Backport RubyGems 3.0.3: [Backport #15637]

* Fixed following vulnerabilities: * CVE-2019-8320: Delete directory using symlink when decompressing tar * CVE-2019-8321: Escape sequence injection vulnerability in verbose * CVE-2019-8322: Escape sequence injection vulnerability in gem owner * CVE-2019-8323: Escape sequence injection vulnerability in API response handling * CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution * CVE-2019-8325: Escape sequence injection vulnerability in errors * see also https://blog.rubygems.org/2019/03/05/3.0.3-released.html git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_6@67182 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
author: naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2019-03-06 09:01:48 +0000
committer: naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e> 2019-03-06 09:01:48 +0000
commit: e0005fdc2734871c4acd7dcf269e1566388794c4 (patch)
tree: 8ad55fb2e000a2a66be1671e632f170db12c1e2b /test/rubygems/test_gem_text.rb
parent: f5452efcf863e4c15577e53c52e6e8726e70f5c4 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/test/rubygems/test_gem_text.rb b/test/rubygems/test_gem_text.rb
index 0249c47f83..c50d0bdb7a 100644
--- a/test/rubygems/test_gem_text.rb
+++ b/test/rubygems/test_gem_text.rb
@@ -89,4 +89,9 @@ Without the wrapping, the text might not look good in the RSS feed.
     s = "ab" * 500_001
     assert_equal "Truncating desc to 1,000,000 characters:\n#{s[0, 1_000_000]}", truncate_text(s, "desc", 1_000_000)
   end
+
+  def test_clean_text
+    assert_equal ".]2;nyan.", clean_text("\e]2;nyan\a")
+  end
+
 end
author	naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2019-03-06 09:01:48 +0000
committer	naruse <naruse@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>	2019-03-06 09:01:48 +0000
commit	e0005fdc2734871c4acd7dcf269e1566388794c4 (patch)
tree	8ad55fb2e000a2a66be1671e632f170db12c1e2b /test/rubygems/test_gem_text.rb
parent	f5452efcf863e4c15577e53c52e6e8726e70f5c4 (diff)