RubygemsResearch

Sha256: f45a09cee5559e683abc15bc53ccdf01ea34df41d9d13e3753e87a022409da24

Contents?: true

Size: 1.23 KB

Versions: 12

Compression:

Stored size: 1.23 KB

require 'spec_helper'

class Mockup
  include Dawn::Kb::RubyVersionCheck

  def initialize
    message = "This is a mock"
    super(
      :kind=>Dawn::KnowledgeBase::RUBY_VERSION_CHECK, 
      :applies=>['sinatra', 'padrino', 'rails'],
      :message=> message
    )
    # self.debug = true

    self.safe_rubies = [{:version=>"1.9.3", :patchlevel=>"p392"}, {:version=>"2.0.0", :patchlevel=>"p0"}]
  end
end

describe "The security check for Ruby interpreter version" do
  let (:check) {Mockup.new}

  it "fires if ruby version is vulnerable" do
    check.detected_ruby = {:version=>"1.9.2", :patchlevel=>"p10000"}
    expect(check.vuln?).to    eq(true)
  end
  it "doesn't fire if ruby version is not vulnerable and patchlevel is not vulnerable" do
    check.detected_ruby = {:version=>"1.9.4", :patchlevel=>"p10000"}
    expect(check.vuln?).to    eq(false)
  end

  it "doesn't fire if ruby version is vulnerable and patchlevel is not vulnerable" do
    check.detected_ruby = {:version=>"1.9.3", :patchlevel=>"p10000"}
    expect(check.vuln?).to    eq(false)
  end

  it "fires if ruby version is vulnerable and patchlevel is vulnerable" do
    check.detected_ruby = {:version=>"1.9.3", :patchlevel=>"p391"}
    expect(check.vuln?).to    eq(true)
  end
end

Version data entries

12 entries across 12 versions & 1 rubygems

Version	Path
dawnscanner-2.0.0.rc4	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-2.0.0.rc3	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-2.0.0.rc2	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-2.0.0.rc1	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-1.6.9	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-1.6.8	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-1.6.7	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-1.6.6	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-1.6.5	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-1.6.4	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-1.6.3	spec/lib/kb/codesake_ruby_version_check_spec.rb
dawnscanner-1.6.2	spec/lib/kb/codesake_ruby_version_check_spec.rb