Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Don't allow __send__ or public_send. Closes #1.

  • Loading branch information...
commit 4d76f0c16aa096f061c3c33a77f7f9630d0ee21e 1 parent 3659fbd
Dray Lacy omghax authored

Showing 2 changed files with 4 additions and 0 deletions. Show diff stats Hide diff stats

  1. +2 0  lib/ruby_cop/policy.rb
  2. +2 0  spec/policy_spec.rb
2  lib/ruby_cop/policy.rb
@@ -62,6 +62,7 @@ def visit_Block(node)
62 62 end
63 63
64 64 CALL_BLACKLIST = %w[
  65 + __send__
65 66 abort
66 67 alias_method
67 68 at_exit
@@ -86,6 +87,7 @@ def visit_Block(node)
86 87 method
87 88 module_eval
88 89 open
  90 + public_send
89 91 readline
90 92 readlines
91 93 redo
2  spec/policy_spec.rb
@@ -85,6 +85,7 @@
85 85 it { should allow('"abc".intern') }
86 86 it { should allow('"abc".to_sym') }
87 87
  88 + it { should_not allow('__send__(:eval, "`ls`")') }
88 89 it { should_not allow('abort("fail")') }
89 90 it { should_not allow('alias :foo :bar') }
90 91 it { should_not allow('alias foo bar') }
@@ -119,6 +120,7 @@
119 120 it { should_not allow('method(:eval)') }
120 121 it { should_not allow('module_eval("`ls`")') }
121 122 it { should_not allow('open("/etc/passwd")') }
  123 + it { should_not allow('public_send(:eval, "`ls`")') }
122 124 it { should_not allow('readline') }
123 125 it { should_not allow('readline()') }
124 126 it { should_not allow('readlines') }

0 comments on commit 4d76f0c

Please sign in to comment.
Something went wrong with that request. Please try again.