test/ruby/test_symbol.rb: new test for nondeterminism

We need to ensure hashes for static symbols remain non-deterministic to avoid DoS attacks. This is currently the case since 2.4+, but was not for the 2.3 series. * test/ruby/test_symbol.rb (test_hash_nondeterministic): new test [ruby-core:80430] [Bug #13376] git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58200 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-03-28 17:14:49 +0000
committer: normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2017-03-28 17:14:49 +0000
commit: 149d43d4ad1e5a65e3c8601bf3323e09e2e540f4 (patch)
tree: ab8bb19bc6a572978d16ddb3a7481ba5097ab934 /test/ruby/test_symbol.rb
parent: f19fac1dd25156e5038d9ebbd375d2a8c8815739 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/test/ruby/test_symbol.rb b/test/ruby/test_symbol.rb
index 42b5106298..39b2c7692a 100644
--- a/test/ruby/test_symbol.rb
+++ b/test/ruby/test_symbol.rb
@@ -500,4 +500,14 @@ class TestSymbol < Test::Unit::TestCase
     assert_equal str, str.to_sym.to_s
     assert_not_predicate(str, :frozen?, bug11721)
   end
+
+  def test_hash_nondeterministic
+    ruby = EnvUtil.rubybin
+    refute_equal `#{ruby} -e 'puts :foo.hash'`, `#{ruby} -e 'puts :foo.hash'`,
+                 '[ruby-core:80430] [Bug #13376]'
+
+    sym = "dynsym_#{Random.rand(10000)}_#{Time.now}"
+    refute_equal `#{ruby} -e 'puts #{sym.inspect}.to_sym.hash'`,
+                 `#{ruby} -e 'puts #{sym.inspect}.to_sym.hash'`
+  end
 end
author	normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-03-28 17:14:49 +0000
committer	normal <normal@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2017-03-28 17:14:49 +0000
commit	149d43d4ad1e5a65e3c8601bf3323e09e2e540f4 (patch)
tree	ab8bb19bc6a572978d16ddb3a7481ba5097ab934 /test/ruby/test_symbol.rb
parent	f19fac1dd25156e5038d9ebbd375d2a8c8815739 (diff)