From 98d9e87356e27ebc943a99eb87bb819f5aba4489 Mon Sep 17 00:00:00 2001 From: erwanlr Date: Thu, 3 Jul 2014 12:33:27 +0200 Subject: [PATCH] Changes VersionCompare#is_newer_or_same? by lesser_or_equal? --- lib/common/models/wp_item/vulnerable.rb | 2 +- lib/common/models/wp_timthumb/vulnerable.rb | 4 ++-- lib/common/version_compare.rb | 6 +++--- spec/lib/common/version_compare_spec.rb | 12 ++++++------ 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/common/models/wp_item/vulnerable.rb b/lib/common/models/wp_item/vulnerable.rb index b2f6bbf5..1df737e4 100755 --- a/lib/common/models/wp_item/vulnerable.rb +++ b/lib/common/models/wp_item/vulnerable.rb @@ -32,7 +32,7 @@ class WpItem # @return [ Boolean ] def vulnerable_to?(vuln) if version && vuln && vuln.fixed_in && !vuln.fixed_in.empty? - unless VersionCompare::is_newer_or_same?(vuln.fixed_in, version) + unless VersionCompare::lesser_or_equal?(vuln.fixed_in, version) return true end else diff --git a/lib/common/models/wp_timthumb/vulnerable.rb b/lib/common/models/wp_timthumb/vulnerable.rb index 1719d0bc..53355389 100644 --- a/lib/common/models/wp_timthumb/vulnerable.rb +++ b/lib/common/models/wp_timthumb/vulnerable.rb @@ -15,12 +15,12 @@ class WpTimthumb < WpItem end def check_rce_132 - return rce_132_vuln unless VersionCompare.is_newer_or_same?('1.33', version) + return rce_132_vuln unless VersionCompare.lesser_or_equal?('1.33', version) end # Vulnerable versions : > 1.35 (or >= 2.0) and < 2.8.14 def check_rce_webshot - return if VersionCompare.is_newer_or_same?('2.8.14', version) || VersionCompare.is_newer_or_same?(version, '1.35') + return if VersionCompare.lesser_or_equal?('2.8.14', version) || VersionCompare.lesser_or_equal?(version, '1.35') response = Browser.get(uri.merge('?webshot=1&src=http://' + default_allowed_domains.sample)) diff --git a/lib/common/version_compare.rb b/lib/common/version_compare.rb index fa3a98ba..098ed603 100644 --- a/lib/common/version_compare.rb +++ b/lib/common/version_compare.rb @@ -2,14 +2,14 @@ class VersionCompare - # Compares two version strings. Returns true if version1 is equal to version2 - # or when version1 is older than version2 + # Compares two version strings. Returns true if version1 <= version2 + # and false otherwise # # @param [ String ] version1 # @param [ String ] version2 # # @return [ Boolean ] - def self.is_newer_or_same?(version1, version2) + def self.lesser_or_equal?(version1, version2) return true if (version1 == version2) # Both versions must be set return false unless (version1 and version2) diff --git a/spec/lib/common/version_compare_spec.rb b/spec/lib/common/version_compare_spec.rb index d052f772..f89d7445 100644 --- a/spec/lib/common/version_compare_spec.rb +++ b/spec/lib/common/version_compare_spec.rb @@ -3,9 +3,9 @@ require 'spec_helper' describe 'VersionCompare' do - describe '::is_newer_or_same?' do + describe '::lesser_or_equal?' do context 'version checked is newer' do - after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_truthy } + after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_truthy } it 'returns true' do @version1 = '1.0' @@ -39,7 +39,7 @@ describe 'VersionCompare' do end context 'version checked is older' do - after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_falsey } + after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_falsey } it 'returns false' do @version1 = '1' @@ -63,7 +63,7 @@ describe 'VersionCompare' do end context 'version checked is the same' do - after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_truthy } + after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_truthy } it 'returns true' do @version1 = '1' @@ -78,7 +78,7 @@ describe 'VersionCompare' do end context 'version number causes Gem::Version new Exception' do - after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_falsey } + after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_falsey } it 'returns false' do @version1 = 'a' @@ -87,7 +87,7 @@ describe 'VersionCompare' do end context 'one version number is not set' do - after { expect(VersionCompare::is_newer_or_same?(@version1, @version2)).to be_falsey } + after { expect(VersionCompare::lesser_or_equal?(@version1, @version2)).to be_falsey } it 'returns false (version2 nil)' do @version1 = '1'