File: cve_2019_8322_spec.rb

package info (click to toggle)
ruby3.3 3.3.8-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 153,620 kB
  • sloc: ruby: 1,244,308; ansic: 836,474; yacc: 28,074; pascal: 6,748; sh: 3,913; python: 1,719; cpp: 1,158; makefile: 742; asm: 712; javascript: 394; lisp: 97; perl: 62; awk: 36; sed: 23; xml: 4
file content (21 lines) | stat: -rw-r--r-- 631 bytes parent folder | download | duplicates (7) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
 
require_relative '../spec_helper'

require 'yaml'
require 'rubygems'
require 'rubygems/safe_yaml'
require 'rubygems/commands/owner_command'

describe "CVE-2019-8322 is resisted by" do
  it "sanitising owner names" do
    command = Gem::Commands::OwnerCommand.new
    def command.rubygems_api_request(*args)
      Struct.new(:body).new("---\n- email: \"\e]2;nyan\a\"\n  handle: handle\n  id: id\n")
    end
    def command.with_response(response)
      yield response
    end
    command.should_receive(:say).with("Owners for gem: name")
    command.should_receive(:say).with("- .]2;nyan.")
    command.show_owners "name"
  end
end