add some ruby files for the tests

Sim4n6 · Sim4n6 · commit 7fa24a41f018 · 2024-06-04T09:45:54.000+01:00
diff --git a/ruby/test/security/CWE-770/UserControlledMaxIterations__bad.rb b/ruby/test/security/CWE-770/UserControlledMaxIterations__bad.rb
@@ -0,0 +1,21 @@
+class UserController < ActionController::Base
+    def bad_examples
+      limit = params[:limit].to_i
+      
+      # repeat a simple operation for the number of limit specified using upto()
+      1.upto(days) do |i|
+          put "a repeatable operation"
+      end
+      
+      # repeat a simple operation for the number of limit specified using times()
+      limit.times do
+          put "a repeatable operation"
+      end
+  
+      # repeat a simple operation for the number of limit specified using downto()
+      limit.downto(1) do |i|
+          put "a repeatable operation"
+      end
+  
+    end
+  end
diff --git a/ruby/test/security/CWE-770/UserControlledMaxIterations__good.rb b/ruby/test/security/CWE-770/UserControlledMaxIterations__good.rb
@@ -0,0 +1,17 @@
+class UserController < ActionController::Base
+    def good_example
+      limit = params[:limit].to_i
+
+      # limit the limit between 1 and 1000
+      if not (limit => 1 && limit < 1000)
+         limit = 10
+      end 
+      
+
+      # repeat a simple operation for the number of limit specified using upto()
+      1.upto(days) do |i|
+          put "a repeatable operation"
+      end
+  
+    end
+  end
