Escape method names in rescan regex

527656d4 · Justin Collins · 8ec72784 · 527656d4
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

lib/brakeman/rescanner.rb lib/brakeman/rescanner.rb +1 -1

未找到文件。
--- a/lib/brakeman/rescanner.rb
+++ b/lib/brakeman/rescanner.rb
@@ -322,7 +322,7 @@ class Brakeman::Rescanner < Brakeman::Scanner
      end
    end

-    method_matcher = /##{method_names.join('|')}$/
+    method_matcher = /##{method_names.map {|n| Regexp.escape(n.to_s)}.join('|')}$/

    #Rescan controllers that mixed in library
    tracker.controllers.each do |name, controller|