├── .gitignore ├── .travis.yml ├── CHANGES.md ├── Gemfile ├── LICENSE.txt ├── README.md ├── Rakefile ├── bin └── safe_yaml ├── bundle_install_all_ruby_versions.sh ├── lib ├── safe_yaml.rb └── safe_yaml │ ├── deep.rb │ ├── libyaml_checker.rb │ ├── load.rb │ ├── parse │ ├── date.rb │ ├── hexadecimal.rb │ └── sexagesimal.rb │ ├── psych_handler.rb │ ├── psych_resolver.rb │ ├── resolver.rb │ ├── safe_to_ruby_visitor.rb │ ├── store.rb │ ├── syck_hack.rb │ ├── syck_node_monkeypatch.rb │ ├── syck_resolver.rb │ ├── transform.rb │ ├── transform │ ├── to_boolean.rb │ ├── to_date.rb │ ├── to_float.rb │ ├── to_integer.rb │ ├── to_nil.rb │ ├── to_symbol.rb │ └── transformation_map.rb │ └── version.rb ├── run_specs_all_ruby_versions.sh ├── safe_yaml.gemspec └── spec ├── exploit.1.9.2.yaml ├── exploit.1.9.3.yaml ├── issue48.txt ├── issue49.yml ├── libyaml_checker_spec.rb ├── psych_resolver_spec.rb ├── resolver_specs.rb ├── safe_yaml_spec.rb ├── spec_helper.rb ├── store_spec.rb ├── support └── exploitable_back_door.rb ├── syck_resolver_spec.rb ├── transform ├── base64_spec.rb ├── to_date_spec.rb ├── to_float_spec.rb ├── to_integer_spec.rb └── to_symbol_spec.rb └── yaml_spec.rb /.gitignore: -------------------------------------------------------------------------------- 1 | *.gem 2 | Gemfile.lock 3 | spec/store.yaml 4 | -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/.travis.yml -------------------------------------------------------------------------------- /CHANGES.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/CHANGES.md -------------------------------------------------------------------------------- /Gemfile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/Gemfile -------------------------------------------------------------------------------- /LICENSE.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/LICENSE.txt -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/README.md -------------------------------------------------------------------------------- /Rakefile: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/Rakefile -------------------------------------------------------------------------------- /bin/safe_yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/bin/safe_yaml -------------------------------------------------------------------------------- /bundle_install_all_ruby_versions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/bundle_install_all_ruby_versions.sh -------------------------------------------------------------------------------- /lib/safe_yaml.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml.rb -------------------------------------------------------------------------------- /lib/safe_yaml/deep.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/deep.rb -------------------------------------------------------------------------------- /lib/safe_yaml/libyaml_checker.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/libyaml_checker.rb -------------------------------------------------------------------------------- /lib/safe_yaml/load.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/load.rb -------------------------------------------------------------------------------- /lib/safe_yaml/parse/date.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/parse/date.rb -------------------------------------------------------------------------------- /lib/safe_yaml/parse/hexadecimal.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/parse/hexadecimal.rb -------------------------------------------------------------------------------- /lib/safe_yaml/parse/sexagesimal.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/parse/sexagesimal.rb -------------------------------------------------------------------------------- /lib/safe_yaml/psych_handler.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/psych_handler.rb -------------------------------------------------------------------------------- /lib/safe_yaml/psych_resolver.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/psych_resolver.rb -------------------------------------------------------------------------------- /lib/safe_yaml/resolver.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/resolver.rb -------------------------------------------------------------------------------- /lib/safe_yaml/safe_to_ruby_visitor.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/safe_to_ruby_visitor.rb -------------------------------------------------------------------------------- /lib/safe_yaml/store.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/store.rb -------------------------------------------------------------------------------- /lib/safe_yaml/syck_hack.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/syck_hack.rb -------------------------------------------------------------------------------- /lib/safe_yaml/syck_node_monkeypatch.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/syck_node_monkeypatch.rb -------------------------------------------------------------------------------- /lib/safe_yaml/syck_resolver.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/syck_resolver.rb -------------------------------------------------------------------------------- /lib/safe_yaml/transform.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/transform.rb -------------------------------------------------------------------------------- /lib/safe_yaml/transform/to_boolean.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/transform/to_boolean.rb -------------------------------------------------------------------------------- /lib/safe_yaml/transform/to_date.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/transform/to_date.rb -------------------------------------------------------------------------------- /lib/safe_yaml/transform/to_float.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/transform/to_float.rb -------------------------------------------------------------------------------- /lib/safe_yaml/transform/to_integer.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/transform/to_integer.rb -------------------------------------------------------------------------------- /lib/safe_yaml/transform/to_nil.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/transform/to_nil.rb -------------------------------------------------------------------------------- /lib/safe_yaml/transform/to_symbol.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/transform/to_symbol.rb -------------------------------------------------------------------------------- /lib/safe_yaml/transform/transformation_map.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/lib/safe_yaml/transform/transformation_map.rb -------------------------------------------------------------------------------- /lib/safe_yaml/version.rb: -------------------------------------------------------------------------------- 1 | module SafeYAML 2 | VERSION = "1.0.5" 3 | end 4 | -------------------------------------------------------------------------------- /run_specs_all_ruby_versions.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/run_specs_all_ruby_versions.sh -------------------------------------------------------------------------------- /safe_yaml.gemspec: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/safe_yaml.gemspec -------------------------------------------------------------------------------- /spec/exploit.1.9.2.yaml: -------------------------------------------------------------------------------- 1 | --- !ruby/object:ExploitableBackDoor 2 | foo: bar 3 | -------------------------------------------------------------------------------- /spec/exploit.1.9.3.yaml: -------------------------------------------------------------------------------- 1 | --- !ruby/hash:ExploitableBackDoor 2 | foo: bar 3 | -------------------------------------------------------------------------------- /spec/issue48.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/issue48.txt -------------------------------------------------------------------------------- /spec/issue49.yml: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /spec/libyaml_checker_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/libyaml_checker_spec.rb -------------------------------------------------------------------------------- /spec/psych_resolver_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/psych_resolver_spec.rb -------------------------------------------------------------------------------- /spec/resolver_specs.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/resolver_specs.rb -------------------------------------------------------------------------------- /spec/safe_yaml_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/safe_yaml_spec.rb -------------------------------------------------------------------------------- /spec/spec_helper.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/spec_helper.rb -------------------------------------------------------------------------------- /spec/store_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/store_spec.rb -------------------------------------------------------------------------------- /spec/support/exploitable_back_door.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/support/exploitable_back_door.rb -------------------------------------------------------------------------------- /spec/syck_resolver_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/syck_resolver_spec.rb -------------------------------------------------------------------------------- /spec/transform/base64_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/transform/base64_spec.rb -------------------------------------------------------------------------------- /spec/transform/to_date_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/transform/to_date_spec.rb -------------------------------------------------------------------------------- /spec/transform/to_float_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/transform/to_float_spec.rb -------------------------------------------------------------------------------- /spec/transform/to_integer_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/transform/to_integer_spec.rb -------------------------------------------------------------------------------- /spec/transform/to_symbol_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/transform/to_symbol_spec.rb -------------------------------------------------------------------------------- /spec/yaml_spec.rb: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/dtao/safe_yaml/HEAD/spec/yaml_spec.rb --------------------------------------------------------------------------------