1
0
Fork 0
mirror of https://github.com/ruby/ruby.git synced 2022-11-09 12:17:21 -05:00
ruby--ruby/spec/ruby/security/cve_2014_8080_spec.rb
eregon 4fbb9aa3cb Update to ruby/spec@6f38a82
git-svn-id: svn+ssh://ci.ruby-lang.org/ruby/trunk@63293 b2dd03c8-39d4-4d8f-98ff-823fe69b080e
2018-04-28 19:50:06 +00:00

32 lines
1.1 KiB
Ruby

require_relative '../spec_helper'
require 'rexml/document'
describe "REXML::Document.new" do
it "resists CVE-2014-8080 by raising an exception when entity expansion has grown too large" do
xml = <<XML
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE x [
<!ENTITY % x0 "xxxxxxxxxx">
<!ENTITY % x1 "%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;%x0;">
<!ENTITY % x2 "%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;%x1;">
<!ENTITY % x3 "%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;%x2;">
<!ENTITY % x4 "%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;%x3;">
<!ENTITY % x5 "%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;%x4;">
<!ENTITY % x6 "%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;%x5;">
<!ENTITY % x7 "%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;%x6;">
<!ENTITY % x8 "%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;%x7;">
<!ENTITY % x9 "%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;%x8;">
]>
<x>
%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;%x9;
</x>
XML
lambda {
REXML::Document.new(xml).doctype.entities['x9'].value
}.should raise_error(REXML::ParseException, /entity expansion has grown too large/)
end
end