From 98557760b8eff1c4399644f819bd0f621b586e98 Mon Sep 17 00:00:00 2001
From: Justin Collins <justin@presidentbeef.com>
Date: Thu, 22 Mar 2018 09:16:27 -0700
Subject: [PATCH] Add test for scanning jobs directory

---
 test/apps/rails5.2/app/jobs/delete_stuff_job.rb |  5 +++++
 test/tests/rails52.rb                           | 15 ++++++++++++++-
 2 files changed, 19 insertions(+), 1 deletion(-)
 create mode 100644 test/apps/rails5.2/app/jobs/delete_stuff_job.rb

diff --git a/test/apps/rails5.2/app/jobs/delete_stuff_job.rb b/test/apps/rails5.2/app/jobs/delete_stuff_job.rb
new file mode 100644
index 0000000000..f5008bf85b
--- /dev/null
+++ b/test/apps/rails5.2/app/jobs/delete_stuff_job.rb
@@ -0,0 +1,5 @@
+class DeleteStuffJob < ApplicationJob
+  def perform file
+    `rm -rf #{file}`
+  end
+end
diff --git a/test/tests/rails52.rb b/test/tests/rails52.rb
index e8f99e92be..20de2c4f02 100644
--- a/test/tests/rails52.rb
+++ b/test/tests/rails52.rb
@@ -13,7 +13,7 @@ def expected
       :controller => 0,
       :model => 0,
       :template => 0,
-      :generic => 2
+      :generic => 3
     }
   end
 
@@ -53,6 +53,19 @@ def test_command_injection_1
       :user_input => s(:ivar, :@blah)
   end
 
+  def test_command_injection_in_job
+    assert_warning :type => :warning,
+      :warning_code => 14,
+      :fingerprint => "e712e2741ad78f4e947bec84f36a0d703849d3b0facdabd8cc74851d7b702a48",
+      :warning_type => "Command Injection",
+      :line => 3,
+      :message => /^Possible\ command\ injection/,
+      :confidence => 1,
+      :relative_path => "app/jobs/delete_stuff_job.rb",
+      :code => s(:dxstr, "rm -rf ", s(:evstr, s(:lvar, :file))),
+      :user_input => s(:lvar, :file)
+  end
+
   def test_command_injection_shellwords
     assert_no_warning :type => :warning,
       :warning_code => 14,