diff options
author | eregon <eregon@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-05-07 12:04:49 +0000 |
---|---|---|
committer | eregon <eregon@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-05-07 12:04:49 +0000 |
commit | 95e8c48dd3348503a8c7db5d0498894a1b676395 (patch) | |
tree | 9eef7f720314ebaff56845a74e203770e62284e4 /spec/rubyspec/security/cve_2011_4815_spec.rb | |
parent | ed7d803500de38186c74bce94d233e85ef51e503 (diff) |
Add in-tree mspec and ruby/spec
* For easier modifications of ruby/spec by MRI developers.
* .gitignore: track changes under spec.
* spec/mspec, spec/rubyspec: add in-tree mspec and ruby/spec.
These files can therefore be updated like any other file in MRI.
Instructions are provided in spec/README.
[Feature #13156] [ruby-core:79246]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58595 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'spec/rubyspec/security/cve_2011_4815_spec.rb')
-rw-r--r-- | spec/rubyspec/security/cve_2011_4815_spec.rb | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/spec/rubyspec/security/cve_2011_4815_spec.rb b/spec/rubyspec/security/cve_2011_4815_spec.rb new file mode 100644 index 0000000000..0a353b742a --- /dev/null +++ b/spec/rubyspec/security/cve_2011_4815_spec.rb @@ -0,0 +1,41 @@ +require File.expand_path('../../spec_helper', __FILE__) + +describe :resists_cve_2011_4815, shared: true do + it "resists CVE-2011-4815 by having different hash codes in different processes" do + eval("(#{@method}).hash.to_s").should_not == ruby_exe("print (#{@method}).hash") + end +end + +describe "Object#hash" do + it_behaves_like :resists_cve_2011_4815, 'Object.new' +end + +describe "Integer#hash with a small value" do + it_behaves_like :resists_cve_2011_4815, '14' +end + +describe "Integer#hash with a large value" do + it_behaves_like :resists_cve_2011_4815, '100000000000000000000000000000' +end + +describe "Float#hash" do + it_behaves_like :resists_cve_2011_4815, '3.14' +end + +describe "String#hash" do + it_behaves_like :resists_cve_2011_4815, '"abc"' +end + +describe "Symbol#hash" do + ruby_bug "#13376", "2.3.0"..."2.3.4" do + it_behaves_like :resists_cve_2011_4815, ':a' + end +end + +describe "Array#hash" do + it_behaves_like :resists_cve_2011_4815, '[1, 2, 3]' +end + +describe "Hash#hash" do + it_behaves_like :resists_cve_2011_4815, '{a: 1, b: 2, c: 3}' +end |