spec/ruby/security/cve_2018_8779_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

require_relative '../spec_helper'

require 'socket'
require 'tempfile'

platform_is_not :windows do
  describe "CVE-2018-8779 is resisted by" do
    before :each do
      tmpfile = Tempfile.new("s")
      @path = tmpfile.path
      tmpfile.close(true)
    end

    after :each do
      File.unlink @path if @path && File.socket?(@path)
    end

    it "UNIXServer.open by raising an exception when there is a NUL byte" do
      -> {
        UNIXServer.open(@path+"\0")
      }.should raise_error(ArgumentError, /(path name|string) contains null byte/)
    end

    it "UNIXSocket.open by raising an exception when there is a NUL byte" do
      -> {
        UNIXSocket.open(@path+"\0")
      }.should raise_error(ArgumentError, /(path name|string) contains null byte/)
    end
  end
end