File: secure_code_test.rb

package info (click to toggle)
gem2deb 2.2.6
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,228 kB
  • sloc: ruby: 5,562; sh: 140; perl: 46; ansic: 33; makefile: 31
file content (12 lines) | stat: -rw-r--r-- 366 bytes parent folder | download | duplicates (7) 
1
2
3
4
5
6
7
8
9
10
11
12
 
require_relative '../test_helper'

class SecureCodeTest < Gem2DebTestCase

  should 'not interpolate variables into shell commands' do
    insecure_code = `grep -rl '\\(system\\|run\\)[( ][^,]*\#{' lib/ bin/`.split
    unless insecure_code.empty?
      fail "files containing insecure code: \n\t" + insecure_code.join("\n\t")
    end
  end unless ENV['ADTTMP']

end