Commit Graph

13 Commits

Author SHA1 Message Date
Tietew 92b8cda4c9
secure_compare: Check byte size instead of length
Match fixed_length_secure_compare's guard clause.

References #39142.
2021-04-02 12:45:29 -04:00
Michael Grosser 203998c916
allow running each test with pure ruby path/to/test.rb
also:
 - makes test dependencies obvious
 - makes tests runnable from within subfolders
2019-12-18 08:49:19 -06:00
Daniel Colson a1ac18671a Replace `assert !` with `assert_not`
This autocorrects the violations after adding a custom cop in
3305c78dcd.
2018-04-19 08:11:33 -04:00
Rafael Mendonça França fb30d12670
Renove duplicated and wrong test 2017-11-25 15:24:58 -05:00
Rafael Mendonça França 0623b5d194
Merge pull request #24510 from vipulnsward/make-variable_size_secure_compare-public
Make variable_size_secure_compare public
2017-11-25 11:39:37 -05:00
Koichi ITO ac717d65a3 [Active Support] `rubocop -a --only Layout/EmptyLineAfterMagicComment` 2017-07-11 13:12:32 +09:00
Kir Shatrov 72950568dd Use frozen-string-literal in ActiveSupport 2017-07-09 15:08:29 +03:00
Matthew Draper 87b3e226d6 Revert "Merge pull request #29540 from kirs/rubocop-frozen-string"
This reverts commit 3420a14590, reversing
changes made to afb66a5a59.
2017-07-02 02:15:17 +09:30
Kir Shatrov cfade1ec7e Enforce frozen string in Rubocop 2017-07-01 02:11:03 +03:00
Vipul A M fa487763d9
Changed default behaviour of `ActiveSupport::SecurityUtils.secure_compare`,
to make it not leak length information even for variable length string.

    Renamed old `ActiveSupport::SecurityUtils.secure_compare` to `fixed_length_secure_compare`,
    and started raising `ArgumentError` in case of length mismatch of passed strings.
2017-06-07 03:45:10 +05:30
kenta-s 02bb4c55fd Add test for `variable_size_secure_compare` 2017-01-31 20:41:14 +09:00
Xavier Noria a731125f12 applies new string literal convention in activesupport/test
The current code base is not uniform. After some discussion,
we have chosen to go with double quotes by default.
2016-08-06 18:10:53 +02:00
Guillermo Iguaran c8c660002f Add AS::SecurityUtils.secure_compare for constant time string comparison 2014-10-23 14:54:06 -03:00