mirror of
https://github.com/ruby/ruby.git
synced 2022-11-09 12:17:21 -05:00
ffd0820ab3
This removes the related tests, and puts the related specs behind version guards. This affects all code in lib, including some libraries that may want to support older versions of Ruby.
25 lines
545 B
Ruby
25 lines
545 B
Ruby
require_relative '../spec_helper'
|
|
|
|
describe "Array#pack" do
|
|
|
|
ruby_version_is ''...'2.7' do
|
|
it "resists CVE-2018-16396 by tainting output based on input" do
|
|
"aAZBbHhuMmPp".each_char do |f|
|
|
["123456".taint].pack(f).tainted?.should be_true
|
|
end
|
|
end
|
|
end
|
|
|
|
end
|
|
|
|
describe "String#unpack" do
|
|
|
|
ruby_version_is ''...'2.7' do
|
|
it "resists CVE-2018-16396 by tainting output based on input" do
|
|
"aAZBbHhuMm".each_char do |f|
|
|
"123456".taint.unpack(f).first.tainted?.should be_true
|
|
end
|
|
end
|
|
end
|
|
|
|
end
|