kotovalexarian-likes-github/ruby--ruby
1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
Code Releases Activity

test/ruby/test_symbol.rb: new test for nondeterminism

Browse source 
We need to ensure hashes for static symbols remain
non-deterministic to avoid DoS attacks.   This is currently the
case since 2.4+, but was not for the 2.3 series.

* test/ruby/test_symbol.rb (test_hash_nondeterministic): new test
  [ruby-core:80430] [Bug #13376]

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58200 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
normal 2017-03-28 17:14:49 +00:00
parent f19fac1dd2
commit 149d43d4ad
1 changed files with 10 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

10
test/ruby/test_symbol.rb
View file

@ -500,4 +500,14 @@ class TestSymbol < Test::Unit::TestCase
assert_equal str, str.to_sym.to_s
assert_not_predicate(str, :frozen?, bug11721)
end
def test_hash_nondeterministic
ruby = EnvUtil.rubybin
refute_equal `#{ruby} -e 'puts :foo.hash'`, `#{ruby} -e 'puts :foo.hash'`,
'[ruby-core:80430] [Bug #13376]'
sym = "dynsym_#{Random.rand(10000)}_#{Time.now}"
refute_equal `#{ruby} -e 'puts #{sym.inspect}.to_sym.hash'`,
`#{ruby} -e 'puts #{sym.inspect}.to_sym.hash'`
end
end