HEX
Server: Apache
System: Linux s198.coreserver.jp 5.15.0-151-generic #161-Ubuntu SMP Tue Jul 22 14:25:40 UTC 2025 x86_64
User: nagasaki (10062)
PHP: 7.1.33
Disabled: NONE
$ pwd: /usr/local/rvm/src/ruby-3.0.2/spec/ruby/security/
Upload Files
File: //usr/local/rvm/src/ruby-3.0.2/spec/ruby/security/cve_2019_8322_spec.rb
require_relative '../spec_helper'

require 'yaml'
require 'rubygems'
require 'rubygems/safe_yaml'
require 'rubygems/commands/owner_command'

ruby_version_is "2.5.5" do
  describe "CVE-2019-8322 is resisted by" do
    it "sanitising owner names" do
      command = Gem::Commands::OwnerCommand.new
      def command.rubygems_api_request(*args)
        Struct.new(:body).new("---\n- email: \"\e]2;nyan\a\"\n  handle: handle\n  id: id\n")
      end
      def command.with_response(response)
        yield response
      end
      command.should_receive(:say).with("Owners for gem: name")
      command.should_receive(:say).with("- .]2;nyan.")
      command.show_owners "name"
    end
  end
end
@ Telegram