diff options
| author | Dylan Thacker-Smith <Dylan.Smith@shopify.com> | 2017-02-24 17:26:54 -0500 |
|---|---|---|
| committer | Dylan Thacker-Smith <Dylan.Smith@shopify.com> | 2017-02-24 17:33:36 -0500 |
| commit | 29c02709cd68a122c5db4f58ec0e901fe3d507cc (patch) | |
| tree | e989ba88823b4011a35ff11687c05eecd18b638d /activesupport/test/gzip_test.rb | |
| parent | 87b2b6c5124732ff709b8e1900a99ba0a08f6982 (diff) | |
| download | rails-29c02709cd68a122c5db4f58ec0e901fe3d507cc.tar.gz rails-29c02709cd68a122c5db4f58ec0e901fe3d507cc.tar.bz2 rails-29c02709cd68a122c5db4f58ec0e901fe3d507cc.zip | |
Add missing gzip footer check in ActiveSupport::Gzip.decompress
A gzip file has a checksum and length for the decompressed data in its
footer which isn't checked by just calling Zlib::GzipReader#read.
Calling Zlib::GzipReader#close must be called after reading to the end
of the file causes this check to be done, which is done by
Zlib::GzipReader.wrap after its block is called.
Diffstat (limited to 'activesupport/test/gzip_test.rb')
| -rw-r--r-- | activesupport/test/gzip_test.rb | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/activesupport/test/gzip_test.rb b/activesupport/test/gzip_test.rb index f51d3cdf65..33e0cd2a04 100644 --- a/activesupport/test/gzip_test.rb +++ b/activesupport/test/gzip_test.rb @@ -30,4 +30,14 @@ class GzipTest < ActiveSupport::TestCase assert_equal true, (gzipped_by_best_compression.bytesize < gzipped_by_speed.bytesize) end + + def test_decompress_checks_crc + compressed = ActiveSupport::Gzip.compress("Hello World") + first_crc_byte_index = compressed.bytesize - 8 + compressed.setbyte(first_crc_byte_index, compressed.getbyte(first_crc_byte_index) ^ 0xff) + + assert_raises(Zlib::GzipFile::CRCError) do + ActiveSupport::Gzip.decompress(compressed) + end + end end |