summaryrefslogtreecommitdiff
path: root/spec/rubyspec/security
diff options
context:
space:
mode:
Diffstat (limited to 'spec/rubyspec/security')
-rw-r--r--spec/rubyspec/security/cve_2013_4164_spec.rb8
-rw-r--r--spec/rubyspec/security/cve_2014_8080_spec.rb4
2 files changed, 6 insertions, 6 deletions
diff --git a/spec/rubyspec/security/cve_2013_4164_spec.rb b/spec/rubyspec/security/cve_2013_4164_spec.rb
index de5973b780..06b2bb0306 100644
--- a/spec/rubyspec/security/cve_2013_4164_spec.rb
+++ b/spec/rubyspec/security/cve_2013_4164_spec.rb
@@ -3,17 +3,17 @@ require File.expand_path('../../spec_helper', __FILE__)
require 'json'
describe "String#to_f" do
-
+
it "resists CVE-2013-4164 by converting very long Strings to a Float" do
"1.#{'1'*1000000}".to_f.should be_close(1.1111111111111112, TOLERANCE)
end
-
+
end
describe "JSON.parse" do
-
+
it "resists CVE-2013-4164 by converting very long Strings to a Float" do
JSON.parse("[1.#{'1'*1000000}]").first.should be_close(1.1111111111111112, TOLERANCE)
end
-
+
end
diff --git a/spec/rubyspec/security/cve_2014_8080_spec.rb b/spec/rubyspec/security/cve_2014_8080_spec.rb
index ae87de2346..6453b0c317 100644
--- a/spec/rubyspec/security/cve_2014_8080_spec.rb
+++ b/spec/rubyspec/security/cve_2014_8080_spec.rb
@@ -3,7 +3,7 @@ require File.expand_path('../../spec_helper', __FILE__)
require 'rexml/document'
describe "REXML::Document.new" do
-
+
it "resists CVE-2014-8080 by raising an exception when entity expansion has grown too large" do
xml = <<XML
<?xml version="1.0" encoding="UTF-8" ?>
@@ -28,5 +28,5 @@ XML
e.message.should =~ /entity expansion has grown too large/
}
end
-
+
end
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-02 17:49:35 +0000