Merge branch 'link_report_types_to_website'

4c417196 · Justin Collins · f2d9bd89 · ac0f0666 · 4c417196 · 4c417196
13 changed file
--- a/lib/brakeman/checks/check_escape_function.rb
+++ b/lib/brakeman/checks/check_escape_function.rb
@@ -13,7 +13,8 @@ class Brakeman::CheckEscapeFunction < Brakeman::BaseCheck
      warn :warning_type => 'Cross Site Scripting',
        :message => 'Versions before 2.3.14 have a vulnerability in escape method when used with Ruby 1.8: CVE-2011-2931',
        :confidence => CONFIDENCE[:high],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/Vr_7WSOrEZU/discussion"
    end
  end
 end
--- a/lib/brakeman/checks/check_filter_skipping.rb
+++ b/lib/brakeman/checks/check_filter_skipping.rb
@@ -13,7 +13,8 @@ class Brakeman::CheckFilterSkipping < Brakeman::BaseCheck
      warn :warning_type => "Default Routes",
        :message => "Versions before 3.0.10 have a vulnerability which allows filters to be bypassed: CVE-2011-2929",
        :confidence => CONFIDENCE[:high],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/NCCsca7TEtY/discussion"
    end
  end


--- a/lib/brakeman/checks/check_forgery_setting.rb
+++ b/lib/brakeman/checks/check_forgery_setting.rb
@@ -32,7 +32,8 @@ class Brakeman::CheckForgerySetting < Brakeman::BaseCheck
        :warning_type => "Cross-Site Request Forgery",
        :message => "CSRF protection is flawed in unpatched versions of Rails #{tracker.config[:rails_version]} (CVE-2011-0447). Upgrade to 2.3.11 or apply patches as needed",
        :confidence => CONFIDENCE[:high],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/LZWjzCPgNmU/discussion"

    elsif version_between? "3.0.0", "3.0.3"

@@ -40,7 +41,8 @@ class Brakeman::CheckForgerySetting < Brakeman::BaseCheck
        :warning_type => "Cross-Site Request Forgery",
        :message => "CSRF protection is flawed in unpatched versions of Rails #{tracker.config[:rails_version]} (CVE-2011-0447). Upgrade to 3.0.4 or apply patches as needed",
        :confidence => CONFIDENCE[:high],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/LZWjzCPgNmU/discussion"
    end
  end
 end
--- a/lib/brakeman/checks/check_link_to.rb
+++ b/lib/brakeman/checks/check_link_to.rb
@@ -76,7 +76,8 @@ class Brakeman::CheckLinkTo < Brakeman::CheckCrossSiteScripting
        :warning_type => "Cross Site Scripting", 
        :message => message,
        :user_input => input.match,
-        :confidence => CONFIDENCE[:high]
+        :confidence => CONFIDENCE[:high],
+        :link_path => "link_to"

    elsif not tracker.options[:ignore_model_output] and match = has_immediate_model?(arg)
      method = match[2]
@@ -94,7 +95,8 @@ class Brakeman::CheckLinkTo < Brakeman::CheckCrossSiteScripting
          :warning_type => "Cross Site Scripting", 
          :message => "Unescaped model attribute in link_to",
          :user_input => match,
-          :confidence => confidence
+          :confidence => confidence,
+          :link_path => "link_to"
      end

    elsif @matched
@@ -111,7 +113,8 @@ class Brakeman::CheckLinkTo < Brakeman::CheckCrossSiteScripting
          :warning_type => "Cross Site Scripting", 
          :message => message,
          :user_input => @matched.match,
-          :confidence => CONFIDENCE[:med]
+          :confidence => CONFIDENCE[:med],
+          :link_path => "link_to"
      end
    end
  end

--- a/lib/brakeman/checks/check_link_to_href.rb
+++ b/lib/brakeman/checks/check_link_to_href.rb
@@ -57,7 +57,8 @@ class Brakeman::CheckLinkToHref < Brakeman::CheckLinkTo
          :warning_type => "Cross Site Scripting", 
          :message => message,
          :user_input => input.match,
-          :confidence => CONFIDENCE[:high]
+          :confidence => CONFIDENCE[:high],
+          :link_path => "link_to_href"
      end
    elsif has_immediate_model? url_arg

@@ -84,7 +85,8 @@ class Brakeman::CheckLinkToHref < Brakeman::CheckLinkTo
          :warning_type => "Cross Site Scripting", 
          :message => message,
          :user_input => @matched.match,
-          :confidence => CONFIDENCE[:med]
+          :confidence => CONFIDENCE[:med],
+          :link_path => "link_to_href"
      end
    end
  end

--- a/lib/brakeman/checks/check_nested_attributes.rb
+++ b/lib/brakeman/checks/check_nested_attributes.rb
@@ -22,7 +22,8 @@ class Brakeman::CheckNestedAttributes < Brakeman::BaseCheck
      warn :warning_type => "Nested Attributes",
        :message => message,
        :confidence => CONFIDENCE[:high],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/-fkT0yja_gw/discussion"
    end
  end


--- a/lib/brakeman/checks/check_quote_table_name.rb
+++ b/lib/brakeman/checks/check_quote_table_name.rb
@@ -26,7 +26,8 @@ class Brakeman::CheckQuoteTableName < Brakeman::BaseCheck
      warn :warning_type => "SQL Injection",
        :message => message,
        :confidence => confidence,
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/ah5HN0S8OJs/discussion"
    end
  end


--- a/lib/brakeman/checks/check_response_splitting.rb
+++ b/lib/brakeman/checks/check_response_splitting.rb
@@ -13,7 +13,8 @@ class Brakeman::CheckResponseSplitting < Brakeman::BaseCheck
      warn :warning_type => "Response Splitting",
        :message => "Versions before 2.3.14 have a vulnerability content type handling allowing injection of headers: CVE-2011-3186",
        :confidence => CONFIDENCE[:med],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/b_yTveAph2g/discussion"
    end
  end
 end
--- a/lib/brakeman/checks/check_sql.rb
+++ b/lib/brakeman/checks/check_sql.rb
@@ -94,7 +94,8 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
      warn :warning_type => 'SQL Injection',
        :message => 'All versions of Rails before 3.0.13, 3.1.5, and 3.2.5 contain a SQL Query Generation Vulnerability: CVE-2012-2660; Upgrade to 3.2.5, 3.1.5, 3.0.13',
        :confidence => CONFIDENCE[:high],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/8SA-M3as7A8/discussion"
    end
  end

@@ -103,7 +104,8 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
      warn :warning_type => 'SQL Injection',
        :message => 'All versions of Rails before 3.0.13, 3.1.5, and 3.2.5 contain a SQL Injection Vulnerability: CVE-2012-2661; Upgrade to 3.2.5, 3.1.5, 3.0.13',
        :confidence => CONFIDENCE[:high],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/dUaiOOGWL1k/discussion"
    end
  end

@@ -112,7 +114,8 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
      warn :warning_type => 'SQL Injection',
        :message => 'All versions of Rails before 3.0.14, 3.1.6, and 3.2.6 contain SQL Injection Vulnerabilities: CVE-2012-2694 and CVE-2012-2695; Upgrade to 3.2.6, 3.1.6, 3.0.14',
        :confidence => CONFIDENCE[:high],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/l4L0TEVAz1k/discussion"
    end
  end


--- a/lib/brakeman/checks/check_strip_tags.rb
+++ b/lib/brakeman/checks/check_strip_tags.rb
@@ -20,7 +20,8 @@ class Brakeman::CheckStripTags < Brakeman::BaseCheck
      warn :warning_type => "Cross Site Scripting",
        :message => message,
        :confidence => CONFIDENCE[:high],
-        :file => gemfile_or_environment
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/topic/rubyonrails-security/K5EwdJt06hI/discussion"
    end
  end


--- a/lib/brakeman/format/style.css
+++ b/lib/brakeman/format/style.css
@@ -5,6 +5,10 @@ body {
  color: #161616;
 }

+a {
+  color: #161616;
+}
+
 p {
  font-weight: bold;
  font-size: 11pt;

--- a/lib/brakeman/report.rb
+++ b/lib/brakeman/report.rb
@@ -96,6 +96,7 @@ class Brakeman::Report
      if html
        w["Confidence"] = HTML_CONFIDENCE[w["Confidence"]]
        w["Message"] = with_context warning, w["Message"]
+        w["Warning Type"] = with_link warning, w["Warning Type"]
      else
        w["Confidence"] = TEXT_CONFIDENCE[w["Confidence"]]
        w["Message"] = text_message warning, w["Message"]
@@ -134,6 +135,7 @@ class Brakeman::Report
        if html
          w["Confidence"] = HTML_CONFIDENCE[w["Confidence"]]
          w["Message"] = with_context warning, w["Message"]
+          w["Warning Type"] = with_link warning, w["Warning Type"]
        else
          w["Confidence"] = TEXT_CONFIDENCE[w["Confidence"]]
          w["Message"] = text_message warning, w["Message"]
@@ -170,6 +172,7 @@ class Brakeman::Report
        if html
          w["Confidence"] = HTML_CONFIDENCE[w["Confidence"]]
          w["Message"] = with_context warning, w["Message"]
+          w["Warning Type"] = with_link warning, w["Warning Type"]
        else
          w["Confidence"] = TEXT_CONFIDENCE[w["Confidence"]]
          w["Message"] = text_message warning, w["Message"]
@@ -206,6 +209,7 @@ class Brakeman::Report
        if html
          w["Confidence"] = HTML_CONFIDENCE[w["Confidence"]]
          w["Message"] = with_context warning, w["Message"]
+          w["Warning Type"] = with_link warning, w["Warning Type"]
        else
          w["Confidence"] = TEXT_CONFIDENCE[w["Confidence"]]
          w["Message"] = text_message warning, w["Message"]
@@ -595,6 +599,10 @@ class Brakeman::Report
    output << "</table></div>"
  end

+  def with_link warning, message
+    "<a href=\"#{warning.link}\">#{message}</a>"
+  end
+
  #Generated tab-separated output suitable for the Jenkins Brakeman Plugin:
  #https://github.com/presidentbeef/brakeman-jenkins-plugin
  def to_tabs

--- a/lib/brakeman/warning.rb
+++ b/lib/brakeman/warning.rb
@@ -11,7 +11,7 @@ class Brakeman::Warning
  def initialize options = {}
    @view_name = nil

-    [:called_from, :check, :class, :code, :confidence, :controller, :file, :line,
+    [:called_from, :check, :class, :code, :confidence, :controller, :file, :line, :link_path,
      :message, :method, :model, :template, :user_input, :warning_set, :warning_type].each do |option|

      self.instance_variable_set("@#{option}", options[option])
@@ -101,6 +101,23 @@ class Brakeman::Warning
    @format_message
  end

+  def link
+    return @link if @link
+
+    if @link_path
+      if @link_path.start_with? "http"
+        @link = @link_path
+      else
+        @link = "http://brakemanscanner.org/docs/warning_types/#{@link_path}"
+      end
+    else
+      warning_path = self.warning_type.to_s.downcase.gsub(/\s+/, '_') + "/"
+      @link = "http://brakemanscanner.org/docs/warning_types/#{warning_path}"
+    end
+
+    @link
+  end
+
  #Generates a hash suitable for inserting into a table
  def to_row type = :warning
    @row = { "Confidence" => self.confidence,
@@ -151,6 +168,7 @@ class Brakeman::Warning
      :message => self.message,
      :file => self.file,
      :line => self.line,
+      :link => self.link,
      :code => (@code && self.format_code),
      :location => location,
      :user_input => (@user_input && self.format_user_input),