1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
ruby--ruby/spec/ruby/security/cve_2014_8080_spec.rb

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

35 lines
1.2 KiB
Ruby
Raw Normal View History

require_relative '../spec_helper'
2020-09-15 15:54:31 -04:00
ruby_version_is ''...'3.0' do
2020-01-11 19:15:46 -05:00
require 'rexml/document'
2020-01-11 19:15:46 -05:00
describe "REXML::Document.new" do
it "resists CVE-2014-8080 by raising an exception when entity expansion has grown too large" do
xml = <<XML
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE x [
<!ENTITY % x0 "xxxxxxxxxx">
<!ENTITY % x1 "%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;">
<!ENTITY % x2 "%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;">
<!ENTITY % x3 "%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;">
<!ENTITY % x4 "%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;">
<!ENTITY % x5 "%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;">
<!ENTITY % x6 "%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;">
<!ENTITY % x7 "%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;">
<!ENTITY % x8 "%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;">
<!ENTITY % x9 "%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;">
]>
<x>
%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;
</x>
XML
2020-01-11 19:15:46 -05:00
-> {
REXML::Document.new(xml).doctype.entities['x9'].value
}.should raise_error(REXML::ParseException, /entity expansion has grown too large/)
end
2020-01-11 19:15:46 -05:00
end
end