From a2958f6743664006d21fc0bafd4ca6214df1d429 Mon Sep 17 00:00:00 2001
From: nagachika <nagachika@b2dd03c8-39d4-4d8f-98ff-823fe69b080e>
Date: Wed, 17 Oct 2018 15:06:18 +0000
Subject: merge revision(s) 65125:

	infect taint flag on Array#pack and String#unpack
	with the directives "B", "b", "H" and "h".

		* pack.c (pack_pack, pack_unpack_internal): infect taint flag.

		* test/ruby/test_pack.rb: add test for above.

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/branches/ruby_2_5@65128 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
---
 test/ruby/test_pack.rb | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'test')

diff --git a/test/ruby/test_pack.rb b/test/ruby/test_pack.rb
index a872bf33c2..aec418913e 100644
--- a/test/ruby/test_pack.rb
+++ b/test/ruby/test_pack.rb
@@ -860,4 +860,20 @@ EXPECTED
     assert_equal "hogefuga", "aG9nZWZ1Z2E=".unpack1("m")
     assert_equal "01000001", "A".unpack1("B*")
   end
+
+  def test_pack_infection
+    tainted_array_string = ["123456"]
+    tainted_array_string.first.taint
+    ['a', 'A', 'Z', 'B', 'b', 'H', 'h', 'u', 'M', 'm', 'P', 'p'].each do |f|
+      assert_predicate(tainted_array_string.pack(f), :tainted?)
+    end
+  end
+
+  def test_unpack_infection
+    tainted_string = "123456"
+    tainted_string.taint
+    ['a', 'A', 'Z', 'B', 'b', 'H', 'h', 'u', 'M', 'm'].each do |f|
+      assert_predicate(tainted_string.unpack(f).first, :tainted?)
+    end
+  end
 end
-- 
cgit v1.2.3