diff options
Diffstat (limited to 'spec/ruby/security')
-rw-r--r-- | spec/ruby/security/cve_2010_1330_spec.rb | 2 | ||||
-rw-r--r-- | spec/ruby/security/cve_2014_8080_spec.rb | 34 | ||||
-rw-r--r-- | spec/ruby/security/cve_2017_17742_spec.rb | 37 | ||||
-rw-r--r-- | spec/ruby/security/cve_2019_8323_spec.rb | 14 |
4 files changed, 13 insertions, 74 deletions
diff --git a/spec/ruby/security/cve_2010_1330_spec.rb b/spec/ruby/security/cve_2010_1330_spec.rb index 33e88d652e..2594439550 100644 --- a/spec/ruby/security/cve_2010_1330_spec.rb +++ b/spec/ruby/security/cve_2010_1330_spec.rb @@ -8,7 +8,7 @@ describe "String#gsub" do # #gsub on a string in the UTF-8 encoding but with invalid an UTF-8 byte # sequence. - str = "\xF6<script>" + str = +"\xF6<script>" str.force_encoding Encoding::BINARY str.gsub(/</, "<").should == "\xF6<script>".b str.force_encoding Encoding::UTF_8 diff --git a/spec/ruby/security/cve_2014_8080_spec.rb b/spec/ruby/security/cve_2014_8080_spec.rb deleted file mode 100644 index 23770f94b1..0000000000 --- a/spec/ruby/security/cve_2014_8080_spec.rb +++ /dev/null @@ -1,34 +0,0 @@ -require_relative '../spec_helper' - -ruby_version_is ''...'3.0' do - require 'rexml/document' - - describe "REXML::Document.new" do - - it "resists CVE-2014-8080 by raising an exception when entity expansion has grown too large" do - xml = <<XML - <?xml version="1.0" encoding="UTF-8" ?> - <!DOCTYPE x [ - <!ENTITY % x0 "xxxxxxxxxx"> - <!ENTITY % x1 "%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;"> - <!ENTITY % x2 "%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;"> - <!ENTITY % x3 "%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;"> - <!ENTITY % x4 "%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;"> - <!ENTITY % x5 "%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;"> - <!ENTITY % x6 "%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;"> - <!ENTITY % x7 "%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;"> - <!ENTITY % x8 "%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;"> - <!ENTITY % x9 "%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;"> - ]> - <x> - %x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9; - </x> -XML - - -> { - REXML::Document.new(xml).doctype.entities['x9'].value - }.should raise_error(REXML::ParseException, /entity expansion has grown too large/) - end - - end -end diff --git a/spec/ruby/security/cve_2017_17742_spec.rb b/spec/ruby/security/cve_2017_17742_spec.rb deleted file mode 100644 index b0d93e42b8..0000000000 --- a/spec/ruby/security/cve_2017_17742_spec.rb +++ /dev/null @@ -1,37 +0,0 @@ -require_relative '../spec_helper' - -# webrick is no longer in stdlib in Ruby 3+ -ruby_version_is ""..."3.0" do - require "webrick" - require "stringio" - require "net/http" - - describe "WEBrick" do - describe "resists CVE-2017-17742" do - it "for a response splitting headers" do - config = WEBrick::Config::HTTP - res = WEBrick::HTTPResponse.new config - res['X-header'] = "malicious\r\nCookie: hack" - io = StringIO.new - res.send_response io - io.rewind - res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io)) - res.code.should == '500' - io.string.should_not =~ /hack/ - end - - it "for a response splitting cookie headers" do - user_input = "malicious\r\nCookie: hack" - config = WEBrick::Config::HTTP - res = WEBrick::HTTPResponse.new config - res.cookies << WEBrick::Cookie.new('author', user_input) - io = StringIO.new - res.send_response io - io.rewind - res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io)) - res.code.should == '500' - io.string.should_not =~ /hack/ - end - end - end -end diff --git a/spec/ruby/security/cve_2019_8323_spec.rb b/spec/ruby/security/cve_2019_8323_spec.rb index d4606de054..49a31a6682 100644 --- a/spec/ruby/security/cve_2019_8323_spec.rb +++ b/spec/ruby/security/cve_2019_8323_spec.rb @@ -11,7 +11,12 @@ describe "CVE-2019-8323 is resisted by" do cutter = Class.new { include Gem::GemcutterUtilities }.new - response = Net::HTTPSuccess.new(nil, nil, nil) + klass = if defined?(Gem::Net::HTTPSuccess) + Gem::Net::HTTPSuccess + else + Net::HTTPSuccess + end + response = klass.new(nil, nil, nil) def response.body "\e]2;nyan\a" end @@ -25,7 +30,12 @@ describe "CVE-2019-8323 is resisted by" do }.new def cutter.terminate_interaction(n) end - response = Net::HTTPNotFound.new(nil, nil, nil) + klass = if defined?(Gem::Net::HTTPNotFound) + Gem::Net::HTTPNotFound + else + Net::HTTPNotFound + end + response = klass.new(nil, nil, nil) def response.body "\e]2;nyan\a" end |