HEX
Server: Apache
System: Linux s198.coreserver.jp 5.15.0-151-generic #161-Ubuntu SMP Tue Jul 22 14:25:40 UTC 2025 x86_64
User: nagasaki (10062)
PHP: 7.1.33
Disabled: NONE
$ pwd: /usr/local/rvm/src/ruby-3.0.2/spec/ruby/security/
Upload Files
File: //usr/local/rvm/src/ruby-3.0.2/spec/ruby/security/cve_2018_16396_spec.rb
require_relative '../spec_helper'

describe "Array#pack" do

  ruby_version_is ''...'2.7' do
    it "resists CVE-2018-16396 by tainting output based on input" do
      "aAZBbHhuMmPp".each_char do |f|
        ["123456".taint].pack(f).tainted?.should be_true
      end
    end
  end

end

describe "String#unpack" do

  ruby_version_is ''...'2.7' do
    it "resists CVE-2018-16396 by tainting output based on input" do
      "aAZBbHhuMm".each_char do |f|
        "123456".taint.unpack(f).first.tainted?.should be_true
      end
    end
  end

end
@ Telegram