summaryrefslogtreecommitdiff
path: root/spec/ruby/security/cve_2018_8780_spec.rb
blob: 44be29bf223a1246df677e5d39309fb43fd78442 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
require_relative '../spec_helper'

guard -> {
  ruby_version_is "2.3.7"..."2.4" or
  ruby_version_is "2.4.4"..."2.5" or
  ruby_version_is "2.5.1"
} do
  describe "CVE-2018-8780 is resisted by" do
    before :all do
      @root = File.realpath(tmp(""))
    end

    it "Dir.glob by raising an exception when there is a NUL byte" do
      lambda {
        Dir.glob([[@root, File.join(@root, "*")].join("\0")])
      }.should raise_error(ArgumentError, /(path name|string) contains null byte/)
    end

    it "Dir.entries by raising an exception when there is a NUL byte" do
      lambda {
        Dir.entries(@root+"\0")
      }.should raise_error(ArgumentError, /(path name|string) contains null byte/)
    end

    it "Dir.foreach by raising an exception when there is a NUL byte" do
      lambda {
        Dir.foreach(@root+"\0").to_a
      }.should raise_error(ArgumentError, /(path name|string) contains null byte/)
    end

    ruby_version_is "2.5" do
      it "Dir.children by raising an exception when there is a NUL byte" do
        lambda {
          Dir.children(@root+"\0")
        }.should raise_error(ArgumentError, /(path name|string) contains null byte/)
      end

      it "Dir.each_child by raising an exception when there is a NUL byte" do
        lambda {
          Dir.each_child(@root+"\0").to_a
        }.should raise_error(ArgumentError, /(path name|string) contains null byte/)
      end
    end

    ruby_version_is "2.4" do
      it "Dir.empty? by raising an exception when there is a NUL byte" do
        lambda {
          Dir.empty?(@root+"\0")
        }.should raise_error(ArgumentError, /(path name|string) contains null byte/)
      end
    end
  end
end