diff options
Diffstat (limited to 'spec/ruby/security/cve_2018_8779_spec.rb')
-rw-r--r-- | spec/ruby/security/cve_2018_8779_spec.rb | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/spec/ruby/security/cve_2018_8779_spec.rb b/spec/ruby/security/cve_2018_8779_spec.rb new file mode 100644 index 0000000000..9659b321ee --- /dev/null +++ b/spec/ruby/security/cve_2018_8779_spec.rb @@ -0,0 +1,30 @@ +require_relative '../spec_helper' + +require 'socket' +require 'tempfile' + +platform_is_not :windows do + describe "CVE-2018-8779 is resisted by" do + before :each do + tmpfile = Tempfile.new("s") + @path = tmpfile.path + tmpfile.close(true) + end + + after :each do + File.unlink @path if @path && File.socket?(@path) + end + + it "UNIXServer.open by raising an exception when there is a NUL byte" do + lambda { + UNIXServer.open(@path+"\0") + }.should raise_error(ArgumentError, /(path name|string) contains null byte/) + end + + it "UNIXSocket.open by raising an exception when there is a NUL byte" do + lambda { + UNIXSocket.open(@path+"\0") + }.should raise_error(ArgumentError, /(path name|string) contains null byte/) + end + end +end |