Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
社会瑞弟呀
brakeman
提交
44283ebc
B
brakeman
项目概览
社会瑞弟呀
/
brakeman
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
B
brakeman
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
44283ebc
编写于
4月 25, 2013
作者:
J
Justin Collins
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Use hash for call locations instead of array
上级
b2ff5d26
变更
8
隐藏空白更改
内联
并排
Showing
8 changed file
with
59 addition
and
66 deletion
+59
-66
lib/brakeman/call_index.rb
lib/brakeman/call_index.rb
+4
-4
lib/brakeman/checks/base_check.rb
lib/brakeman/checks/base_check.rb
+2
-2
lib/brakeman/checks/check_execute.rb
lib/brakeman/checks/check_execute.rb
+3
-11
lib/brakeman/checks/check_select_tag.rb
lib/brakeman/checks/check_select_tag.rb
+1
-1
lib/brakeman/checks/check_select_vulnerability.rb
lib/brakeman/checks/check_select_vulnerability.rb
+2
-2
lib/brakeman/checks/check_sql.rb
lib/brakeman/checks/check_sql.rb
+5
-4
lib/brakeman/processors/lib/find_all_calls.rb
lib/brakeman/processors/lib/find_all_calls.rb
+35
-36
lib/brakeman/warning.rb
lib/brakeman/warning.rb
+7
-6
未找到文件。
lib/brakeman/call_index.rb
浏览文件 @
44283ebc
...
...
@@ -82,13 +82,13 @@ class Brakeman::CallIndex
def
remove_indexes_by_class
classes
@calls_by_method
.
each
do
|
name
,
calls
|
calls
.
delete_if
do
|
call
|
call
[
:location
][
0
]
==
:class
and
classes
.
include?
call
[
:location
][
1
]
call
[
:location
][
:type
]
==
:class
and
classes
.
include?
call
[
:location
][
:class
]
end
end
@calls_by_target
.
each
do
|
name
,
calls
|
calls
.
delete_if
do
|
call
|
call
[
:location
][
0
]
==
:class
and
classes
.
include?
call
[
:location
][
1
]
call
[
:location
][
:type
]
==
:class
and
classes
.
include?
call
[
:location
][
:class
]
end
end
end
...
...
@@ -206,8 +206,8 @@ class Brakeman::CallIndex
end
def
from_template
call
,
template_name
return
false
unless
call
[
:location
][
0
]
==
:template
return
false
unless
call
[
:location
][
:type
]
==
:template
return
true
if
template_name
.
nil?
call
[
:location
][
1
]
==
template_name
call
[
:location
][
:template
]
==
template_name
end
end
lib/brakeman/checks/base_check.rb
浏览文件 @
44283ebc
...
...
@@ -31,7 +31,7 @@ class Brakeman::BaseCheck < Brakeman::SexpProcessor
#Add result to result list, which is used to check for duplicates
def
add_result
result
,
location
=
nil
location
||=
(
@current_template
&&
@current_template
[
:name
])
||
@current_class
||
@current_module
||
@current_set
||
result
[
:location
][
1
]
location
||=
(
@current_template
&&
@current_template
[
:name
])
||
@current_class
||
@current_module
||
@current_set
||
result
[
:location
][
:class
]
||
result
[
:location
][
:template
]
location
=
location
[
:name
]
if
location
.
is_a?
Hash
location
=
location
.
to_sym
...
...
@@ -244,7 +244,7 @@ class Brakeman::BaseCheck < Brakeman::SexpProcessor
raise
ArgumentError
end
location
||=
(
@current_template
&&
@current_template
[
:name
])
||
@current_class
||
@current_module
||
@current_set
||
result
[
:location
][
1
]
location
||=
(
@current_template
&&
@current_template
[
:name
])
||
@current_class
||
@current_module
||
@current_set
||
result
[
:location
][
:class
]
||
result
[
:location
][
:template
]
location
=
location
[
:name
]
if
location
.
is_a?
Hash
location
=
location
.
to_sym
...
...
lib/brakeman/checks/check_execute.rb
浏览文件 @
44283ebc
...
...
@@ -84,20 +84,12 @@ class Brakeman::CheckExecute < Brakeman::BaseCheck
user_input
=
nil
end
warning
=
{
:warning_type
=>
"Command Injection"
,
warn
:result
=>
result
,
:warning_type
=>
"Command Injection"
,
:warning_code
=>
:command_injection
,
:message
=>
"Possible command injection"
,
:code
=>
exp
,
:user_input
=>
user_input
,
:confidence
=>
confidence
}
if
result
[
:location
][
0
]
==
:template
warning
[
:template
]
=
result
[
:location
][
1
]
else
warning
[
:class
]
=
result
[
:location
][
1
]
warning
[
:method
]
=
result
[
:location
][
2
]
end
warn
warning
:confidence
=>
confidence
end
end
lib/brakeman/checks/check_select_tag.rb
浏览文件 @
44283ebc
...
...
@@ -24,7 +24,7 @@ class Brakeman::CheckSelectTag < Brakeman::BaseCheck
@message
=
"Upgrade to Rails
#{
suggested_version
}
,
#{
tracker
.
config
[
:rails_version
]
}
select_tag is vulnerable (CVE-2012-3463)"
calls
=
tracker
.
find_call
(
:target
=>
nil
,
:method
=>
:select_tag
).
select
do
|
result
|
result
[
:location
][
0
]
==
:template
result
[
:location
][
:type
]
==
:template
end
calls
.
each
do
|
result
|
...
...
lib/brakeman/checks/check_select_vulnerability.rb
浏览文件 @
44283ebc
...
...
@@ -24,7 +24,7 @@ class Brakeman::CheckSelectVulnerability < Brakeman::BaseCheck
@message
=
"Upgrade to Rails
#{
suggested_version
}
,
#{
tracker
.
config
[
:rails_version
]
}
select() helper is vulnerable"
calls
=
tracker
.
find_call
(
:target
=>
nil
,
:method
=>
:select
).
select
do
|
result
|
result
[
:location
][
0
]
==
:template
result
[
:location
][
:type
]
==
:template
end
calls
.
each
do
|
result
|
...
...
@@ -47,7 +47,7 @@ class Brakeman::CheckSelectVulnerability < Brakeman::BaseCheck
confidence
=
CONFIDENCE
[
:low
]
end
warn
:template
=>
result
[
:location
][
1
],
warn
:template
=>
result
[
:location
][
:template
],
:warning_type
=>
"Cross Site Scripting"
,
:warning_code
=>
:select_options_vuln
,
:result
=>
result
,
...
...
lib/brakeman/checks/check_sql.rb
浏览文件 @
44283ebc
...
...
@@ -68,7 +68,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
if
model
[
:options
][
:named_scope
]
model
[
:options
][
:named_scope
].
each
do
|
args
|
call
=
make_call
(
nil
,
:named_scope
,
args
).
line
(
args
.
line
)
scope_calls
<<
{
:call
=>
call
,
:location
=>
[
:class
,
name
]
,
:method
=>
:named_scope
}
scope_calls
<<
{
:call
=>
call
,
:location
=>
{
:type
=>
:class
,
:class
=>
name
}
,
:method
=>
:named_scope
}
end
end
end
...
...
@@ -84,10 +84,10 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
process_scope_with_block
name
,
args
elsif
second_arg
.
node_type
==
:call
call
=
second_arg
scope_calls
<<
{
:call
=>
call
,
:location
=>
[
:class
,
name
]
,
:method
=>
call
.
method
}
scope_calls
<<
{
:call
=>
call
,
:location
=>
{
:type
=>
:class
,
:class
=>
name
}
,
:method
=>
call
.
method
}
else
call
=
make_call
(
nil
,
:scope
,
args
).
line
(
args
.
line
)
scope_calls
<<
{
:call
=>
call
,
:location
=>
[
:class
,
name
]
,
:method
=>
:scope
}
scope_calls
<<
{
:call
=>
call
,
:location
=>
{
:type
=>
:class
,
:class
=>
name
}
,
:method
=>
:scope
}
end
end
end
...
...
@@ -174,7 +174,8 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
end
end
elsif
block
.
node_type
==
:call
process_result
:target
=>
block
.
target
,
:method
=>
block
.
method
,
:call
=>
block
,
:location
=>
[
:class
,
model_name
,
scope_name
]
process_result
:target
=>
block
.
target
,
:method
=>
block
.
method
,
:call
=>
block
,
:location
=>
{
:type
=>
:class
,
:class
=>
model_name
,
:method
=>
scope_name
}
end
end
...
...
lib/brakeman/processors/lib/find_all_calls.rb
浏览文件 @
44283ebc
...
...
@@ -49,15 +49,12 @@ class Brakeman::FindAllCalls < Brakeman::BaseProcessor
method
=
exp
.
method
process_call_args
exp
call
=
{
:target
=>
target
,
:method
=>
method
,
:call
=>
exp
,
:nested
=>
@in_target
,
:chain
=>
get_chain
(
exp
)
}
if
@current_template
call
[
:location
]
=
[
:template
,
@current_template
]
else
call
[
:location
]
=
[
:class
,
@current_class
,
@current_method
]
end
@calls
<<
call
@calls
<<
{
:target
=>
target
,
:method
=>
method
,
:call
=>
exp
,
:nested
=>
@in_target
,
:chain
=>
get_chain
(
exp
),
:location
=>
make_location
}
exp
end
...
...
@@ -67,15 +64,11 @@ class Brakeman::FindAllCalls < Brakeman::BaseProcessor
def
process_render
exp
process
exp
.
last
if
sexp?
exp
.
last
call
=
{
:target
=>
nil
,
:method
=>
:render
,
:call
=>
exp
,
:nested
=>
false
}
if
@current_template
call
[
:location
]
=
[
:template
,
@current_template
]
else
call
[
:location
]
=
[
:class
,
@current_class
,
@current_method
]
end
@calls
<<
call
@calls
<<
{
:target
=>
nil
,
:method
=>
:render
,
:call
=>
exp
,
:nested
=>
false
,
:location
=>
make_location
}
exp
end
...
...
@@ -85,15 +78,11 @@ class Brakeman::FindAllCalls < Brakeman::BaseProcessor
def
process_dxstr
exp
process
exp
.
last
if
sexp?
exp
.
last
call
=
{
:target
=>
nil
,
:method
=>
:`
,
:call
=>
exp
,
:nested
=>
false
}
if
@current_template
call
[
:location
]
=
[
:template
,
@current_template
]
else
call
[
:location
]
=
[
:class
,
@current_class
,
@current_method
]
end
@calls
<<
call
@calls
<<
{
:target
=>
nil
,
:method
=>
:`
,
:call
=>
exp
,
:nested
=>
false
,
:location
=>
make_location
}
exp
end
...
...
@@ -102,15 +91,11 @@ class Brakeman::FindAllCalls < Brakeman::BaseProcessor
def
process_dsym
exp
exp
.
each
{
|
arg
|
process
arg
if
sexp?
arg
}
call
=
{
:target
=>
nil
,
:method
=>
:literal_to_sym
,
:call
=>
exp
,
:nested
=>
false
}
if
@current_template
call
[
:location
]
=
[
:template
,
@current_template
]
else
call
[
:location
]
=
[
:class
,
@current_class
,
@current_method
]
end
@calls
<<
call
@calls
<<
{
:target
=>
nil
,
:method
=>
:literal_to_sym
,
:call
=>
exp
,
:nested
=>
false
,
:location
=>
make_location
}
exp
end
...
...
@@ -156,4 +141,18 @@ class Brakeman::FindAllCalls < Brakeman::BaseProcessor
[
get_target
(
call
)]
end
end
def
make_location
if
@current_template
{
:type
=>
:template
,
:template
=>
@current_template
,
:file
=>
@current_file
}
else
{
:type
=>
:class
,
:class
=>
@current_class
,
:method
=>
@current_method
,
:file
=>
@current_file
}
end
end
end
lib/brakeman/warning.rb
浏览文件 @
44283ebc
...
...
@@ -24,13 +24,14 @@ class Brakeman::Warning
result
=
options
[
:result
]
if
result
if
result
[
:location
][
0
]
==
:template
#template result
@template
||=
result
[
:location
][
1
]
@code
||=
result
[
:call
]
@code
||=
result
[
:call
]
@file
||=
result
[
:file
]
if
result
[
:location
][
:type
]
==
:template
#template result
@template
||=
result
[
:location
][
:template
]
else
@class
||=
result
[
:location
][
1
]
@method
||=
result
[
:location
][
2
]
@code
||=
result
[
:call
]
@class
||=
result
[
:location
][
:class
]
@method
||=
result
[
:location
][
:method
]
end
end
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录