Add tests for JSON vulnerability

test/apps/rails3/Gemfile.lock

@@ -33,6 +33,7 @@ GEM
     erubis (2.6.6)
       abstract (>= 1.0.0)
     i18n (0.6.0)
+    json_pure (1.6.4)
     mail (2.2.19)
       activesupport (>= 2.3.6)
       i18n (>= 0.4.0)

test/apps/rails3/app/controllers/home_controller.rb

@@ -133,6 +133,10 @@ class HomeController < ApplicationController
     YAML.parse_stream User.find(1).upload
   end
 
+  def parse_json
+    JSON.parse params[:input]
+  end
+
   private
 
   def filter_it

test/apps/rails_with_xss_plugin/Gemfile

 source 'http://rubygems.org'
 
 gem 'rails', '2.3.14'
+gem 'json', '1.1.0'
 gem 'sqlite3'

test/tests/test_rails3.rb

@@ -15,7 +15,7 @@ class Rails3Tests < Test::Unit::TestCase
       :controller => 1,
       :model => 8,
       :template => 32,
-      :warning => 52
+      :warning => 53
     }
   end
 
@@ -854,6 +854,14 @@ class Rails3Tests < Test::Unit::TestCase
       :file => /Gemfile/
   end 
 
+  def test_denial_of_service_CVE_2013_0269
+    assert_warning :type => :warning,
+      :warning_type => "Denial of Service",
+      :message => /^json_pure\ gem\ version\ 1\.6\.4\ has\ a\ symbol/,
+      :confidence => 0,
+      :file => /Gemfile/
+  end
+
   def test_http_only_session_setting
     assert_warning :type => :warning,
       :warning_type => "Session Setting",

test/tests/test_rails31.rb

@@ -15,7 +15,7 @@ class Rails31Tests < Test::Unit::TestCase
       :model => 3,
       :template => 22,
       :controller => 1,
-      :warning => 59 }
+      :warning => 60 }
   end
 
   def test_without_protection
@@ -728,6 +728,14 @@ class Rails31Tests < Test::Unit::TestCase
       :file => /Gemfile/
   end
 
+  def test_denial_of_service_CVE_2013_0269
+    assert_warning :type => :warning,
+      :warning_type => "Denial of Service",
+      :message => /^json\ gem\ version\ 1\.5\.4\ has\ a\ symbol\ crea/,
+      :confidence => 1,
+      :file => /Gemfile/
+  end
+
   def test_to_json_with_overwritten_config
     assert_warning :type => :template,
       :warning_type => "Cross Site Scripting",

test/tests/test_rails32.rb

@@ -11,7 +11,7 @@ class Rails32Tests < Test::Unit::TestCase
       :controller => 0,
       :model => 0,
       :template => 6,
-      :warning => 5 }
+      :warning => 6 }
   end
 
   def report
@@ -46,6 +46,14 @@ class Rails32Tests < Test::Unit::TestCase
       :file => /Gemfile/
   end
 
+  def test_remote_code_execution_CVE_2013_0269
+    assert_warning :type => :warning,
+      :warning_type => "Remote Code Execution",
+      :message => /^json\ gem\ version\ 1\.7\.5\ has\ a\ remote\ code/,
+      :confidence => 0,
+      :file => /Gemfile/
+  end
+
   def test_redirect_1
     assert_warning :type => :warning,
       :warning_type => "Redirect",

test/tests/test_rails_with_xss_plugin.rb

@@ -11,7 +11,7 @@ class RailsWithXssPluginTests < Test::Unit::TestCase
       :controller => 1,
       :model => 3,
       :template => 2,
-      :warning => 18 }
+      :warning => 19 }
   end
 
   def report
@@ -307,6 +307,14 @@ class RailsWithXssPluginTests < Test::Unit::TestCase
       :confidence => 0
   end
 
+  def test_denial_of_service_CVE_2013_0269
+    assert_warning :type => :warning,
+      :warning_type => "Denial of Service",
+      :message => /^json\ gem\ version\ 1\.1\.0\ has\ a\ symbol\ crea/,
+      :confidence => 2,
+      :file => /Gemfile/
+  end
+
   def test_json_parsing_workaround_CVE_2013_0333
     assert_no_warning :type => :warning,
       :warning_type => "Remote Code Execution",