diff options
author | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-09-10 05:23:13 +0000 |
---|---|---|
committer | nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> | 2017-09-10 05:23:13 +0000 |
commit | 8ae151e7ab6f85185416b53528347f0cca55a10e (patch) | |
tree | c0e8a6247b8ed1b3d80f0b98229a78cbcc8363d1 /test/rubygems/test_gem_installer.rb | |
parent | fd41a38470e1ba2ee1857eae08fe909ef34b9b2d (diff) |
lib/rubygems: fix several vulnerabilities in RubyGems; bump to version 2.6.13.
[Backport #13842]
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_4@59814 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
Diffstat (limited to 'test/rubygems/test_gem_installer.rb')
-rw-r--r-- | test/rubygems/test_gem_installer.rb | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/test/rubygems/test_gem_installer.rb b/test/rubygems/test_gem_installer.rb index 882981d344..dd049214fb 100644 --- a/test/rubygems/test_gem_installer.rb +++ b/test/rubygems/test_gem_installer.rb @@ -1448,6 +1448,26 @@ gem 'other', version end end + def test_pre_install_checks_malicious_name + spec = util_spec '../malicious', '1' + def spec.full_name # so the spec is buildable + "malicious-1" + end + def spec.validate; end + + util_build_gem spec + + gem = File.join(@gemhome, 'cache', spec.file_name) + + use_ui @ui do + @installer = Gem::Installer.at gem + e = assert_raises Gem::InstallError do + @installer.pre_install_checks + end + assert_equal '#<Gem::Specification name=../malicious version=1> has an invalid name', e.message + end + end + def test_shebang util_make_exec @spec, "#!/usr/bin/ruby" |