1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
ruby--ruby/spec/ruby/security/cve_2019_8322_spec.rb
2021-07-29 22:11:21 +02:00

21 lines
631 B
Ruby

require_relative '../spec_helper'
require 'yaml'
require 'rubygems'
require 'rubygems/safe_yaml'
require 'rubygems/commands/owner_command'
describe "CVE-2019-8322 is resisted by" do
it "sanitising owner names" do
command = Gem::Commands::OwnerCommand.new
def command.rubygems_api_request(*args)
Struct.new(:body).new("---\n- email: \"\e]2;nyan\a\"\n handle: handle\n id: id\n")
end
def command.with_response(response)
yield response
end
command.should_receive(:say).with("Owners for gem: name")
command.should_receive(:say).with("- .]2;nyan.")
command.show_owners "name"
end
end