summaryrefslogtreecommitdiff
path: root/test/psych/test_tainted.rb
blob: 870583323dd886b1b602ac3c557ee6610e152a4f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
# frozen_string_literal: false
require_relative 'helper'

module Psych
  class TestStringTainted < TestCase
    class Tainted < Handler
      attr_reader :tc

      def initialize tc
        @tc = tc
      end

      def start_document version, tags, implicit
        tags.flatten.each do |tag|
          assert_taintedness tag
        end
      end

      def alias name
        assert_taintedness name
      end

      def scalar value, anchor, tag, plain, quoted, style
        assert_taintedness value
        assert_taintedness tag if tag
        assert_taintedness anchor if anchor
      end

      def start_sequence anchor, tag, implicit, style
        assert_taintedness tag if tag
        assert_taintedness anchor if anchor
      end

      def start_mapping anchor, tag, implicit, style
        assert_taintedness tag if tag
        assert_taintedness anchor if anchor
      end

      def assert_taintedness thing, message = "'#{thing}' should be tainted"
        tc.assert thing.tainted?, message
      end
    end

    class Untainted < Tainted
      def assert_taintedness thing, message = "'#{thing}' should not be tainted"
        tc.assert !thing.tainted?, message
      end
    end


    def setup
      handler = Tainted.new self
      @parser = Psych::Parser.new handler
    end

    def test_tags_are_tainted
      assert_taintedness "%TAG !yaml! tag:yaml.org,2002:\n---\n!yaml!str \"foo\""
    end

    def test_alias
      assert_taintedness  "--- &ponies\n- foo\n- *ponies"
    end

    def test_scalar
      assert_taintedness "--- ponies"
    end

    def test_anchor
      assert_taintedness "--- &hi ponies"
    end

    def test_scalar_tag
      assert_taintedness "--- !str ponies"
    end

    def test_seq_start_tag
      assert_taintedness "--- !!seq [ a ]"
    end

    def test_seq_start_anchor
      assert_taintedness "--- &zomg [ a ]"
    end

    def test_seq_mapping_tag
      assert_taintedness "--- !!map { a: b }"
    end

    def test_seq_mapping_anchor
      assert_taintedness "--- &himom { a: b }"
    end

    def assert_taintedness string
      @parser.parse string.taint
    end
  end

  class TestStringUntainted < TestStringTainted
    def setup
      handler = Untainted.new self
      @parser = Psych::Parser.new handler
    end

    def assert_taintedness string
      @parser.parse string
    end
  end

  class TestStringIOUntainted < TestStringTainted
    def setup
      handler = Untainted.new self
      @parser = Psych::Parser.new handler
    end

    def assert_taintedness string
      @parser.parse StringIO.new(string)
    end
  end

  class TestIOTainted < TestStringTainted
    def assert_taintedness string
      Tempfile.create(['something', 'yml']) {|t|
        t.binmode
        t.write string
        t.close
        File.open(t.path, 'r:bom|utf-8') { |f|
          @parser.parse f
        }
      }
    end
  end
end