Sha256: f23815ce9806c7d5e2dbd9852153b6efc645569e7313319f6671266b43595621

Contents?: true

Size: 504 Bytes

Versions: 53

Compression:

Stored size: 504 Bytes

Contents

require 'spec_helper'

describe "a configured imagemagick app" do
  
  before(:each) do
    @app = test_app.configure_with(:imagemagick)
  end
  
  describe "shell injection" do
    
    it "should not allow it!" do
      begin
        suppressing_stderr do
          @app.generate(:plain, 10, 10, 'white').convert("-resize 5x5 ; touch tmp/stuff").apply
        end
      rescue Dragonfly::FunctionManager::UnableToHandle
      end
      File.exist?('tmp/stuff').should be_false
    end
    
  end
  
end

Version data entries

53 entries across 53 versions & 2 rubygems

Version Path
classiccms-0.7.5 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.7.4 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.7.3 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.7.2 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.7.1 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.7.0 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
dragonfly-0.9.15 spec/functional/shell_commands_spec.rb
dragonfly-0.9.14 spec/functional/shell_commands_spec.rb
dragonfly-0.9.13 spec/functional/shell_commands_spec.rb
classiccms-0.6.9 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.6.8 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.6.7 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.6.6 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.6.5 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.6.4 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.6.3 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.6.2 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.6.1 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.6.0 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb
classiccms-0.5.17 vendor/bundle/gems/dragonfly-0.9.12/spec/functional/shell_commands_spec.rb