Project

General

Profile

Bug #5374 ยป test.rb

tests for File.stat with (un)tainted arg - 375gnu (Hleb Valoshka), 09/28/2011 04:02 AM

 
1
#!/usr/bin/ruby
2

    
3
puts "$SAFE = #{$SAFE}", "ARGV[0] = #{ARGV[0]}", ""
4

    
5
class MyFile
6
  def load(arg)
7
    puts "filename: #{arg}"
8
    puts "Old load, arg.tainted? == #{arg.tainted?}"
9
    begin
10
      File.stat(arg)
11
    rescue Exception => e
12
      puts "exception: #{e}, filename: #{arg}"
13
    end
14
  end
15
end
16

    
17

    
18
class MyFile
19
  alias :oldload :load
20
  def load(arg)
21
    puts "New load, arg.tainted? == #{arg.tainted?}"
22
    arg = arg.dup.untaint if arg.kind_of? String
23
    puts "          arg.tainted? == #{arg.tainted?}"
24
    oldload(arg)
25
    puts
26
  end
27
end
28

    
29
mf = MyFile.new
30

    
31
Dir.glob('test*.txt').sort.each do |fname|
32
  if ARGV[0] == 't' or ARGV[0] == 'b' # `Tainted' or `Both'
33
    puts "fname w/o untaint "
34
    mf.load fname
35
  end
36
  if ARGV[0] == 'u' or ARGV[0] == 'b' # `Untainted' or `Both'
37
    puts "fname with untaint "
38
    mf.load fname.untaint
39
  end
40
end