diff options
Diffstat (limited to 'spec/lib/gitlab/gfm/uploads_rewriter_spec.rb')
-rw-r--r-- | spec/lib/gitlab/gfm/uploads_rewriter_spec.rb | 18 |
1 files changed, 8 insertions, 10 deletions
diff --git a/spec/lib/gitlab/gfm/uploads_rewriter_spec.rb b/spec/lib/gitlab/gfm/uploads_rewriter_spec.rb index 0bf46217d60..7279399d1b8 100644 --- a/spec/lib/gitlab/gfm/uploads_rewriter_spec.rb +++ b/spec/lib/gitlab/gfm/uploads_rewriter_spec.rb @@ -54,6 +54,14 @@ describe Gitlab::Gfm::UploadsRewriter do expect(new_paths).not_to include image_uploader.secret expect(new_paths).not_to include zip_uploader.secret end + + it 'skips nil files do' do + allow_next_instance_of(UploaderFinder) do |finder| + allow(finder).to receive(:execute).and_return(nil) + end + + expect(new_files).to be_empty + end end end @@ -68,16 +76,6 @@ describe Gitlab::Gfm::UploadsRewriter do expect(moved_text.scan(/\A\[.*?\]/).count).to eq(1) end - context 'path traversal in file name' do - let(:text) do - "![a](/uploads/11111111111111111111111111111111/../../../../../../../../../../../../../../etc/passwd)" - end - - it 'throw an error' do - expect { rewriter.rewrite(new_project) }.to raise_error(an_instance_of(StandardError).and(having_attributes(message: "Invalid path"))) - end - end - context "file are stored locally" do include_examples "files are accessible" end |