brakeman-lib 4.2.0 → 4.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 7070db1a411e9196bbb90fe7a34209ecd8cf15210e5fa21be1442c668e8f00d0
|
|
4
|
+
data.tar.gz: 940132f27d3803e1fa445d51c869cf426a712d065892f49b6e138222dc66ba71
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: dfbb4f4f11b1e8b00a206a6185e3e58862061f954a43cdf611fb38d6bd97b0e04ef6439adcc68b6ea6dc1675b5853f8a9af03c378be3d7cc6d9f4f49a61f5d5d
|
|
7
|
+
data.tar.gz: 77cb923ae34ee9a094200e1dc08a120ca001b4f646907fcb896bc147694041c989bfea7dc3023d876c0ee1461bedd5dc35cae53b94ef36ee6971baff980ceaae
|
data/CHANGES.md
CHANGED
data/lib/brakeman/app_tree.rb
CHANGED
|
@@ -112,7 +112,8 @@ module Brakeman
|
|
|
112
112
|
def lib_paths
|
|
113
113
|
@lib_files ||= find_paths("lib").reject { |path| path.include? "/generators/" or path.include? "lib/tasks/" or path.include? "lib/templates/" } +
|
|
114
114
|
find_additional_lib_paths +
|
|
115
|
-
find_helper_paths
|
|
115
|
+
find_helper_paths +
|
|
116
|
+
find_job_paths
|
|
116
117
|
end
|
|
117
118
|
|
|
118
119
|
private
|
|
@@ -121,6 +122,10 @@ module Brakeman
|
|
|
121
122
|
find_paths "app/helpers"
|
|
122
123
|
end
|
|
123
124
|
|
|
125
|
+
def find_job_paths
|
|
126
|
+
find_paths "app/jobs"
|
|
127
|
+
end
|
|
128
|
+
|
|
124
129
|
def find_additional_lib_paths
|
|
125
130
|
@additional_libs_path.collect{ |path| find_paths path }.flatten
|
|
126
131
|
end
|
|
@@ -22,12 +22,13 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
|
|
|
22
22
|
if @fix_version
|
|
23
23
|
check_cve_2013_1855
|
|
24
24
|
check_cve_2013_1857
|
|
25
|
-
|
|
26
|
-
version_between? "1.0.0", "1.0.2", tracker.config.gem_version(:'rails-html-sanitizer')
|
|
25
|
+
end
|
|
27
26
|
|
|
28
|
-
|
|
29
|
-
|
|
27
|
+
if tracker.config.has_gem? :'rails-html-sanitizer'
|
|
28
|
+
check_rails_html_sanitizer
|
|
30
29
|
end
|
|
30
|
+
|
|
31
|
+
check_cve_2018_8048
|
|
31
32
|
end
|
|
32
33
|
|
|
33
34
|
def check_cve_2013_1855
|
|
@@ -60,8 +61,46 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
|
|
|
60
61
|
end
|
|
61
62
|
end
|
|
62
63
|
|
|
63
|
-
def
|
|
64
|
-
|
|
64
|
+
def check_rails_html_sanitizer
|
|
65
|
+
rhs_version = tracker.config.gem_version(:'rails-html-sanitizer')
|
|
66
|
+
|
|
67
|
+
if version_between? "1.0.0", "1.0.2", rhs_version
|
|
68
|
+
warn_sanitizer_cve "CVE-2015-7578", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/JbvSRpdbFQAJ", "1.0.3"
|
|
69
|
+
warn_sanitizer_cve "CVE-2015-7580", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/m_CVZtdbFQAJ", "1.0.3"
|
|
70
|
+
end
|
|
71
|
+
|
|
72
|
+
if version_between? "1.0.0", "1.0.3", rhs_version
|
|
73
|
+
warn_sanitizer_cve "CVE-2018-3741", "https://groups.google.com/d/msg/rubyonrails-security/tP7W3kLc5u4/uDy2Br7xBgAJ", "1.0.4"
|
|
74
|
+
end
|
|
75
|
+
end
|
|
76
|
+
|
|
77
|
+
def check_cve_2018_8048
|
|
78
|
+
if loofah_vulnerable_cve_2018_8048?
|
|
79
|
+
message = "Loofah #{tracker.config.gem_version(:loofah)} is vulnerable (CVE-2018-8048). Upgrade to 2.1.2"
|
|
80
|
+
|
|
81
|
+
if tracker.find_call(:target => false, :method => :sanitize).any?
|
|
82
|
+
confidence = :high
|
|
83
|
+
else
|
|
84
|
+
confidence = :medium
|
|
85
|
+
end
|
|
86
|
+
|
|
87
|
+
warn :warning_type => "Cross-Site Scripting",
|
|
88
|
+
:warning_code => :CVE_2018_8048,
|
|
89
|
+
:message => message,
|
|
90
|
+
:gem_info => gemfile_or_environment,
|
|
91
|
+
:confidence => confidence,
|
|
92
|
+
:link_path => "https://github.com/flavorjones/loofah/issues/144"
|
|
93
|
+
end
|
|
94
|
+
end
|
|
95
|
+
|
|
96
|
+
def loofah_vulnerable_cve_2018_8048?
|
|
97
|
+
loofah_version = tracker.config.gem_version(:loofah)
|
|
98
|
+
|
|
99
|
+
loofah_version and loofah_version < "2.1.2"
|
|
100
|
+
end
|
|
101
|
+
|
|
102
|
+
def warn_sanitizer_cve cve, link, upgrade_version
|
|
103
|
+
message = "rails-html-sanitizer #{tracker.config.gem_version(:'rails-html-sanitizer')} is vulnerable (#{cve}). Upgrade to #{upgrade_version}"
|
|
65
104
|
|
|
66
105
|
if tracker.find_call(:target => false, :method => :sanitize).any?
|
|
67
106
|
confidence = :high
|
|
@@ -114,6 +114,8 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
|
|
|
114
114
|
|
|
115
115
|
if method == :head
|
|
116
116
|
@rendered = true
|
|
117
|
+
elsif exp.target.nil? and method == :template_exists?
|
|
118
|
+
env[exp.first_arg] = Sexp.new(:lit, :"brakeman:existing_template")
|
|
117
119
|
elsif @tracker.options[:interprocedural] and
|
|
118
120
|
@current_method and (exp.target.nil? or exp.target.node_type == :self)
|
|
119
121
|
|
data/lib/brakeman/version.rb
CHANGED
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: brakeman-lib
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 4.2.
|
|
4
|
+
version: 4.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Justin Collins
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain:
|
|
11
11
|
- brakeman-public_cert.pem
|
|
12
|
-
date: 2018-
|
|
12
|
+
date: 2018-03-24 00:00:00.000000000 Z
|
|
13
13
|
dependencies:
|
|
14
14
|
- !ruby/object:Gem::Dependency
|
|
15
15
|
name: minitest
|
|
@@ -380,7 +380,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
380
380
|
version: '0'
|
|
381
381
|
requirements: []
|
|
382
382
|
rubyforge_project:
|
|
383
|
-
rubygems_version: 2.7.
|
|
383
|
+
rubygems_version: 2.7.3
|
|
384
384
|
signing_key:
|
|
385
385
|
specification_version: 4
|
|
386
386
|
summary: Security vulnerability scanner for Ruby on Rails.
|