add check for yajl-ruby vulnerability

it looks like this code is not vulnerable Signed-off-by: Lamont Granquist <lamont@scriptkiddie.org>
author: Lamont Granquist <lamont@scriptkiddie.org> 2017-11-28 17:06:05 -0800
committer: Lamont Granquist <lamont@scriptkiddie.org> 2017-11-28 17:06:05 -0800
commit: b88702b926ad51e4250fddd537ce120b57228370 (patch)
tree: 13dff87089f7b6308691a82cd5a91a105909c366 /spec
parent: 4c6803267bf274287b6289f8ccb26beaff517904 (diff)
download: ffi-yajl-b88702b926ad51e4250fddd537ce120b57228370.tar.gz
1 files changed, 8 insertions, 1 deletions
diff --git a/spec/ffi_yajl/parser_spec.rb b/spec/ffi_yajl/parser_spec.rb
index be392c8..239ae26 100644
--- a/spec/ffi_yajl/parser_spec.rb
+++ b/spec/ffi_yajl/parser_spec.rb
@@ -1,6 +1,6 @@
 # encoding: UTF-8
 # Copyright (c) 2015 Lamont Granquist
-# Copyright (c) 2015 Chef Software, Inc.
+# Copyright (c) 2015-2017, Chef Software Inc.
 #
 # Permission is hereby granted, free of charge, to any person obtaining
 # a copy of this software and associated documentation files (the
@@ -505,6 +505,13 @@ describe "FFI_Yajl::Parser" do
         expect { parser }.to raise_error(FFI_Yajl::ParseError)
       end
     end
+
+    context "should not blow up with bad surrogate trailer" do
+      let(:json) { "{\"e\":{\"\\uD800\\\\DC00\":\"a\"}}" }
+      it "should not explode" do
+        expect { parser }.not_to raise_error
+      end
+    end
   end
 
   context "when options are set to empty hash" do
author	Lamont Granquist <lamont@scriptkiddie.org>	2017-11-28 17:06:05 -0800
committer	Lamont Granquist <lamont@scriptkiddie.org>	2017-11-28 17:06:05 -0800
commit	b88702b926ad51e4250fddd537ce120b57228370 (patch)
tree	13dff87089f7b6308691a82cd5a91a105909c366 /spec
parent	4c6803267bf274287b6289f8ccb26beaff517904 (diff)
download	ffi-yajl-b88702b926ad51e4250fddd537ce120b57228370.tar.gz