1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00

Merge RubyGems 2.7.6 from upstream.

It fixed some security vulnerabilities.

  http://blog.rubygems.org/2018/02/15/2.7.6-released.html

git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@62422 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
This commit is contained in:
hsbt 2018-02-16 08:08:06 +00:00
parent 7a453b1576
commit 7619cb3d7d
15 changed files with 389 additions and 27 deletions

View file

@ -143,5 +143,25 @@ group\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000
assert_equal '012467', @tar_header.checksum
end
def test_from_bad_octal
test_cases = [
"00000006,44\000", # bogus character
"00000006789\000", # non-octal digit
"+0000001234\000", # positive sign
"-0000001000\000", # negative sign
"0x000123abc\000", # radix prefix
]
test_cases.each do |val|
header_s = @tar_header.to_s
# overwrite the size field
header_s[124, 12] = val
io = TempIO.new header_s
assert_raises ArgumentError do
new_header = Gem::Package::TarHeader.from io
end
end
end
end