File: secure_code_test.rb

package info (click to toggle)

gem2deb 0.43

links: PTS, VCS
area: main
in suites: buster
size: 1,004 kB
sloc: ruby: 5,070; perl: 81; ansic: 66; makefile: 35; sh: 33

file content (12 lines) | stat: -rw-r--r-- 366 bytes

parent folder | download | duplicates (7)

require_relative '../test_helper'

class SecureCodeTest < Gem2DebTestCase

  should 'not interpolate variables into shell commands' do
    insecure_code = `grep -rl '\\(system\\|run\\)[( ][^,]*\#{' lib/ bin/`.split
    unless insecure_code.empty?
      fail "files containing insecure code: \n\t" + insecure_code.join("\n\t")
    end
  end unless ENV['ADTTMP']

end