1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
ruby--ruby/spec/ruby/security/cve_2018_16396_spec.rb
eregon 3e6337b88b Update to ruby/spec@8b743a3
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@65388 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2018-10-27 10:48:40 +00:00

21 lines
449 B
Ruby

require_relative '../spec_helper'
describe "Array#pack" do
it "resists CVE-2018-16396 by tainting output based on input" do
"aAZBbHhuMmPp".each_char do |f|
["123456".taint].pack(f).tainted?.should be_true
end
end
end
describe "String#unpack" do
it "resists CVE-2018-16396 by tainting output based on input" do
"aAZBbHhuMm".each_char do |f|
"123456".taint.unpack(f).first.tainted?.should be_true
end
end
end