
		157	ch = (((ch & 0x3F) << 10) \| ((((ch >> 6) & 0xF) + 1) << 16)
		158	@@ -1471,7 +1479,7 @@ static VALUE json_string_unescape(VALUE
		159	}
		160
		161
		162	-#line 1475 "parser.c"
		163	+#line 1483 "parser.c"
		164	enum {JSON_string_start = 1};
		165	enum {JSON_string_first_final = 8};
		166	enum {JSON_string_error = 0};
		167	@@ -1479,7 +1487,7 @@ enum {JSON_string_error = 0};
		168	enum {JSON_string_en_main = 1};
		169
		170
		171	-#line 504 "parser.rl"
		172	+#line 512 "parser.rl"
		173
		174
		175	static int
		176	@@ -1501,15 +1509,15 @@ static char *JSON_parse_string(JSON_Pars
		177
		178	*result = rb_str_buf_new(0);
		179
		180	-#line 1505 "parser.c"
		181	+#line 1513 "parser.c"
		182	{
		183	cs = JSON_string_start;
		184	}
		185
		186	-#line 525 "parser.rl"
		187	+#line 533 "parser.rl"
		188	json->memo = p;
		189
		190	-#line 1513 "parser.c"
		191	+#line 1521 "parser.c"
		192	{
		193	if ( p == pe )
		194	goto _test_eof;
		195	@@ -1534,7 +1542,7 @@ case 2:
		196	goto st0;
		197	goto st2;
		198	tr2:
		199	-#line 490 "parser.rl"
		200	+#line 498 "parser.rl"
		201	{
		202	result = json_string_unescape(result, json->memo + 1, p);
		203	if (NIL_P(*result)) {
		204	@@ -1545,14 +1553,14 @@ tr2:
		205	{p = (( p + 1))-1;}
		206	}
		207	}
		208	-#line 501 "parser.rl"
		209	+#line 509 "parser.rl"
		210	{ p--; {p++; cs = 8; goto _out;} }
		211	goto st8;
		212	st8:
		213	if ( ++p == pe )
		214	goto _test_eof8;
		215	case 8:
		216	-#line 1556 "parser.c"
		217	+#line 1564 "parser.c"
		218	goto st0;
		219	st3:
		220	if ( ++p == pe )
		221	@@ -1628,7 +1636,7 @@ case 7:
		222	_out: {}
		223	}
		224
		225	-#line 527 "parser.rl"
		226	+#line 535 "parser.rl"
		227
		228	if (json->create_additions && RTEST(match_string = json->match_string)) {
		229	VALUE klass;
		230	@@ -1675,7 +1683,7 @@ static VALUE convert_encoding(VALUE sour
		231	}
		232	FORCE_UTF8(source);
		233	} else {
		234	- source = rb_str_conv_enc(source, NULL, rb_utf8_encoding());
		235	+ source = rb_str_conv_enc(source, rb_enc_get(source), rb_utf8_encoding());
		236	}
		237	#endif
		238	return source;
		239	@@ -1808,7 +1816,7 @@ static VALUE cParser_initialize(int argc
		240	}
		241
		242
		243	-#line 1812 "parser.c"
		244	+#line 1820 "parser.c"
		245	enum {JSON_start = 1};
		246	enum {JSON_first_final = 10};
		247	enum {JSON_error = 0};
		248	@@ -1816,7 +1824,7 @@ enum {JSON_error = 0};
		249	enum {JSON_en_main = 1};
		250
		251
		252	-#line 720 "parser.rl"
		253	+#line 728 "parser.rl"
		254
		255
		256	/*
		257	@@ -1833,16 +1841,16 @@ static VALUE cParser_parse(VALUE self)
		258	GET_PARSER;
		259
		260
		261	-#line 1837 "parser.c"
		262	+#line 1845 "parser.c"
		263	{
		264	cs = JSON_start;
		265	}
		266
		267	-#line 736 "parser.rl"
		268	+#line 744 "parser.rl"
		269	p = json->source;
		270	pe = p + json->len;
		271
		272	-#line 1846 "parser.c"
		273	+#line 1854 "parser.c"
		274	{
		275	if ( p == pe )
		276	goto _test_eof;
		277	@@ -1876,7 +1884,7 @@ st0:
		278	cs = 0;
		279	goto _out;
		280	tr2:
		281	-#line 712 "parser.rl"
		282	+#line 720 "parser.rl"
		283	{
		284	char *np = JSON_parse_value(json, p, pe, &result, 0);
		285	if (np == NULL) { p--; {p++; cs = 10; goto _out;} } else {p = (( np))-1;}
		286	@@ -1886,7 +1894,7 @@ st10:
		287	if ( ++p == pe )
		288	goto _test_eof10;
		289	case 10:
		290	-#line 1890 "parser.c"
		291	+#line 1898 "parser.c"
		292	switch( (*p) ) {
		293	case 13: goto st10;
		294	case 32: goto st10;
		295	@@ -1975,7 +1983,7 @@ case 9:
		296	_out: {}
		297	}
		298
		299	-#line 739 "parser.rl"
		300	+#line 747 "parser.rl"
		301
		302	if (cs >= JSON_first_final && p == pe) {
		303	return result;
		304	Index: ruby-2.4.0/ext/json/parser/parser.rl
		305	===================================================================
		306	--- ruby-2.4.0.orig/ext/json/parser/parser.rl
		307	+++ ruby-2.4.0/ext/json/parser/parser.rl
		308	@@ -446,13 +446,21 @@ static VALUE json_string_unescape(VALUE
		309	break;
		310	case 'u':
		311	if (pe > stringEnd - 4) {
		312	- return Qnil;
		313	+ rb_enc_raise(
		314	+ EXC_ENCODING eParserError,
		315	+ "%u: incomplete unicode character escape sequence at '%s'", __LINE__, p
		316	+ );
		317	} else {
		318	UTF32 ch = unescape_unicode((unsigned char *) ++pe);
		319	pe += 3;
		320	if (UNI_SUR_HIGH_START == (ch & 0xFC00)) {
		321	pe++;
		322	- if (pe > stringEnd - 6) return Qnil;
		323	+ if (pe > stringEnd - 6) {
		324	+ rb_enc_raise(
		325	+ EXC_ENCODING eParserError,
		326	+ "%u: incomplete surrogate pair at '%s'", __LINE__, p
		327	+ );
		328	+ }
		329	if (pe[0] == '\\' && pe[1] == 'u') {
		330	UTF32 sur = unescape_unicode((unsigned char *) pe + 2);
		331	ch = (((ch & 0x3F) << 10) \| ((((ch >> 6) & 0xF) + 1) << 16)
		332	@@ -570,7 +578,7 @@ static VALUE convert_encoding(VALUE sour
		333	}
		334	FORCE_UTF8(source);
		335	} else {
		336	- source = rb_str_conv_enc(source, NULL, rb_utf8_encoding());
		337	+ source = rb_str_conv_enc(source, rb_enc_get(source), rb_utf8_encoding());
		338	}
		339	#endif
		340	return source;
		341	Index: ruby-2.4.0/test/json/json_encoding_test.rb
		342	===================================================================
		343	--- ruby-2.4.0.orig/test/json/json_encoding_test.rb
		344	+++ ruby-2.4.0/test/json/json_encoding_test.rb
		345	@@ -79,6 +79,8 @@ class JSONEncodingTest < Test::Unit::Tes
		346	json = '["\ud840\udc01"]'
		347	assert_equal json, generate(utf8, :ascii_only => true)
		348	assert_equal utf8, parse(json)
		349	+ assert_raise(JSON::ParserError) { parse('"\u"') }
		350	+ assert_raise(JSON::ParserError) { parse('"\ud800"') }
		351	end
		352
		353	def test_chars