From 6fa175ac61cc26e06cae7a1b642a2b1cb7a7d87b Mon Sep 17 00:00:00 2001
From: Mike McCabe <mccabe615@gmail.com>
Date: Tue, 22 Oct 2013 11:31:47 -0400
Subject: [PATCH] a little fix for the error running the command injection
 spec. basically capturing the error from cp and sending it to the gutter

---
 spec/vulnerabilities/command_injection_spec.rb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/spec/vulnerabilities/command_injection_spec.rb b/spec/vulnerabilities/command_injection_spec.rb
index 9b4ad85..8d69415 100644
--- a/spec/vulnerabilities/command_injection_spec.rb
+++ b/spec/vulnerabilities/command_injection_spec.rb
@@ -15,7 +15,7 @@ feature 'command injection' do
 
     visit "/users/#{@normal_user.user_id}/benefit_forms"
     Dir.mktmpdir do |dir|
-      hackety_file = File.join(dir, '; cd public && cd data && rm -f * ;')
+      hackety_file = File.join(dir, ' >> /dev/null &2>1; cd public && cd data && rm -f * ;')
       File.open(hackety_file, 'w') { |f| f.print 'mwahaha' }
       within('.new_benefits') do
         attach_file 'benefits_upload', hackety_file
@@ -25,4 +25,4 @@ feature 'command injection' do
     end
     pending(:if => verifying_fixed?) { File.exists?(legit_file).should be_false }
   end
-end
\ No newline at end of file
+end