Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
李少辉-开发者
Brakeman
提交
f93112e6
B
Brakeman
项目概览
李少辉-开发者
/
Brakeman
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
B
Brakeman
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
前往新版Gitcode,体验更适合开发者的 AI 搜索 >>
提交
f93112e6
编写于
12月 11, 2013
作者:
J
Justin Collins
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Add check for CVE-2013-6415 (number_to_currency)
上级
630ff40d
变更
10
隐藏空白更改
内联
并排
Showing
10 changed file
with
143 addition
and
0 deletion
+143
-0
lib/brakeman/checks/check_number_to_currency.rb
lib/brakeman/checks/check_number_to_currency.rb
+55
-0
lib/brakeman/warning_codes.rb
lib/brakeman/warning_codes.rb
+2
-0
test/apps/rails4/app/views/users/index.html.erb
test/apps/rails4/app/views/users/index.html.erb
+4
-0
test/tests/only_files_option.rb
test/tests/only_files_option.rb
+12
-0
test/tests/rails2.rb
test/tests/rails2.rb
+10
-0
test/tests/rails3.rb
test/tests/rails3.rb
+12
-0
test/tests/rails31.rb
test/tests/rails31.rb
+12
-0
test/tests/rails32.rb
test/tests/rails32.rb
+12
-0
test/tests/rails4_with_engines.rb
test/tests/rails4_with_engines.rb
+12
-0
test/tests/rails_with_xss_plugin.rb
test/tests/rails_with_xss_plugin.rb
+12
-0
未找到文件。
lib/brakeman/checks/check_number_to_currency.rb
0 → 100644
浏览文件 @
f93112e6
require
'brakeman/checks/base_check'
class
Brakeman::CheckNumberToCurrency
<
Brakeman
::
BaseCheck
Brakeman
::
Checks
.
add
self
@description
=
"Checks for number_to_currency XSS vulnerability in certain versions"
def
run_check
if
(
version_between?
"2.0.0"
,
"3.2.15"
or
version_between?
"4.0.0"
,
"4.0.1"
)
check_number_to_currency_usage
generic_warning
unless
@found_any
end
end
def
generic_warning
message
=
"Rails
#{
tracker
.
config
[
:rails_version
]
}
has a vulnerability in number_to_currency (CVE-2013-6415). Upgrade to Rails version "
if
version_between?
"2.3.0"
,
"3.2.15"
message
<<
"3.2.16"
else
message
<<
"4.0.2"
end
warn
:warning_type
=>
"Cross Site Scripting"
,
:warning_code
=>
:CVE_2013_6415
,
:message
=>
message
,
:confidence
=>
CONFIDENCE
[
:med
],
:file
=>
gemfile_or_environment
,
:link_path
=>
"https://groups.google.com/d/topic/rubyonrails-security/8CpI7egxX4E/discussion"
end
def
check_number_to_currency_usage
tracker
.
find_call
(
:target
=>
false
,
:method
=>
:number_to_currency
).
each
do
|
result
|
arg
=
result
[
:call
].
second_arg
next
unless
arg
if
match
=
(
has_immediate_user_input?
arg
or
has_immediate_model?
arg
)
match
=
match
.
match
if
match
.
is_a?
Match
@found_any
=
true
warn_on_number_to_currency
result
,
match
end
end
end
def
warn_on_number_to_currency
result
,
match
warn
:result
=>
result
,
:warning_type
=>
"Cross Site Scripting"
,
:warning_code
=>
:CVE_2013_6415_call
,
:message
=>
"Currency value in number_to_currency is not safe in Rails
#{
@tracker
.
config
[
:rails_version
]
}
"
,
:confidence
=>
CONFIDENCE
[
:high
],
:link_path
=>
"https://groups.google.com/d/topic/rubyonrails-security/8CpI7egxX4E/discussion"
,
:user_input
=>
match
end
end
lib/brakeman/warning_codes.rb
浏览文件 @
f93112e6
...
...
@@ -65,6 +65,8 @@ module Brakeman::WarningCodes
:detailed_exceptions
=>
62
,
:CVE_2013_4491
=>
63
,
:CVE_2013_6414
=>
64
,
:CVE_2013_6415
=>
65
,
:CVE_2013_6415_call
=>
66
,
}
def
self
.
code
name
...
...
test/apps/rails4/app/views/users/index.html.erb
浏览文件 @
f93112e6
...
...
@@ -5,3 +5,7 @@
<%=
raw
call_something
(
params
).
to_json
%>
<%=
raw
params
[
:stuff
].
to_json
%>
<%=
number_to_currency
(
params
[
:cost
],
params
[
:currency
])
%>
<%=
number_to_currency
(
params
[
:cost
],
h
(
params
[
:currency
]))
%>
Should not warn
test/tests/only_files_option.rb
浏览文件 @
f93112e6
...
...
@@ -75,4 +75,16 @@ class OnlyFilesOptionTests < Test::Unit::TestCase
:user_input
=>
nil
end
def
test_number_to_currency_CVE_2013_6415
assert_warning
:type
=>
:warning
,
:warning_code
=>
65
,
:fingerprint
=>
"813b00b5c58567fb3f32051578b839cb25fc2d827834a30d4b213a4c126202a2"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
nil
,
:message
=>
/^Rails\ 3\.2\.9\.rc2 has\ a\ vulnerability\ in\ numbe/
,
:confidence
=>
1
,
:relative_path
=>
"Gemfile"
,
:user_input
=>
nil
end
end
test/tests/rails2.rb
浏览文件 @
f93112e6
...
...
@@ -955,6 +955,16 @@ class Rails2Tests < Test::Unit::TestCase
:relative_path
=>
"config/environment.rb"
end
def
test_number_to_currency_CVE_2013_6415
assert_warning
:type
=>
:warning
,
:warning_code
=>
65
,
:fingerprint
=>
"1822c8179beeb0358b71c545bad0dd824104aed8b995fe0781c1b6e324417a91"
,
:warning_type
=>
"Cross Site Scripting"
,
:message
=>
/^Rails\ 2\.3\.11\ has\ a\ vulnerability\ in\ numb/
,
:confidence
=>
1
,
:relative_path
=>
"config/environment.rb"
end
def
test_to_json
assert_warning
:type
=>
:template
,
:warning_type
=>
"Cross Site Scripting"
,
...
...
test/tests/rails3.rb
浏览文件 @
f93112e6
...
...
@@ -1099,6 +1099,18 @@ class Rails3Tests < Test::Unit::TestCase
:relative_path
=>
"Gemfile"
end
def
test_number_to_currency_CVE_2013_6415
assert_warning
:type
=>
:warning
,
:warning_code
=>
65
,
:fingerprint
=>
"813b00b5c58567fb3f32051578b839cb25fc2d827834a30d4b213a4c126202a2"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
nil
,
:message
=>
/^Rails\ 3\.0\.3\ has\ a\ vulnerability\ in\ numbe/
,
:confidence
=>
1
,
:relative_path
=>
"Gemfile"
,
:user_input
=>
nil
end
def
test_http_only_session_setting
assert_warning
:type
=>
:warning
,
:warning_type
=>
"Session Setting"
,
...
...
test/tests/rails31.rb
浏览文件 @
f93112e6
...
...
@@ -820,6 +820,18 @@ class Rails31Tests < Test::Unit::TestCase
:relative_path
=>
"Gemfile"
end
def
test_number_to_currency_CVE_2013_6415
assert_warning
:type
=>
:warning
,
:warning_code
=>
65
,
:fingerprint
=>
"813b00b5c58567fb3f32051578b839cb25fc2d827834a30d4b213a4c126202a2"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
nil
,
:message
=>
/^Rails\ 3\.1\.0\ has\ a\ vulnerability\ in\ numbe/
,
:confidence
=>
1
,
:relative_path
=>
"Gemfile"
,
:user_input
=>
nil
end
def
test_to_json_with_overwritten_config
assert_warning
:type
=>
:template
,
:warning_type
=>
"Cross Site Scripting"
,
...
...
test/tests/rails32.rb
浏览文件 @
f93112e6
...
...
@@ -100,6 +100,18 @@ class Rails32Tests < Test::Unit::TestCase
:relative_path
=>
"Gemfile"
end
def
test_number_to_currency_CVE_2013_6415
assert_warning
:type
=>
:warning
,
:warning_code
=>
65
,
:fingerprint
=>
"813b00b5c58567fb3f32051578b839cb25fc2d827834a30d4b213a4c126202a2"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
nil
,
:message
=>
/^Rails\ 3\.2\.9\.rc2 has\ a\ vulnerability\ in\ numbe/
,
:confidence
=>
1
,
:relative_path
=>
"Gemfile"
,
:user_input
=>
nil
end
def
test_redirect_1
assert_warning
:type
=>
:warning
,
:warning_type
=>
"Redirect"
,
...
...
test/tests/rails4_with_engines.rb
浏览文件 @
f93112e6
...
...
@@ -28,6 +28,18 @@ class Rails4WithEnginesTests < Test::Unit::TestCase
:relative_path
=>
"Gemfile"
end
def
test_number_to_currency_CVE_2013_6415
assert_warning
:type
=>
:warning
,
:warning_code
=>
65
,
:fingerprint
=>
"813b00b5c58567fb3f32051578b839cb25fc2d827834a30d4b213a4c126202a2"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
nil
,
:message
=>
/^Rails\ 4\.0\.0\ has\ a\ vulnerability\ in\ numbe/
,
:confidence
=>
1
,
:relative_path
=>
"Gemfile"
,
:user_input
=>
nil
end
def
test_redirect_1
assert_warning
:type
=>
:generic
,
:warning_code
=>
18
,
...
...
test/tests/rails_with_xss_plugin.rb
浏览文件 @
f93112e6
...
...
@@ -334,4 +334,16 @@ class RailsWithXssPluginTests < Test::Unit::TestCase
:confidence
=>
1
,
:file
=>
/Gemfile/
end
def
test_number_to_currency_CVE_2013_6415
assert_warning
:type
=>
:warning
,
:warning_code
=>
65
,
:fingerprint
=>
"813b00b5c58567fb3f32051578b839cb25fc2d827834a30d4b213a4c126202a2"
,
:warning_type
=>
"Cross Site Scripting"
,
:line
=>
nil
,
:message
=>
/^Rails\ 2\.3\.14\ has\ a\ vulnerability\ in\ numb/
,
:confidence
=>
1
,
:relative_path
=>
"Gemfile"
,
:user_input
=>
nil
end
end
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录