Skip to content

B
brakeman

社会瑞弟呀 / brakeman

通知 1
Star 0
Fork 0
B
brakeman

体验新版 GitCode,发现更多精彩内容 >>

提交 2af31af6 编写于 作者: J Justin Collins 提交者: Justin Collins
浏览文件
操作

Use Match struct for CheckCrossSiteScripting

上级 77e13b91
隐藏空白更改
内联 并排
Showing with 36 addition and 31 deletion
lib/brakeman/checks/check_cross_site_scripting.rb
浏览文件 @ 2af31af6
......@@ -160,29 +160,34 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
actually_process_call exp
message = nil
if @matched == :model and not tracker.options[:ignore_model_output]
message = "Unescaped model attribute"
elsif @matched == :params
message = "Unescaped parameter value"
elsif @matched == :cookies
message = "Unescaped cookie value"
end
if message and not duplicate? exp
add_result exp
if exp[1].nil? and @known_dangerous.include? exp[2]
confidence = CONFIDENCE[:high]
else
confidence = CONFIDENCE[:low]
if @matched
case @matched.type
when :model
unless tracker.options[:ignore_model_output]
message = "Unescaped model attribute"
end
when :params
message = "Unescaped parameter value"
when :cookies
message = "Unescaped cookie value"
end
warn :template => @current_template,
:warning_type => "Cross Site Scripting",
:message => message,
:line => exp.line,
:code => exp,
:confidence => confidence
if message and not duplicate? exp
add_result exp
if exp[1].nil? and @known_dangerous.include? exp[2]
confidence = CONFIDENCE[:high]
else
confidence = CONFIDENCE[:low]
end
warn :template => @current_template,
:warning_type => "Cross Site Scripting",
:message => message,
:line => exp.line,
:code => exp,
:confidence => confidence
end
end
@mark = @matched = false
......@@ -203,7 +208,7 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
#Ignore safe items
if (target.nil? and (@ignore_methods.include? method or method.to_s =~ IGNORE_LIKE)) or
(@matched == :model and IGNORE_MODEL_METHODS.include? method) or
(@matched and @matched.type == :model and IGNORE_MODEL_METHODS.include? method) or
(target == HAML_HELPERS and method == :html_escape) or
((target == URI or target == CGI) and method == :escape) or
(target == XML_HELPER and method == :escape_xml) or
......@@ -213,11 +218,11 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
#exp[0] = :ignore #should not be necessary
@matched = false
elsif sexp? exp[1] and model_name? exp[1][1]
@matched = :model
@matched = Match.new(:model, exp)
elsif cookies? exp
@matched = :cookies
@matched = Match.new(:cookies, exp)
elsif @inspect_arguments and params? exp
@matched = :params
@matched = Match.new(:params, exp)
elsif @inspect_arguments
process args
end
......@@ -225,13 +230,13 @@ class Brakeman::CheckCrossSiteScripting < Brakeman::BaseCheck
#Note that params have been found
def process_params exp
@matched = :params
@matched = Match.new(:params, exp)
exp
end
#Note that cookies have been found
def process_cookies exp
@matched = :cookies
@matched = Match.new(:cookies, exp)
exp
end
......
lib/brakeman/checks/check_link_to.rb
浏览文件 @ 2af31af6
......@@ -95,9 +95,9 @@ class Brakeman::CheckLinkTo < Brakeman::CheckCrossSiteScripting
end
elsif @matched
if @matched == :model and not tracker.options[:ignore_model_output]
if @matched.type == :model and not tracker.options[:ignore_model_output]
message = "Unescaped model attribute in link_to"
elsif @matched == :params
elsif @matched.type == :params
message = "Unescaped parameter value in link_to"
end
......
lib/brakeman/checks/check_link_to_href.rb
浏览文件 @ 2af31af6
......@@ -71,9 +71,9 @@ class Brakeman::CheckLinkToHref < Brakeman::CheckLinkTo
# attack.
elsif @matched
if @matched == :model and not tracker.options[:ignore_model_output]
if @matched.type == :model and not tracker.options[:ignore_model_output]
message = "Unsafe model attribute in link_to href"
elsif @matched == :params
elsif @matched.type == :params
message = "Unsafe parameter value in link_to href"
end
......
Markdown is supported
0% .
You are about to add 0 people to the discussion. Proceed with caution.
先完成此消息的编辑!
想要评论请 注册