ruby--ruby/spec/ruby/security/cve_2019_8325_spec.rb

require_relative '../spec_helper'

require 'rubygems'
require 'rubygems/command_manager'

describe "CVE-2019-8325 is resisted by" do
  describe "sanitising error message components" do
    silent_ui = Module.new do
      attr_accessor :ui
      def self.extended(obj)
        obj.ui = Gem::SilentUI.new
      end
    end

    it "for the 'while executing' message" do
      manager = Gem::CommandManager.new
      manager.extend(silent_ui)
      def manager.process_args(args, build_args)
        raise StandardError, "\e]2;nyan\a"
      end
      def manager.terminate_interaction(n)
      end
      manager.should_receive(:alert_error).with("While executing gem ... (StandardError)\n    .]2;nyan.")
      manager.run nil, nil
    end

    it "for the 'invalid option' message" do
      manager = Gem::CommandManager.new
      def manager.terminate_interaction(n)
      end
      manager.should_receive(:alert_error).with("Invalid option: --.]2;nyan.. See 'gem --help'.")
      manager.process_args ["--\e]2;nyan\a"], nil
    end

    it "for the 'loading command' message" do
      manager = Gem::CommandManager.new
      manager.extend(silent_ui)
      def manager.require(x)
        raise 'foo'
      end
      manager.should_receive(:alert_error).with("Loading command: .]2;nyan. (RuntimeError)\n\tfoo")
      manager.send :load_and_instantiate, "\e]2;nyan\a"
    end
  end
end
Update to ruby/spec@e81b3cd git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67361 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-03-28 14:22:29 +00:00			`require_relative '../spec_helper'`

Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`require 'rubygems'`
			`require 'rubygems/command_manager'`
Update to ruby/spec@d6921ef 2021-10-20 21:41:46 +02:00
Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`describe "CVE-2019-8325 is resisted by" do`
			`describe "sanitising error message components" do`
Silent backtrace from cve_2019_8325_spec.rb Since the change at f310ac1cb2964f635f582862763b2155aacf2c12 to show the backtraces by default, this test started to show the backtraces. As the backtraces are not the subject of this test, silence them by using Gem::SilentUI. 2022-08-07 17:57:52 +09:00			`silent_ui = Module.new do`
			`attr_accessor :ui`
			`def self.extended(obj)`
			`obj.ui = Gem::SilentUI.new`
			`end`
			`end`

Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`it "for the 'while executing' message" do`
			`manager = Gem::CommandManager.new`
Silent backtrace from cve_2019_8325_spec.rb Since the change at f310ac1cb2964f635f582862763b2155aacf2c12 to show the backtraces by default, this test started to show the backtraces. As the backtraces are not the subject of this test, silence them by using Gem::SilentUI. 2022-08-07 17:57:52 +09:00			`manager.extend(silent_ui)`
Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`def manager.process_args(args, build_args)`
			`raise StandardError, "\e]2;nyan\a"`
Update to ruby/spec@e81b3cd git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67361 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-03-28 14:22:29 +00:00			`end`
Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`def manager.terminate_interaction(n)`
			`end`
			`manager.should_receive(:alert_error).with("While executing gem ... (StandardError)\n .]2;nyan.")`
			`manager.run nil, nil`
			`end`
Update to ruby/spec@e81b3cd git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67361 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-03-28 14:22:29 +00:00
Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`it "for the 'invalid option' message" do`
			`manager = Gem::CommandManager.new`
			`def manager.terminate_interaction(n)`
Update to ruby/spec@e81b3cd git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67361 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-03-28 14:22:29 +00:00			`end`
Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`manager.should_receive(:alert_error).with("Invalid option: --.]2;nyan.. See 'gem --help'.")`
			`manager.process_args ["--\e]2;nyan\a"], nil`
			`end`
Update to ruby/spec@e81b3cd git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67361 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-03-28 14:22:29 +00:00
Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`it "for the 'loading command' message" do`
			`manager = Gem::CommandManager.new`
Silent backtrace from cve_2019_8325_spec.rb Since the change at f310ac1cb2964f635f582862763b2155aacf2c12 to show the backtraces by default, this test started to show the backtraces. As the backtraces are not the subject of this test, silence them by using Gem::SilentUI. 2022-08-07 17:57:52 +09:00			`manager.extend(silent_ui)`
Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`def manager.require(x)`
			`raise 'foo'`
Update to ruby/spec@e81b3cd git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67361 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-03-28 14:22:29 +00:00			`end`
Update to ruby/spec@3affe1e 2022-04-25 14:53:54 +02:00			`manager.should_receive(:alert_error).with("Loading command: .]2;nyan. (RuntimeError)\n\tfoo")`
			`manager.send :load_and_instantiate, "\e]2;nyan\a"`
Update to ruby/spec@e81b3cd git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@67361 b2dd03c8-39d4-4d8f-98ff-823fe69b080e 2019-03-28 14:22:29 +00:00			`end`
			`end`
			`end`