提交 3d833a24 编写于 作者: J Justin Collins

Add test for CVE-2012-3464 (single quotes)

上级 4454e68c
class ERB
module Util
if "html_safe exists".respond_to?(:html_safe)
def html_escape(s)
s = s.to_s
if s.html_safe?
s
else
Rack::Utils.escape_html(s).html_safe
end
end
else
def html_escape(s)
s = s.to_s
Rack::Utils.escape_html(s).html_safe
end
end
remove_method :h
alias h html_escape
class << self
remove_method :html_escape
remove_method :h
end
module_function :html_escape
module_function :h
end
end
......@@ -12,13 +12,13 @@ class Rails2Tests < Test::Unit::TestCase
:controller => 1,
:model => 2,
:template => 31,
:warning => 29 }
:warning => 30 }
else
@expected ||= {
:controller => 1,
:model => 2,
:template => 31,
:warning => 30 }
:warning => 31 }
end
end
......@@ -633,6 +633,14 @@ class Rails2Tests < Test::Unit::TestCase
:file => /test_xss_with_or\.html\.erb/
end
def test_cross_site_scripting_single_quotes_CVE_2012_3464
assert_warning :type => :warning,
:warning_type => "Cross Site Scripting",
:message => /^All\ Rails\ 2\.x\ versions\ do\ not\ escape\ sin/,
:confidence => 1,
:file => /environment\.rb/
end
def test_check_send
assert_warning :type => :warning,
:warning_type => "Dangerous Send",
......
......@@ -15,7 +15,7 @@ class Rails3Tests < Test::Unit::TestCase
:controller => 1,
:model => 5,
:template => 22,
:warning => 27
:warning => 28
}
end
......@@ -595,6 +595,14 @@ class Rails3Tests < Test::Unit::TestCase
:file => /test_params\.html\.erb/
end
def test_cross_site_scripting_single_quotes_CVE_2012_3464
assert_warning :type => :warning,
:warning_type => "Cross Site Scripting",
:message => /^Rails\ 3\.0\.5\ does\ not\ escape\ single\ quote/,
:confidence => 1,
:file => /Gemfile/
end
def test_CVE_2012_3424
assert_warning :type => :warning,
:warning_type => "Denial of Service",
......
......@@ -15,7 +15,7 @@ class Rails31Tests < Test::Unit::TestCase
:model => 0,
:template => 11,
:controller => 1,
:warning => 46 }
:warning => 47 }
end
def test_without_protection
......@@ -527,6 +527,14 @@ class Rails31Tests < Test::Unit::TestCase
:file => /\/g\.html\.erb/
end
def test_cross_site_scripting_single_quotes_CVE_2012_3464
assert_warning :type => :warning,
:warning_type => "Cross Site Scripting",
:message => /^Rails\ 3\.1\.0\ does\ not\ escape\ single\ quote/,
:confidence => 1,
:file => /Gemfile/
end
def test_file_access_indirect_user_input
assert_warning :type => :warning,
:warning_type => "File Access",
......
......@@ -173,6 +173,13 @@ class RailsWithXssPluginTests < Test::Unit::TestCase
:file => /show\.html\.erb/
end
def test_cross_site_scripting_single_quotes_CVE_2012_3464
assert_no_warning :type => :warning,
:warning_type => "Cross Site Scripting",
:message => /^All\ Rails\ 2\.x\ versions\ do\ not\ escape\ sin/,
:confidence => 1,
:file => /environment\.rb/
end
def test_dynamic_render_path_15
assert_no_warning :type => :template,
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册