diff options
| author | Clayton Smith <[email protected]> | 2016-11-16 10:10:14 -0500 |
|---|---|---|
| committer | Bouke van der Bijl <[email protected]> | 2016-11-24 10:28:21 -0500 |
| commit | 76a1bdfa29469576112a41b78a132b785616a3f9 (patch) | |
| tree | fdf9640beb809b32c6517f7a034e281e0bea1f93 /test/t/string.rb | |
| parent | a630c4f413f6af764e68210430e8b61a435d38d7 (diff) | |
| download | mruby-76a1bdfa29469576112a41b78a132b785616a3f9.tar.gz mruby-76a1bdfa29469576112a41b78a132b785616a3f9.zip | |
Get String length after args in String#chomp!
Fixes RCE issue
Reported by @bouk
Diffstat (limited to 'test/t/string.rb')
| -rw-r--r-- | test/t/string.rb | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/test/t/string.rb b/test/t/string.rb index e67389b5c..80fcbe6fa 100644 --- a/test/t/string.rb +++ b/test/t/string.rb @@ -251,6 +251,19 @@ assert('String#chomp!', '15.2.10.5.10') do assert_equal 'abc', e end +assert('String#chomp! uses the correct length') do + class A + def to_str + $s.replace("AA") + "A" + end + end + + $s = "AAA" + $s.chomp!(A.new) + assert_equal $s, "A" +end + assert('String#chop', '15.2.10.5.11') do a = ''.chop b = 'abc'.chop @@ -683,4 +696,3 @@ assert('String#freeze') do assert_raise(RuntimeError) { str.upcase! } end - |