diff options
author | Jeremy Evans <code@jeremyevans.net> | 2019-09-24 20:59:12 -0700 |
---|---|---|
committer | Jeremy Evans <code@jeremyevans.net> | 2019-11-18 01:00:25 +0200 |
commit | ffd0820ab317542f8780aac475da590a4bdbc7a8 (patch) | |
tree | 6a5d774933c15fd2b9ea948bd3ae2fa587faaf82 /test/fiddle | |
parent | c5c05460ac20abcbc0ed686eb4acf06da7a39a79 (diff) |
Deprecate taint/trust and related methods, and make the methods no-ops
This removes the related tests, and puts the related specs behind
version guards. This affects all code in lib, including some
libraries that may want to support older versions of Ruby.
Notes
Notes:
Merged: https://github.com/ruby/ruby/pull/2476
Diffstat (limited to 'test/fiddle')
-rw-r--r-- | test/fiddle/test_func.rb | 12 | ||||
-rw-r--r-- | test/fiddle/test_handle.rb | 23 |
2 files changed, 35 insertions, 0 deletions
diff --git a/test/fiddle/test_func.rb b/test/fiddle/test_func.rb index ca89173766..d170c59a75 100644 --- a/test/fiddle/test_func.rb +++ b/test/fiddle/test_func.rb @@ -11,6 +11,18 @@ module Fiddle assert_nil f.call(10) end + def test_syscall_with_tainted_string + f = Function.new(@libc['system'], [TYPE_VOIDP], TYPE_INT) + Thread.new { + $SAFE = 1 + assert_raise(SecurityError) do + f.call("uname -rs".dup.taint) + end + }.join + ensure + $SAFE = 0 + end + def test_sinf begin f = Function.new(@libm['sinf'], [TYPE_FLOAT], TYPE_FLOAT) diff --git a/test/fiddle/test_handle.rb b/test/fiddle/test_handle.rb index 17f9c92a11..c0fac39908 100644 --- a/test/fiddle/test_handle.rb +++ b/test/fiddle/test_handle.rb @@ -8,6 +8,29 @@ module Fiddle class TestHandle < TestCase include Fiddle + def test_safe_handle_open + Thread.new do + $SAFE = 1 + assert_raise(SecurityError) { + Fiddle::Handle.new(LIBC_SO.dup.taint) + } + end.join + ensure + $SAFE = 0 + end + + def test_safe_function_lookup + Thread.new do + h = Fiddle::Handle.new(LIBC_SO) + $SAFE = 1 + assert_raise(SecurityError) { + h["qsort".dup.taint] + } + end.join + ensure + $SAFE = 0 + end + def test_to_i handle = Fiddle::Handle.new(LIBC_SO) assert_kind_of Integer, handle.to_i |