Changes VersionCompare#is_newer_or_same? by lesser_or_equal?
This commit is contained in:
erwanlr
@@ -32,7 +32,7 @@ class WpItem
|
||||
# @return [ Boolean ]
|
||||
def vulnerable_to?(vuln)
|
||||
if version && vuln && vuln.fixed_in && !vuln.fixed_in.empty?
|
||||
unless VersionCompare::is_newer_or_same?(vuln.fixed_in, version)
|
||||
unless VersionCompare::lesser_or_equal?(vuln.fixed_in, version)
|
||||
return true
|
||||
end
|
||||
else
|
||||
|
||||
@@ -15,12 +15,12 @@ class WpTimthumb < WpItem
|
||||
end
|
||||
|
||||
def check_rce_132
|
||||
return rce_132_vuln unless VersionCompare.is_newer_or_same?('1.33', version)
|
||||
return rce_132_vuln unless VersionCompare.lesser_or_equal?('1.33', version)
|
||||
end
|
||||
|
||||
# Vulnerable versions : > 1.35 (or >= 2.0) and < 2.8.14
|
||||
def check_rce_webshot
|
||||
return if VersionCompare.is_newer_or_same?('2.8.14', version) || VersionCompare.is_newer_or_same?(version, '1.35')
|
||||
return if VersionCompare.lesser_or_equal?('2.8.14', version) || VersionCompare.lesser_or_equal?(version, '1.35')
|
||||
|
||||
response = Browser.get(uri.merge('?webshot=1&src=http://' + default_allowed_domains.sample))
|
||||
|
||||
|
||||
@@ -2,14 +2,14 @@
|
||||
|
||||
class VersionCompare
|
||||
|
||||
# Compares two version strings. Returns true if version1 is equal to version2
|
||||
# or when version1 is older than version2
|
||||
# Compares two version strings. Returns true if version1 <= version2
|
||||
# and false otherwise
|
||||
#
|
||||
# @param [ String ] version1
|
||||
# @param [ String ] version2
|
||||
#
|
||||
# @return [ Boolean ]
|
||||
def self.is_newer_or_same?(version1, version2)
|
||||
def self.lesser_or_equal?(version1, version2)
|
||||
return true if (version1 == version2)
|
||||
# Both versions must be set
|
||||
return false unless (version1 and version2)
|
||||
|
||||
@@ -3,9 +3,9 @@
|
||||
require 'spec_helper'
|
||||
|
||||
describe 'VersionCompare' do
|
||||
describe '::is_newer_or_same?' do
|
||||
describe '::lesser_or_equal?' do
|
||||
context 'version checked is newer' do
|
||||
after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_truthy }
|
||||
after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_truthy }
|
||||
|
||||
it 'returns true' do
|
||||
@version1 = '1.0'
|
||||
@@ -39,7 +39,7 @@ describe 'VersionCompare' do
|
||||
end
|
||||
|
||||
context 'version checked is older' do
|
||||
after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_falsey }
|
||||
after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_falsey }
|
||||
|
||||
it 'returns false' do
|
||||
@version1 = '1'
|
||||
@@ -63,7 +63,7 @@ describe 'VersionCompare' do
|
||||
end
|
||||
|
||||
context 'version checked is the same' do
|
||||
after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_truthy }
|
||||
after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_truthy }
|
||||
|
||||
it 'returns true' do
|
||||
@version1 = '1'
|
||||
@@ -78,7 +78,7 @@ describe 'VersionCompare' do
|
||||
end
|
||||
|
||||
context 'version number causes Gem::Version new Exception' do
|
||||
after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_falsey }
|
||||
after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_falsey }
|
||||
|
||||
it 'returns false' do
|
||||
@version1 = 'a'
|
||||
@@ -87,7 +87,7 @@ describe 'VersionCompare' do
|
||||
end
|
||||
|
||||
context 'one version number is not set' do
|
||||
after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_falsey }
|
||||
after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_falsey }
|
||||
|
||||
it 'returns false (version2 nil)' do
|
||||
@version1 = '1'
|
||||
|
||||
Reference in New Issue
Block a user