Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
社会瑞弟呀
brakeman
提交
c2a843c8
B
brakeman
项目概览
社会瑞弟呀
/
brakeman
通知
1
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
DevOps
流水线
流水线任务
计划
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
B
brakeman
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
DevOps
DevOps
流水线
流水线任务
计划
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
流水线任务
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
c2a843c8
编写于
4月 17, 2012
作者:
O
oreoshake
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
Extract diff logic to its own class
上级
52e446cb
变更
4
隐藏空白更改
内联
并排
Showing
4 changed file
with
58 addition
and
55 deletion
+58
-55
lib/brakeman.rb
lib/brakeman.rb
+4
-28
lib/brakeman/checks.rb
lib/brakeman/checks.rb
+2
-16
lib/brakeman/differ.rb
lib/brakeman/differ.rb
+52
-0
lib/brakeman/warning.rb
lib/brakeman/warning.rb
+0
-11
未找到文件。
lib/brakeman.rb
浏览文件 @
c2a843c8
...
...
@@ -313,38 +313,14 @@ module Brakeman
# Compare JSON ouptut from a previous scan and return the diff of the two scans
def
self
.
compare
options
require
'json'
require
'brakeman/differ'
raise
ArgumentError
.
new
(
"Comparison file doesn't exist"
)
unless
File
.
exists?
options
[
:previous_results_json
]
previous_results
=
JSON
::
load
(
File
::
open
(
options
[
:previous_results_json
]))[
'warnings'
]
previous_results
=
JSON
.
parse
(
File
::
open
(
options
[
:previous_results_json
]).
read
,
:symbolize_names
=>
true
)[
:warnings
]
tracker
=
run
(
options
)
new_results
=
JSON
.
parse
(
tracker
.
report
.
to_json
)[
'warnings'
]
warnings
=
{}
warnings
[
:new
]
=
new_results
-
previous_results
warnings
[
:fixed
]
=
previous_results
-
new_results
# second pass to cleanup any vulns which have changed in line number only
warnings
[
:new
].
each_with_index
do
|
new_warning
,
new_warning_id
|
warnings
[
:fixed
].
each_with_index
do
|
fixed_warning
,
fixed_warning_id
|
if
matches_except_line
new_warning
,
fixed_warning
warnings
[
:new
].
delete_at
new_warning_id
warnings
[
:fixed
].
delete_at
fixed_warning_id
end
end
end
warnings
end
private
new_results
=
JSON
.
parse
(
tracker
.
report
.
to_json
,
:symbolize_names
=>
true
)[
:warnings
]
def
self
.
matches_except_line
new_vuln
,
fixed_vuln
new_vuln
.
keys
.
reject
{
|
k
,
v
|
k
==
'line'
}.
each
do
|
attr
|
if
new_vuln
[
attr
]
!=
fixed_vuln
[
attr
]
return
false
end
end
true
Brakeman
::
Differ
.
new
(
new_results
,
previous_results
).
diff
end
end
lib/brakeman/checks.rb
浏览文件 @
c2a843c8
require
'thread'
require
'brakeman/differ'
#Collects up results from running different checks.
#
...
...
@@ -64,22 +65,7 @@ class Brakeman::Checks
def
diff
other_checks
my_warnings
=
self
.
all_warnings
other_warnings
=
other_checks
.
all_warnings
diff
=
{}
diff
[
:fixed
]
=
other_warnings
-
my_warnings
diff
[
:new
]
=
my_warnings
-
other_warnings
# second pass to cleanup any vulns which have changed in line number only
diff
[
:new
].
each_with_index
do
|
new_warning
,
new_warning_id
|
diff
[
:fixed
].
each_with_index
do
|
fixed_warning
,
fixed_warning_id
|
if
new_warning
.
matches_except_line
fixed_warning
diff
[
:new
].
delete_at
new_warning_id
diff
[
:fixed
].
delete_at
fixed_warning_id
end
end
end
diff
Brakeman
::
Differ
.
new
(
my_warnings
,
other_warnings
).
diff
end
#Return an array of all warnings found.
...
...
lib/brakeman/differ.rb
0 → 100644
浏览文件 @
c2a843c8
# extracting the diff logic to it's own class for consistency currently handles
# an array of Brakeman::Warnings or plain hash representations.
class
Brakeman::Differ
DEFAULT_HASH
=
{
:new
=>
[],
:fixed
=>
[]}
attr_reader
:old_warnings
,
:new_warnings
def
initialize
new_warnings
,
old_warnings
@new_warnings
=
new_warnings
@old_warnings
=
old_warnings
end
def
diff
# get the type of elements
return
DEFAULT_HASH
if
@old_warnings
.
empty?
&&
@new_warnings
.
empty?
warnings
=
{}
warnings
[
:new
]
=
@new_warnings
-
@old_warnings
warnings
[
:fixed
]
=
@old_warnings
-
@new_warnings
second_pass
(
warnings
)
end
# second pass to cleanup any vulns which have changed in line number only
# Horrible O(n^2) performance. Keep n small :-/
def
second_pass
(
warnings
)
warnings
[
:new
].
each_with_index
do
|
new_warning
,
new_warning_id
|
warnings
[
:fixed
].
each_with_index
do
|
fixed_warning
,
fixed_warning_id
|
if
matches_except_line
new_warning
,
fixed_warning
warnings
[
:new
].
delete_at
new_warning_id
warnings
[
:fixed
].
delete_at
fixed_warning_id
end
end
end
warnings
end
def
matches_except_line
new_warning
,
fixed_warning
# can't do this ahead of time, as callers may be expecting a Brakeman::Warning
if
new_warning
.
is_a?
Brakeman
::
Warning
new_warning
=
new_warning
.
to_hash
fixed_warning
=
fixed_warning
.
to_hash
end
new_warning
.
keys
.
reject
{
|
k
,
v
|
k
==
:line
}.
each
do
|
attr
|
if
new_warning
[
attr
]
!=
fixed_warning
[
attr
]
return
false
end
end
true
end
end
lib/brakeman/warning.rb
浏览文件 @
c2a843c8
...
...
@@ -152,15 +152,4 @@ class Brakeman::Warning
JSON
.
dump
self
.
to_hash
end
def
matches_except_line
other_warning
other_warning_hash
=
other_warning
.
to_hash
self_hash
=
self
.
to_hash
self_hash
.
keys
.
reject
{
|
k
,
v
|
k
==
:line
}.
each
do
|
attr
|
if
self_hash
[
attr
]
!=
other_warning_hash
[
attr
]
return
false
end
end
true
end
end
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录