From 801d098e979e313f0a60f835c7b09578a968c619 Mon Sep 17 00:00:00 2001
From: "wade@bindshell.net"
 <wade@bindshell.net@b87d56ec-f9c0-11de-8c8a-61c5e9addfc9>
Date: Thu, 20 Oct 2011 13:51:12 +0000
Subject: [PATCH] Another test added which greps the source base for the eval
 function.

git-svn-id: https://beef.googlecode.com/svn/trunk@1375 b87d56ec-f9c0-11de-8c8a-61c5e9addfc9
---
 core/ruby/security.rb |  6 ------
 test/unit/tc_grep.rb  | 33 +++++++++++++++++++++++++++++++++
 test/unit/ts_beef.rb  |  2 ++
 3 files changed, 35 insertions(+), 6 deletions(-)
 create mode 100644 test/unit/tc_grep.rb

diff --git a/core/ruby/security.rb b/core/ruby/security.rb
index 111b927f3..096a93910 100644
--- a/core/ruby/security.rb
+++ b/core/ruby/security.rb
@@ -14,12 +14,6 @@
 #   limitations under the License.
 #
 
-# @note Prevent eval from ever being used
-# def eval(args)
-#   puts "For security reasons the eval method is not accepted in the Browser Exploitation Framework code base."
-#   exit
-# end
-
 # @note Prevent exec from ever being used
 def exec(args)
   puts "For security reasons the exec method is not accepted in the Browser Exploitation Framework code base."
diff --git a/test/unit/tc_grep.rb b/test/unit/tc_grep.rb
new file mode 100644
index 000000000..f89b38181
--- /dev/null
+++ b/test/unit/tc_grep.rb
@@ -0,0 +1,33 @@
+#
+#   Copyright 2011 Wade Alcorn wade@bindshell.net
+#
+#   Licensed under the Apache License, Version 2.0 (the "License");
+#   you may not use this file except in compliance with the License.
+#   You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+#   Unless required by applicable law or agreed to in writing, software
+#   distributed under the License is distributed on an "AS IS" BASIS,
+#   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#   See the License for the specific language governing permissions and
+#   limitations under the License.
+#
+require 'test/unit'
+require 'webrick'
+
+class TC_Grep < Test::Unit::TestCase
+
+  def test_grep_eval
+    Dir['../../../**/*.rb'].each do |path|
+      File.open( path ) do |f|
+        next if path.eql?('../../../trunk/test/unit/tc_grep.rb')
+        f.grep( /\Weval\W/im ) do |line|
+          assert(false, "Illegal use of 'eval' in framework: " + path + ':' + line)
+        end
+      end
+    end
+    
+  end
+
+end
diff --git a/test/unit/ts_beef.rb b/test/unit/ts_beef.rb
index 0446bce3e..c822a4daa 100644
--- a/test/unit/ts_beef.rb
+++ b/test/unit/ts_beef.rb
@@ -26,6 +26,7 @@ require './core/filter/tc_command'
 require './core/tc_loader'
 require './core/tc_core'
 require './core/tc_api'
+require './tc_grep'
 require './tc_filesystem'
 
 class TS_BeefTests
@@ -36,6 +37,7 @@ class TS_BeefTests
     suite << TC_Core.suite
     suite << TC_Api.suite
     suite << TC_Filesystem.suite
+    suite << TC_Grep.suite
     return suite
   end
 end