new file mode 100644

@@ -0,0 +1,117 @@

+Index: b/regparse.c

+===================================================================

+--- a/regparse.c	(revision 57908)

+@@ -4570,11 +4570,11 @@ parse_char_class(Node** np, Node** asc_n https://github.com/ruby/ruby/blob/trunk/ruby_2_4/regparse.c#L4570

+   enum CCVALTYPE val_type, in_type;

+   int val_israw, in_israw;

+ 

++  *np = *asc_np = NULL_NODE;

+   env->parse_depth++;

+   if (env->parse_depth > ParseDepthLimit)

+     return ONIGERR_PARSE_DEPTH_LIMIT_OVER;

+   prev_cc = asc_prev_cc = (CClassNode* )NULL;

+-  *np = *asc_np = NULL_NODE;

+   r = fetch_token_in_cc(tok, src, end, env);

+   if (r == TK_CHAR && tok->u.c == '^' && tok->escaped == 0) {

+     neg = 1;

+Index: b/ext/-test-/regexp/init.c

+===================================================================

+--- a/ext/-test-/regexp/init.c	(revision 0)

+@@ -0,0 +1,11 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_4/ext/-test-/regexp/init.c#L1

++#include "ruby.h"

++

++#define init(n) {void Init_##n(VALUE klass); Init_##n(klass);}

++

++void

++Init_regexp(void)

++{

++    VALUE mBug = rb_define_module("Bug");

++    VALUE klass = rb_define_class_under(mBug, "Regexp", rb_cRegexp);

++    TEST_INIT_FUNCS(init);

++}

+

+Property changes on: ruby_2_4/ext/-test-/regexp/init.c

+___________________________________________________________________

+Added: svn:eol-style

+   + LF

+

+Index: b/ext/-test-/regexp/extconf.rb

+===================================================================

+--- a/ext/-test-/regexp/extconf.rb	(revision 0)

+@@ -0,0 +1,3 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_4/ext/-test-/regexp/extconf.rb#L1

++# frozen_string_literal: false

++require_relative "../auto_ext.rb"

++auto_ext

+

+Property changes on: ruby_2_4/ext/-test-/regexp/extconf.rb

+___________________________________________________________________

+Added: svn:eol-style

+   + LF

+

+Index: b/ext/-test-/regexp/parse_depth_limit.c

+===================================================================

+--- a/ext/-test-/regexp/parse_depth_limit.c	(revision 0)

+@@ -0,0 +1,23 @@ https://github.com/ruby/ruby/blob/trunk/ruby_2_4/ext/-test-/regexp/parse_depth_limit.c#L1

++#include <ruby.h>

++#include <ruby/onigmo.h>

++

++static VALUE

++get_parse_depth_limit(VALUE self)

++{

++    unsigned int depth = onig_get_parse_depth_limit();

++    return UINT2NUM(depth);

++}

++

++static VALUE

++set_parse_depth_limit(VALUE self, VALUE depth)

++{

++    onig_set_parse_depth_limit(NUM2UINT(depth));

++    return depth;

++}

++

++void

++Init_parse_depth_limit(VALUE klass)

++{

++    rb_define_singleton_method(klass, "parse_depth_limit", get_parse_depth_limit, 0);

++    rb_define_singleton_method(klass, "parse_depth_limit=", set_parse_depth_limit, 1);

++}

+

+Property changes on: ruby_2_4/ext/-test-/regexp/parse_depth_limit.c

+___________________________________________________________________

+Added: svn:eol-style

+   + LF

+

+Index: b/test/ruby/test_regexp.rb

+===================================================================

+--- a/test/ruby/test_regexp.rb	(revision 57908)

+@@ -1198,6 +1198,25 @@ class TestRegexp < Test::Unit::TestCase https://github.com/ruby/ruby/blob/trunk/ruby_2_4/test/ruby/test_regexp.rb#L1198

+     RUBY

+   end

+ 

++  def test_invalid_free_at_parse_depth_limit_over

++    assert_separately([], "#{<<-"begin;"}\n#{<<-"end;"}")

++    begin;

++      begin

++        require '-test-/regexp'

++      rescue LoadError

++      else

++        bug = '[ruby-core:79624] [Bug #13234]'

++        Bug::Regexp.parse_depth_limit = 10

++        src = "[" * 100

++        3.times do

++          assert_raise_with_message(RegexpError, /parse depth limit over/, bug) do

++            Regexp.new(src)

++          end

++        end

++      end

++    end;

++  end

++

+   # This assertion is for porting x2() tests in testpy.py of Onigmo.

+   def assert_match_at(re, str, positions, msg = nil)

+     re = Regexp.new(re) unless re.is_a?(Regexp)

@@ -1,7 +1,7 @@

 Summary:    Ruby

 Name:       ruby

 Version:    2.4.0

-Release:    3%{?dist}

+Release:    4%{?dist}

 License:    BSDL

 URL:        https://www.ruby-lang.org/en/

 Group:      System Environment/Security

@@ -13,6 +13,7 @@ Patch0:     ruby-CVE-2017-9224.patch

 Patch1:     ruby-CVE-2017-9226.patch

 Patch2:     ruby-CVE-2017-9227.patch

 Patch3:     ruby-CVE-2017-9229.patch

+Patch4:	    ruby-CVE-2017-6181.patch

 BuildRequires:  openssl-devel

 BuildRequires:  ca-certificates

 BuildRequires:  readline-devel

@@ -30,6 +31,7 @@ This is useful for object-oriented scripting.

 %patch1 -p1

 %patch2 -p1

 %patch3 -p1

+%patch4 -p1

 %build

 ./configure \

     --prefix=%{_prefix}   \

@@ -57,6 +59,8 @@ rm -rf %{buildroot}/*

 %{_docdir}/%{name}-%{version}

 %{_mandir}/man1/*

 %changelog

+*   Fri Jul 07 2017 Harish Udaiya Kumar <hudaiyakumar@vmware.com> 2.4.0-4

+-   [security] ruby-CVE-2017-6181.patch

 *   Tue Jun 13 2017 Priyesh Padmavilasom <ppadmavilasom@vmware.com> 2.4.0-3

 -   [security] CVE-2017-9224,CVE-2017-9225

 -   [security] CVE-2017-9227,CVE-2017-9229