1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
# frozen_string_literal: false
require_relative 'helper'
module Psych
class TestStringTainted < TestCase
class Tainted < Handler
attr_reader :tc
def initialize tc
@tc = tc
end
def start_document version, tags, implicit
tags.flatten.each do |tag|
assert_taintedness tag
end
end
def alias name
assert_taintedness name
end
def scalar value, anchor, tag, plain, quoted, style
assert_taintedness value
assert_taintedness tag if tag
assert_taintedness anchor if anchor
end
def start_sequence anchor, tag, implicit, style
assert_taintedness tag if tag
assert_taintedness anchor if anchor
end
def start_mapping anchor, tag, implicit, style
assert_taintedness tag if tag
assert_taintedness anchor if anchor
end
def assert_taintedness thing, message = "'#{thing}' should be tainted"
tc.assert thing.tainted?, message
end
end
class Untainted < Tainted
def assert_taintedness thing, message = "'#{thing}' should not be tainted"
tc.assert !thing.tainted?, message
end
end
def setup
handler = Tainted.new self
@parser = Psych::Parser.new handler
end
def test_tags_are_tainted
assert_taintedness "%TAG !yaml! tag:yaml.org,2002:\n---\n!yaml!str \"foo\""
end
def test_alias
assert_taintedness "--- &ponies\n- foo\n- *ponies"
end
def test_scalar
assert_taintedness "--- ponies"
end
def test_anchor
assert_taintedness "--- &hi ponies"
end
def test_scalar_tag
assert_taintedness "--- !str ponies"
end
def test_seq_start_tag
assert_taintedness "--- !!seq [ a ]"
end
def test_seq_start_anchor
assert_taintedness "--- &zomg [ a ]"
end
def test_seq_mapping_tag
assert_taintedness "--- !!map { a: b }"
end
def test_seq_mapping_anchor
assert_taintedness "--- &himom { a: b }"
end
def assert_taintedness string
@parser.parse string.taint
end
end
class TestStringUntainted < TestStringTainted
def setup
handler = Untainted.new self
@parser = Psych::Parser.new handler
end
def assert_taintedness string
@parser.parse string
end
end
class TestStringIOUntainted < TestStringTainted
def setup
handler = Untainted.new self
@parser = Psych::Parser.new handler
end
def assert_taintedness string
@parser.parse StringIO.new(string)
end
end
class TestIOTainted < TestStringTainted
def assert_taintedness string
Tempfile.create(['something', 'yml']) {|t|
t.binmode
t.write string
t.close
File.open(t.path, 'r:bom|utf-8') { |f|
@parser.parse f
}
}
end
end
end
|