safe_yaml 0.1 → 1.0.5

data/spec/safe_yaml_spec.rb

@@ -1,42 +1,118 @@
-require File.join(File.dirname(__FILE__), "spec_helper")
-
-require "safe_yaml"
-require "exploitable_back_door"
+require "spec_helper"
 
 describe YAML do
+  def safe_load_round_trip(object, options={})
+    yaml = object.to_yaml
+    if SafeYAML::YAML_ENGINE == "psych"
+      YAML.safe_load(yaml, nil, options)
+    else
+      YAML.safe_load(yaml, options)
+    end
+  end
+
   before :each do
-    ExploitableBackDoor.reset
+    # Need to require this here (as opposed to somewhere up higher in the file)
+    # to ensure that safe_yaml isn't loaded and therefore YAML isn't monkey-
+    # patched, for tests that require only safe_yaml/load.
+    require "safe_yaml"
+    require "exploitable_back_door"
+
+    SafeYAML.restore_defaults!
   end
 
-  describe "load" do
-    if RUBY_VERSION >= "1.9.3"
-      it "allows exploits through objects defined in YAML w/ !ruby/hash" do
-        YAML.load "--- !ruby/hash:ExploitableBackDoor\nfoo: bar\n"
-        ExploitableBackDoor.should be_exploited
+  after :each do
+    SafeYAML.restore_defaults!
+  end
+
+  describe "unsafe_load" do
+    if SafeYAML::YAML_ENGINE == "psych" && RUBY_VERSION >= "1.9.3"
+      it "allows exploits through objects defined in YAML w/ !ruby/hash via custom :[]= methods" do
+        backdoor = YAML.unsafe_load("--- !ruby/hash:ExploitableBackDoor\nfoo: bar\n")
+        expect(backdoor).to be_exploited_through_setter
+      end
+
+      it "allows exploits through objects defined in YAML w/ !ruby/object via the :init_with method" do
+        backdoor = YAML.unsafe_load("--- !ruby/object:ExploitableBackDoor\nfoo: bar\n")
+        expect(backdoor).to be_exploited_through_init_with
       end
     end
 
-    it "allows exploits through objects defined in YAML w/ !ruby/object" do
-      YAML.load "--- !ruby/object:ExploitableBackDoor\nfoo: bar\n"
-      ExploitableBackDoor.should be_exploited
+    it "allows exploits through objects w/ sensitive instance variables defined in YAML w/ !ruby/object" do
+      backdoor = YAML.unsafe_load("--- !ruby/object:ExploitableBackDoor\nfoo: bar\n")
+      expect(backdoor).to be_exploited_through_ivars
+    end
+
+    context "with special whitelisted tags defined" do
+      before :each do
+        SafeYAML::whitelist!(OpenStruct)
+      end
+
+      it "effectively ignores the whitelist (since everything is whitelisted)" do
+        result = YAML.unsafe_load <<-YAML.unindent
+          --- !ruby/object:OpenStruct 
+          table: 
+            :backdoor: !ruby/object:ExploitableBackDoor 
+              foo: bar
+        YAML
+
+        expect(result).to be_a(OpenStruct)
+        expect(result.backdoor).to be_exploited_through_ivars
+      end
     end
   end
 
   describe "safe_load" do
+    it "does NOT allow exploits through objects defined in YAML w/ !ruby/hash" do
+      object = YAML.safe_load("--- !ruby/hash:ExploitableBackDoor\nfoo: bar\n")
+      expect(object).not_to be_a(ExploitableBackDoor)
+    end
+
     it "does NOT allow exploits through objects defined in YAML w/ !ruby/object" do
-      YAML.safe_load "--- !ruby/object:ExploitableBackDoor\nfoo: bar\n"
-      ExploitableBackDoor.should_not be_exploited
+      object = YAML.safe_load("--- !ruby/object:ExploitableBackDoor\nfoo: bar\n")
+      expect(object).not_to be_a(ExploitableBackDoor)
     end
 
-    it "does NOT allow exploits through objects defined in YAML w/ !ruby/hash" do
-      YAML.safe_load "--- !ruby/hash:ExploitableBackDoor\nfoo: bar\n"
-      ExploitableBackDoor.should_not be_exploited
+    context "for YAML engine #{SafeYAML::YAML_ENGINE}" do
+      if SafeYAML::YAML_ENGINE == "psych"
+        let(:options) { nil }
+        let(:arguments) { ["foo: bar", nil, options] }
+
+        context "when no tags are whitelisted" do
+          it "constructs a SafeYAML::PsychHandler to resolve nodes as they're parsed, for optimal performance" do
+            expect(Psych::Parser).to receive(:new).with an_instance_of(SafeYAML::PsychHandler)
+            # This won't work now; we just want to ensure Psych::Parser#parse was in fact called.
+            YAML.safe_load(*arguments) rescue nil
+          end
+        end
+
+        context "when whitelisted tags are specified" do
+          let(:options) {
+            { :whitelisted_tags => ["foo"] }
+          }
+
+          it "instead uses Psych to construct a full tree before examining the nodes" do
+            expect(Psych).to receive(:parse)
+            # This won't work now; we just want to ensure Psych::Parser#parse was in fact called.
+            YAML.safe_load(*arguments) rescue nil
+          end
+        end
+      end
+
+      if SafeYAML::YAML_ENGINE == "syck"
+        it "uses Syck internally to parse YAML" do
+          expect(YAML).to receive(:parse).with("foo: bar")
+          # This won't work now; we just want to ensure YAML::parse was in fact called.
+          YAML.safe_load("foo: bar") rescue nil
+        end
+      end
     end
 
     it "loads a plain ol' YAML document just fine" do
       result = YAML.safe_load <<-YAML.unindent
         foo:
           number: 1
+          boolean: true
+          nil: ~
           string: Hello, there!
           symbol: :blah
           sequence:
@@ -44,14 +120,612 @@ describe YAML do
             - bye
       YAML
 
-      result.should == {
+      expect(result).to eq({
         "foo" => {
-          "number" => 1,
-          "string" => "Hello, there!",
-          "symbol" => :blah,
+          "number"   => 1,
+          "boolean"  => true,
+          "nil"      => nil,
+          "string"   => "Hello, there!",
+          "symbol"   => ":blah",
           "sequence" => ["hi", "bye"]
         }
-      }
+      })
+    end
+
+    it "works for YAML documents with anchors and aliases" do
+      result = YAML.safe_load <<-YAML
+        - &id001 {}
+        - *id001
+        - *id001
+      YAML
+
+      expect(result).to eq([{}, {}, {}])
+    end
+
+    it "works for YAML documents with binary tagged keys" do
+      result = YAML.safe_load <<-YAML
+        ? !!binary >
+          Zm9v
+        : "bar"
+        ? !!binary >
+          YmFy
+        : "baz"
+      YAML
+
+      expect(result).to eq({"foo" => "bar", "bar" => "baz"})
+    end
+
+    it "works for YAML documents with binary tagged values" do
+      result = YAML.safe_load <<-YAML
+        "foo": !!binary >
+          YmFy
+        "bar": !!binary >
+          YmF6
+      YAML
+
+      expect(result).to eq({"foo" => "bar", "bar" => "baz"})
+    end
+
+    it "works for YAML documents with binary tagged array values" do
+      result = YAML.safe_load <<-YAML
+        - !binary |-
+          Zm9v
+        - !binary |-
+          YmFy
+      YAML
+
+      expect(result).to eq(["foo", "bar"])
+    end
+
+    it "works for YAML documents with sections" do
+      result = YAML.safe_load <<-YAML
+        mysql: &mysql
+          adapter: mysql
+          pool: 30
+        login: &login
+          username: user
+          password: password123
+        development: &development
+          <<: *mysql
+          <<: *login
+          host: localhost
+      YAML
+
+      expect(result).to eq({
+        "mysql" => {
+          "adapter" => "mysql",
+          "pool"    => 30
+        },
+        "login" => {
+          "username" => "user",
+          "password" => "password123"
+        },
+        "development" => {
+          "adapter"  => "mysql",
+          "pool"     => 30,
+          "username" => "user",
+          "password" => "password123",
+          "host"     => "localhost"
+        }
+      })
+    end
+
+    it "correctly prefers explicitly defined values over default values from included sections" do
+      # Repeating this test 100 times to increase the likelihood of running into an issue caused by
+      # non-deterministic hash key enumeration.
+      100.times do
+        result = YAML.safe_load <<-YAML
+          defaults: &defaults
+            foo: foo
+            bar: bar
+            baz: baz
+          custom:
+            <<: *defaults
+            bar: custom_bar
+            baz: custom_baz
+        YAML
+
+        expect(result["custom"]).to eq({
+          "foo" => "foo",
+          "bar" => "custom_bar",
+          "baz" => "custom_baz"
+        })
+      end
+    end
+
+    it "works with multi-level inheritance" do
+      result = YAML.safe_load <<-YAML
+        defaults: &defaults
+          foo: foo
+          bar: bar
+          baz: baz
+        custom: &custom
+          <<: *defaults
+          bar: custom_bar
+          baz: custom_baz
+        grandcustom: &grandcustom
+          <<: *custom
+      YAML
+
+      expect(result).to eq({
+        "defaults"    => { "foo" => "foo", "bar" => "bar", "baz" => "baz" },
+        "custom"      => { "foo" => "foo", "bar" => "custom_bar", "baz" => "custom_baz" },
+        "grandcustom" => { "foo" => "foo", "bar" => "custom_bar", "baz" => "custom_baz" }
+      })
+    end
+
+    it "returns false when parsing an empty document" do
+      expect([
+        YAML.safe_load(""),
+        YAML.safe_load("     "),
+        YAML.safe_load("\n")
+      ]).to eq([false, false, false])
+    end
+
+    it "returns nil when parsing a single value representing nil" do
+      expect([
+        YAML.safe_load("~"),
+        YAML.safe_load("null")
+      ]).to eq([nil, nil])
+    end
+
+    context "with custom initializers defined" do
+      before :each do
+        if SafeYAML::YAML_ENGINE == "psych"
+          SafeYAML::OPTIONS[:custom_initializers] = {
+            "!set" => lambda { Set.new },
+            "!hashiemash" => lambda { Hashie::Mash.new }
+          }
+        else
+          SafeYAML::OPTIONS[:custom_initializers] = {
+            "tag:yaml.org,2002:set" => lambda { Set.new },
+            "tag:yaml.org,2002:hashiemash" => lambda { Hashie::Mash.new }
+          }
+        end
+      end
+
+      it "will use a custom initializer to instantiate an array-like class upon deserialization" do
+        result = YAML.safe_load <<-YAML.unindent
+          --- !set
+          - 1
+          - 2
+          - 3
+        YAML
+
+        expect(result).to be_a(Set)
+        expect(result.to_a).to match_array([1, 2, 3])
+      end
+
+      it "will use a custom initializer to instantiate a hash-like class upon deserialization" do
+        result = YAML.safe_load <<-YAML.unindent
+          --- !hashiemash
+          foo: bar
+        YAML
+
+        expect(result).to be_a(Hashie::Mash)
+        expect(result.to_hash).to eq({ "foo" => "bar" })
+      end
+    end
+
+    context "with special whitelisted tags defined" do
+      before :each do
+        SafeYAML::whitelist!(OpenStruct)
+
+        # Necessary for deserializing OpenStructs properly.
+        SafeYAML::OPTIONS[:deserialize_symbols] = true
+      end
+
+      it "will allow objects to be deserialized for whitelisted tags" do
+        result = YAML.safe_load("--- !ruby/object:OpenStruct\ntable:\n  foo: bar\n")
+        expect(result).to be_a(OpenStruct)
+        expect(result.instance_variable_get(:@table)).to eq({ "foo" => "bar" })
+      end
+
+      it "will not deserialize objects without whitelisted tags" do
+        result = YAML.safe_load("--- !ruby/hash:ExploitableBackDoor\nfoo: bar\n")
+        expect(result).not_to be_a(ExploitableBackDoor)
+        expect(result).to eq({ "foo" => "bar" })
+      end
+
+      it "will not allow non-whitelisted objects to be embedded within objects with whitelisted tags" do
+        result = YAML.safe_load <<-YAML.unindent
+          --- !ruby/object:OpenStruct 
+          table: 
+            :backdoor: !ruby/object:ExploitableBackDoor 
+              foo: bar
+        YAML
+
+        expect(result).to be_a(OpenStruct)
+        expect(result.backdoor).not_to be_a(ExploitableBackDoor)
+        expect(result.backdoor).to eq({ "foo" => "bar" })
+      end
+
+      context "with the :raise_on_unknown_tag option enabled" do
+        before :each do
+          SafeYAML::OPTIONS[:raise_on_unknown_tag] = true
+        end
+
+        after :each do
+          SafeYAML.restore_defaults!
+        end
+
+        it "raises an exception if a non-nil, non-whitelisted tag is encountered" do
+          expect {
+            YAML.safe_load <<-YAML.unindent
+              --- !ruby/object:Unknown
+              foo: bar
+            YAML
+          }.to raise_error
+        end
+
+        it "checks all tags, even those within objects with trusted tags" do
+          expect {
+            YAML.safe_load <<-YAML.unindent
+              --- !ruby/object:OpenStruct
+              table:
+                :backdoor: !ruby/object:Unknown
+                  foo: bar
+            YAML
+          }.to raise_error
+        end
+
+        it "does not raise an exception as long as all tags are whitelisted" do
+          result = YAML.safe_load <<-YAML.unindent
+            --- !ruby/object:OpenStruct
+            table:
+              :backdoor:
+                string: foo
+                integer: 1
+                float: 3.14
+                symbol: :bar
+                date: 2013-02-20
+                array: []
+                hash: {}
+          YAML
+
+          expect(result).to be_a(OpenStruct)
+          expect(result.backdoor).to eq({
+            "string"  => "foo",
+            "integer" => 1,
+            "float"   => 3.14,
+            "symbol"  => :bar,
+            "date"    => Date.parse("2013-02-20"),
+            "array"   => [],
+            "hash"    => {}
+          })
+        end
+
+        it "does not raise an exception on the non-specific '!' tag" do
+          result = nil
+          expect { result = YAML.safe_load "--- ! 'foo'" }.to_not raise_error
+          expect(result).to eq("foo")
+        end
+
+        context "with whitelisted custom class" do
+          class SomeClass
+            attr_accessor :foo
+          end
+          let(:instance) { SomeClass.new }
+
+          before do
+            SafeYAML::whitelist!(SomeClass)
+            instance.foo = 'with trailing whitespace: '
+          end
+
+          it "does not raise an exception on the non-specific '!' tag" do
+            result = nil
+            expect { result = YAML.safe_load(instance.to_yaml) }.to_not raise_error
+            expect(result.foo).to eq('with trailing whitespace: ')
+          end
+        end
+      end
+    end
+
+    context "when options are passed direclty to #load which differ from the defaults" do
+      let(:default_options) { {} }
+
+      before :each do
+        SafeYAML::OPTIONS.merge!(default_options)
+      end
+
+      context "(for example, when symbol deserialization is enabled by default)" do
+        let(:default_options) { { :deserialize_symbols => true } }
+
+        it "goes with the default option when it is not overridden" do
+          silence_warnings do
+            expect(YAML.load(":foo: bar")).to eq({ :foo => "bar" })
+          end
+        end
+
+        it "allows the default option to be overridden on a per-call basis" do
+          silence_warnings do
+            expect(YAML.load(":foo: bar", :deserialize_symbols => false)).to eq({ ":foo" => "bar" })
+            expect(YAML.load(":foo: bar", :deserialize_symbols => true)).to eq({ :foo => "bar" })
+          end
+        end
+      end
+
+      context "(or, for example, when certain tags are whitelisted)" do
+        let(:default_options) {
+          {
+            :deserialize_symbols => true,
+            :whitelisted_tags => SafeYAML::YAML_ENGINE == "psych" ?
+              ["!ruby/object:OpenStruct"] :
+              ["tag:ruby.yaml.org,2002:object:OpenStruct"]
+          }
+        }
+
+        it "goes with the default option when it is not overridden" do
+          result = safe_load_round_trip(OpenStruct.new(:foo => "bar"))
+          expect(result).to be_a(OpenStruct)
+          expect(result.foo).to eq("bar")
+        end
+
+        it "allows the default option to be overridden on a per-call basis" do
+          result = safe_load_round_trip(OpenStruct.new(:foo => "bar"), :whitelisted_tags => [])
+          expect(result).to eq({ "table" => { :foo => "bar" } })
+
+          result = safe_load_round_trip(OpenStruct.new(:foo => "bar"), :deserialize_symbols => false, :whitelisted_tags => [])
+          expect(result).to eq({ "table" => { ":foo" => "bar" } })
+        end
+      end
+    end
+  end
+
+  describe "unsafe_load_file" do
+    if SafeYAML::YAML_ENGINE == "psych" && RUBY_VERSION >= "1.9.3"
+      it "allows exploits through objects defined in YAML w/ !ruby/hash via custom :[]= methods" do
+        backdoor = YAML.unsafe_load_file "spec/exploit.1.9.3.yaml"
+        expect(backdoor).to be_exploited_through_setter
+      end
+    end
+
+    if SafeYAML::YAML_ENGINE == "psych" && RUBY_VERSION >= "1.9.2"
+      it "allows exploits through objects defined in YAML w/ !ruby/object via the :init_with method" do
+        backdoor = YAML.unsafe_load_file "spec/exploit.1.9.2.yaml"
+        expect(backdoor).to be_exploited_through_init_with
+      end
+    end
+
+    it "allows exploits through objects w/ sensitive instance variables defined in YAML w/ !ruby/object" do
+      backdoor = YAML.unsafe_load_file "spec/exploit.1.9.2.yaml"
+      expect(backdoor).to be_exploited_through_ivars
+    end
+  end
+
+  describe "safe_load_file" do
+    it "does NOT allow exploits through objects defined in YAML w/ !ruby/hash" do
+      object = YAML.safe_load_file "spec/exploit.1.9.3.yaml"
+      expect(object).not_to be_a(ExploitableBackDoor)
+    end
+
+    it "does NOT allow exploits through objects defined in YAML w/ !ruby/object" do
+      object = YAML.safe_load_file "spec/exploit.1.9.2.yaml"
+      expect(object).not_to be_a(ExploitableBackDoor)
+    end
+    
+    it "returns false when parsing an empty file" do
+      expect(YAML.safe_load_file("spec/issue49.yml")).to eq(false)
+    end
+  end
+
+  describe "load" do
+    let(:options) { {} }
+
+    let (:arguments) {
+      if SafeYAML::MULTI_ARGUMENT_YAML_LOAD
+        ["foo: bar", nil, options]
+      else
+        ["foo: bar", options]
+      end
+    }
+
+    context "as long as a :default_mode has been specified" do
+      it "doesn't issue a warning for safe mode, since an explicit mode has been set" do
+        SafeYAML::OPTIONS[:default_mode] = :safe
+        expect(Kernel).not_to receive(:warn)
+        YAML.load(*arguments)
+      end
+
+      it "doesn't issue a warning for unsafe mode, since an explicit mode has been set" do
+        SafeYAML::OPTIONS[:default_mode] = :unsafe
+        expect(Kernel).not_to receive(:warn)
+        YAML.load(*arguments)
+      end
+    end
+
+    context "when the :safe options is specified" do
+      let(:safe_mode) { true }
+      let(:options) { { :safe => safe_mode } }
+
+      it "doesn't issue a warning" do
+        expect(Kernel).not_to receive(:warn)
+        YAML.load(*arguments)
+      end
+
+      it "calls #safe_load if the :safe option is set to true" do
+        expect(YAML).to receive(:safe_load)
+        YAML.load(*arguments)
+      end
+
+      context "when the :safe option is set to false" do
+        let(:safe_mode) { false }
+
+        it "calls #unsafe_load if the :safe option is set to false" do
+          expect(YAML).to receive(:unsafe_load)
+          YAML.load(*arguments)
+        end
+      end
+    end
+
+    it "issues a warning when the :safe option is omitted" do
+      silence_warnings do
+        expect(Kernel).to receive(:warn)
+        YAML.load(*arguments)
+      end
+    end
+
+    it "only issues a warning once (to avoid spamming an app's output)" do
+      silence_warnings do
+        expect(Kernel).to receive(:warn).once
+        2.times { YAML.load(*arguments) }
+      end
+    end
+
+    it "defaults to safe mode if the :safe option is omitted" do
+      silence_warnings do
+        expect(YAML).to receive(:safe_load)
+        YAML.load(*arguments)
+      end
+    end
+
+    context "with the default mode set to :unsafe" do
+      before :each do
+        SafeYAML::OPTIONS[:default_mode] = :unsafe
+      end
+
+      it "defaults to unsafe mode if the :safe option is omitted" do
+        silence_warnings do
+          expect(YAML).to receive(:unsafe_load)
+          YAML.load(*arguments)
+        end
+      end
+
+      it "calls #safe_load if the :safe option is set to true" do
+        expect(YAML).to receive(:safe_load)
+        YAML.load(*(arguments + [{ :safe => true }]))
+      end
+    end
+  end
+
+  describe "load_file" do
+    let(:filename) { "spec/exploit.1.9.2.yaml" } # doesn't really matter
+
+    it "issues a warning if the :safe option is omitted" do
+      silence_warnings do
+        expect(Kernel).to receive(:warn)
+        YAML.load_file(filename)
+      end
+    end
+
+    it "doesn't issue a warning as long as the :safe option is specified" do
+      expect(Kernel).not_to receive(:warn)
+      YAML.load_file(filename, :safe => true)
+    end
+
+    it "defaults to safe mode if the :safe option is omitted" do
+      silence_warnings do
+        expect(YAML).to receive(:safe_load_file)
+        YAML.load_file(filename)
+      end
+    end
+
+    it "calls #safe_load_file if the :safe option is set to true" do
+      expect(YAML).to receive(:safe_load_file)
+      YAML.load_file(filename, :safe => true)
+    end
+
+    it "calls #unsafe_load_file if the :safe option is set to false" do
+      expect(YAML).to receive(:unsafe_load_file)
+      YAML.load_file(filename, :safe => false)
+    end
+
+    context "with arbitrary object deserialization enabled by default" do
+      before :each do
+        SafeYAML::OPTIONS[:default_mode] = :unsafe
+      end
+
+      it "defaults to unsafe mode if the :safe option is omitted" do
+        silence_warnings do
+          expect(YAML).to receive(:unsafe_load_file)
+          YAML.load_file(filename)
+        end
+      end
+
+      it "calls #safe_load if the :safe option is set to true" do
+        expect(YAML).to receive(:safe_load_file)
+        YAML.load_file(filename, :safe => true)
+      end
+    end
+
+    it "handles files starting with --- (see issue #48)" do
+      expect(YAML.load_file("spec/issue48.txt", :safe => true)).to eq({
+        "title" => "Blah",
+        "key"   => "value"
+      })
+    end
+
+    it "handles content starting with --- (see issue #48)" do
+      yaml = File.read("spec/issue48.txt")
+      expect(YAML.load(yaml, :safe => true)).to eq({
+        "title" => "Blah",
+        "key"   => "value"
+      })
+    end
+  end
+
+  describe "whitelist!" do
+    context "not a class" do
+      it "should raise" do
+        expect { SafeYAML::whitelist! :foo }.to raise_error(/not a Class/)
+        expect(SafeYAML::OPTIONS[:whitelisted_tags]).to be_empty
+      end
+    end
+
+    context "anonymous class" do
+      it "should raise" do
+        expect { SafeYAML::whitelist! Class.new }.to raise_error(/cannot be anonymous/)
+        expect(SafeYAML::OPTIONS[:whitelisted_tags]).to be_empty
+      end
+    end
+
+    context "with a Class as its argument" do
+      it "should configure correctly" do
+        expect { SafeYAML::whitelist! OpenStruct }.to_not raise_error
+        expect(SafeYAML::OPTIONS[:whitelisted_tags].grep(/OpenStruct\Z/)).not_to be_empty
+      end
+
+      it "successfully deserializes the specified class" do
+        SafeYAML.whitelist!(OpenStruct)
+
+        # necessary for properly assigning OpenStruct attributes
+        SafeYAML::OPTIONS[:deserialize_symbols] = true
+
+        result = safe_load_round_trip(OpenStruct.new(:foo => "bar"))
+        expect(result).to be_a(OpenStruct)
+        expect(result.foo).to eq("bar")
+      end
+
+      it "works for ranges" do
+        SafeYAML.whitelist!(Range)
+        expect(safe_load_round_trip(1..10)).to eq(1..10)
+      end
+
+      it "works for regular expressions" do
+        SafeYAML.whitelist!(Regexp)
+        expect(safe_load_round_trip(/foo/)).to eq(/foo/)
+      end
+
+      it "works for multiple classes" do
+        SafeYAML.whitelist!(Range, Regexp)
+        expect(safe_load_round_trip([(1..10), /bar/])).to eq([(1..10), /bar/])
+      end
+
+      it "works for arbitrary Exception subclasses" do
+        class CustomException < Exception
+          attr_reader :custom_message
+
+          def initialize(custom_message)
+            @custom_message = custom_message
+          end
+        end
+
+        SafeYAML.whitelist!(CustomException)
+
+        ex = safe_load_round_trip(CustomException.new("blah"))
+        expect(ex).to be_a(CustomException)
+        expect(ex.custom_message).to eq("blah")
+      end
     end
   end
 end