RubyGems - safe_yaml - Versions diffs - 0.1 → 1.0.5 - Mend

safe_yaml 0.1 → 1.0.5

Files changed (58) hide show

checksums.yaml +7 -0
data/.gitignore +3 -0
data/.travis.yml +48 -0
data/CHANGES.md +154 -0
data/Gemfile +3 -1
data/LICENSE.txt +22 -0
data/README.md +191 -0
data/Rakefile +22 -2
data/bin/safe_yaml +75 -0
data/bundle_install_all_ruby_versions.sh +11 -0
data/lib/safe_yaml.rb +90 -6
data/lib/safe_yaml/deep.rb +34 -0
data/lib/safe_yaml/libyaml_checker.rb +36 -0
data/lib/safe_yaml/load.rb +181 -0
data/lib/safe_yaml/parse/date.rb +37 -0
data/lib/safe_yaml/parse/hexadecimal.rb +12 -0
data/lib/safe_yaml/parse/sexagesimal.rb +26 -0
data/lib/safe_yaml/psych_handler.rb +99 -0
data/lib/safe_yaml/psych_resolver.rb +52 -0
data/lib/safe_yaml/resolver.rb +94 -0
data/lib/safe_yaml/safe_to_ruby_visitor.rb +29 -0
data/lib/safe_yaml/store.rb +39 -0
data/lib/safe_yaml/syck_hack.rb +36 -0
data/lib/safe_yaml/syck_node_monkeypatch.rb +43 -0
data/lib/safe_yaml/syck_resolver.rb +38 -0
data/lib/safe_yaml/transform.rb +41 -0
data/lib/safe_yaml/transform/to_boolean.rb +21 -0
data/lib/safe_yaml/transform/to_date.rb +13 -0
data/lib/safe_yaml/transform/to_float.rb +33 -0
data/lib/safe_yaml/transform/to_integer.rb +26 -0
data/lib/safe_yaml/transform/to_nil.rb +18 -0
data/lib/safe_yaml/transform/to_symbol.rb +17 -0
data/lib/safe_yaml/transform/transformation_map.rb +47 -0
data/lib/{version.rb → safe_yaml/version.rb} +1 -1
data/run_specs_all_ruby_versions.sh +38 -0
data/safe_yaml.gemspec +11 -8
data/spec/exploit.1.9.2.yaml +2 -0
data/spec/exploit.1.9.3.yaml +2 -0
data/spec/issue48.txt +20 -0
data/spec/issue49.yml +0 -0
data/spec/libyaml_checker_spec.rb +69 -0
data/spec/psych_resolver_spec.rb +10 -0
data/spec/resolver_specs.rb +278 -0
data/spec/safe_yaml_spec.rb +697 -23
data/spec/spec_helper.rb +37 -2
data/spec/store_spec.rb +57 -0
data/spec/support/exploitable_back_door.rb +13 -7
data/spec/syck_resolver_spec.rb +10 -0
data/spec/transform/base64_spec.rb +11 -0
data/spec/transform/to_date_spec.rb +60 -0
data/spec/transform/to_float_spec.rb +42 -0
data/spec/transform/to_integer_spec.rb +64 -0
data/spec/transform/to_symbol_spec.rb +51 -0
data/spec/yaml_spec.rb +15 -0
metadata +78 -24
data/Gemfile.lock +0 -28
data/lib/handler.rb +0 -86
data/spec/handler_spec.rb +0 -108

data/Gemfile.lock DELETED

@@ -1,28 +0,0 @@
-PATH
-  remote: .
-  specs:
-    safe_yaml (0.1)
-GEM
-  remote: http://rubygems.org/
-  specs:
-    diff-lcs (1.1.3)
-    heredoc_unindent (1.1.2)
-    rake (10.0.3)
-    rspec (2.12.0)
-      rspec-core (~> 2.12.0)
-      rspec-expectations (~> 2.12.0)
-      rspec-mocks (~> 2.12.0)
-    rspec-core (2.12.2)
-    rspec-expectations (2.12.1)
-      diff-lcs (~> 1.1.3)
-    rspec-mocks (2.12.1)
-PLATFORMS
-  ruby
-DEPENDENCIES
-  heredoc_unindent
-  rake
-  rspec
-  safe_yaml!

data/lib/handler.rb DELETED

@@ -1,86 +0,0 @@
-require "yaml"
-module SafeYAML
-  class Handler < Psych::Handler
-    def initialize
-      @stack = []
-    end
-    def result
-      @result
-    end
-    def add_to_current_structure(value)
-      if @result.nil?
-        @result = value
-        @current_structure = @result
-        return
-      end
-      case @current_structure
-      when Array
-        @current_structure.push(transform_value(value))
-      when Hash
-        if @current_key.nil?
-          @current_key = transform_value(value)
-        else
-          @current_structure[@current_key] = transform_value(value)
-          @current_key = nil
-        end
-      else
-        raise "Don't know how to add to a #{@current_structure.class}!"
-      end
-    end
-    def transform_value(value)
-      if value.is_a?(String)
-        if value.match(/^:\w+$/)
-          return value[1..-1].to_sym
-        elsif value.match(/^\d+$/)
-          return value.to_i
-        elsif value.match(/^\d+(?:\.\d*)?$/) || value.match(/^\.\d+$/)
-          return value.to_f
-        end
-      end
-      value
-    end
-    def streaming?
-      false
-    end
-    # event handlers
-    def scalar(value, anchor, tag, plain, quoted, style)
-      add_to_current_structure(value)
-    end
-    def start_mapping(*args) # anchor, tag, implicit, style
-      map = {}
-      self.add_to_current_structure(map)
-      @current_structure = map
-      @stack.push(map)
-    end
-    def end_mapping
-      @stack.pop
-      @current_structure = @stack.last
-    end
-    def start_sequence(*args) # anchor, tag, implicit, style
-      seq = []
-      self.add_to_current_structure(seq)
-      @current_structure = seq
-      @stack.push(seq)
-    end
-    def end_sequence
-      @stack.pop
-      @current_structure = @stack.last
-    end
-  end
-end

data/spec/handler_spec.rb DELETED

@@ -1,108 +0,0 @@
-require File.join(File.dirname(__FILE__), "spec_helper")
-require "handler"
-describe SafeYAML::Handler do
-  let(:handler) { SafeYAML::Handler.new }
-  let(:parser) { Psych::Parser.new(handler) }
-  let(:result) { handler.result }
-  def parse(yaml)
-    parser.parse(yaml.unindent)
-  end
-  it "translates most values to strings" do
-    parser.parse "key: value"
-    result.should == { "key" => "value" }
-  end
-  it "translates values starting with ':' to symbols" do
-    parser.parse ":key: value"
-    result.should == { :key => "value" }
-  end
-  it "translates valid integral numbers to integers" do
-    parser.parse "integer: 1"
-    result.should == { "integer" => 1 }
-  end
-  it "translates valid decimal numbers to floats" do
-    parser.parse "float: 3.14"
-    result.should == { "float" => 3.14 }
-  end
-  it "applies the same transformations to values as to keys" do
-    parse <<-YAML
-      string: value
-      symbol: :value
-      integer: 1
-      float: 3.14
-    YAML
-    result.should == {
-      "string" => "value",
-      "symbol" => :value,
-      "integer" => 1,
-      "float" => 3.14
-    }
-  end
-  it "translates sequences to arrays" do
-    parse <<-YAML
-      - foo
-      - bar
-      - baz
-    YAML
-    result.should == ["foo", "bar", "baz"]
-  end
-  it "applies the same transformations to elements in sequences as to all values" do
-    parse <<-YAML
-      - string
-      - :symbol
-      - 1
-      - 3.14
-    YAML
-    result.should == ["string", :symbol, 1, 3.14]
-  end
-  it "translates maps to hashes" do
-    parse <<-YAML
-      foo: blah
-      bar: glah
-      baz: flah
-    YAML
-    result.should == {
-      "foo" => "blah",
-      "bar" => "glah",
-      "baz" => "flah"
-    }
-  end
-  it "applies the same transformations to values in hashes as to all values" do
-    parse <<-YAML
-      foo: :symbol
-      bar: 1
-      baz: 3.14
-    YAML
-    result.should == {
-      "foo" => :symbol,
-      "bar" => 1,
-      "baz" => 3.14
-    }
-  end
-  it "deals just fine with nested maps" do
-    parse <<-YAML
-      foo:
-        bar:
-          marco: polo
-    YAML
-    result.should == { "foo" => { "bar" => { "marco" => "polo" } } }
-  end
-end