File: cve_2019_8323_spec.rb

package info (click to toggle)
ruby3.1 3.1.2-7%2Bdeb12u1
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 132,892 kB
  • sloc: ruby: 1,154,753; ansic: 736,782; yacc: 46,445; pascal: 10,401; sh: 3,931; cpp: 1,158; python: 838; makefile: 787; asm: 462; javascript: 382; lisp: 97; sed: 94; perl: 62; awk: 36; xml: 4
file content (38 lines) | stat: -rw-r--r-- 1,009 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
 
require_relative '../spec_helper'

platform_is_not :darwin do # frequent timeout/hang on macOS
  require 'optparse'

  require 'rubygems'
  require 'rubygems/gemcutter_utilities'

  describe "CVE-2019-8323 is resisted by" do
    describe "sanitising the body" do
      it "for success codes" do
        cutter = Class.new {
          include Gem::GemcutterUtilities
        }.new
        response = Net::HTTPSuccess.new(nil, nil, nil)
        def response.body
          "\e]2;nyan\a"
        end
        cutter.should_receive(:say).with(".]2;nyan.")
        cutter.with_response response
      end

      it "for error codes" do
        cutter = Class.new {
          include Gem::GemcutterUtilities
        }.new
        def cutter.terminate_interaction(n)
        end
        response = Net::HTTPNotFound.new(nil, nil, nil)
        def response.body
          "\e]2;nyan\a"
        end
        cutter.should_receive(:say).with(".]2;nyan.")
        cutter.with_response response
      end
    end
  end
end