1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
ruby--ruby/spec/rubyspec/security/cve_2014_8080_spec.rb
svn 6bc742bc6d * remove trailing spaces, append newline at EOF.
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@58596 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2017-05-07 12:05:36 +00:00

32 lines
1.2 KiB
Ruby

require File.expand_path('../../spec_helper', __FILE__)
require 'rexml/document'
describe "REXML::Document.new" do
it "resists CVE-2014-8080 by raising an exception when entity expansion has grown too large" do
xml = <<XML
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE x [
<!ENTITY % x0 "xxxxxxxxxx">
<!ENTITY % x1 "%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;">
<!ENTITY % x2 "%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;">
<!ENTITY % x3 "%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;">
<!ENTITY % x4 "%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;">
<!ENTITY % x5 "%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;">
<!ENTITY % x6 "%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;">
<!ENTITY % x7 "%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;">
<!ENTITY % x8 "%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;">
<!ENTITY % x9 "%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;">
]>
<x>
%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;
</x>
XML
lambda { REXML::Document.new(xml).doctype.entities['x9'].value }.should raise_error(REXML::ParseException) { |e|
e.message.should =~ /entity expansion has grown too large/
}
end
end