brakeman-lib 4.2.0 → 4.2.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: 7070db1a411e9196bbb90fe7a34209ecd8cf15210e5fa21be1442c668e8f00d0
|
4
|
+
data.tar.gz: 940132f27d3803e1fa445d51c869cf426a712d065892f49b6e138222dc66ba71
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: dfbb4f4f11b1e8b00a206a6185e3e58862061f954a43cdf611fb38d6bd97b0e04ef6439adcc68b6ea6dc1675b5853f8a9af03c378be3d7cc6d9f4f49a61f5d5d
|
7
|
+
data.tar.gz: 77cb923ae34ee9a094200e1dc08a120ca001b4f646907fcb896bc147694041c989bfea7dc3023d876c0ee1461bedd5dc35cae53b94ef36ee6971baff980ceaae
|
data/CHANGES.md
CHANGED
data/lib/brakeman/app_tree.rb
CHANGED
@@ -112,7 +112,8 @@ module Brakeman
|
|
112
112
|
def lib_paths
|
113
113
|
@lib_files ||= find_paths("lib").reject { |path| path.include? "/generators/" or path.include? "lib/tasks/" or path.include? "lib/templates/" } +
|
114
114
|
find_additional_lib_paths +
|
115
|
-
find_helper_paths
|
115
|
+
find_helper_paths +
|
116
|
+
find_job_paths
|
116
117
|
end
|
117
118
|
|
118
119
|
private
|
@@ -121,6 +122,10 @@ module Brakeman
|
|
121
122
|
find_paths "app/helpers"
|
122
123
|
end
|
123
124
|
|
125
|
+
def find_job_paths
|
126
|
+
find_paths "app/jobs"
|
127
|
+
end
|
128
|
+
|
124
129
|
def find_additional_lib_paths
|
125
130
|
@additional_libs_path.collect{ |path| find_paths path }.flatten
|
126
131
|
end
|
@@ -22,12 +22,13 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
|
|
22
22
|
if @fix_version
|
23
23
|
check_cve_2013_1855
|
24
24
|
check_cve_2013_1857
|
25
|
-
|
26
|
-
version_between? "1.0.0", "1.0.2", tracker.config.gem_version(:'rails-html-sanitizer')
|
25
|
+
end
|
27
26
|
|
28
|
-
|
29
|
-
|
27
|
+
if tracker.config.has_gem? :'rails-html-sanitizer'
|
28
|
+
check_rails_html_sanitizer
|
30
29
|
end
|
30
|
+
|
31
|
+
check_cve_2018_8048
|
31
32
|
end
|
32
33
|
|
33
34
|
def check_cve_2013_1855
|
@@ -60,8 +61,46 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
|
|
60
61
|
end
|
61
62
|
end
|
62
63
|
|
63
|
-
def
|
64
|
-
|
64
|
+
def check_rails_html_sanitizer
|
65
|
+
rhs_version = tracker.config.gem_version(:'rails-html-sanitizer')
|
66
|
+
|
67
|
+
if version_between? "1.0.0", "1.0.2", rhs_version
|
68
|
+
warn_sanitizer_cve "CVE-2015-7578", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/JbvSRpdbFQAJ", "1.0.3"
|
69
|
+
warn_sanitizer_cve "CVE-2015-7580", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/m_CVZtdbFQAJ", "1.0.3"
|
70
|
+
end
|
71
|
+
|
72
|
+
if version_between? "1.0.0", "1.0.3", rhs_version
|
73
|
+
warn_sanitizer_cve "CVE-2018-3741", "https://groups.google.com/d/msg/rubyonrails-security/tP7W3kLc5u4/uDy2Br7xBgAJ", "1.0.4"
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
def check_cve_2018_8048
|
78
|
+
if loofah_vulnerable_cve_2018_8048?
|
79
|
+
message = "Loofah #{tracker.config.gem_version(:loofah)} is vulnerable (CVE-2018-8048). Upgrade to 2.1.2"
|
80
|
+
|
81
|
+
if tracker.find_call(:target => false, :method => :sanitize).any?
|
82
|
+
confidence = :high
|
83
|
+
else
|
84
|
+
confidence = :medium
|
85
|
+
end
|
86
|
+
|
87
|
+
warn :warning_type => "Cross-Site Scripting",
|
88
|
+
:warning_code => :CVE_2018_8048,
|
89
|
+
:message => message,
|
90
|
+
:gem_info => gemfile_or_environment,
|
91
|
+
:confidence => confidence,
|
92
|
+
:link_path => "https://github.com/flavorjones/loofah/issues/144"
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
def loofah_vulnerable_cve_2018_8048?
|
97
|
+
loofah_version = tracker.config.gem_version(:loofah)
|
98
|
+
|
99
|
+
loofah_version and loofah_version < "2.1.2"
|
100
|
+
end
|
101
|
+
|
102
|
+
def warn_sanitizer_cve cve, link, upgrade_version
|
103
|
+
message = "rails-html-sanitizer #{tracker.config.gem_version(:'rails-html-sanitizer')} is vulnerable (#{cve}). Upgrade to #{upgrade_version}"
|
65
104
|
|
66
105
|
if tracker.find_call(:target => false, :method => :sanitize).any?
|
67
106
|
confidence = :high
|
@@ -114,6 +114,8 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
|
|
114
114
|
|
115
115
|
if method == :head
|
116
116
|
@rendered = true
|
117
|
+
elsif exp.target.nil? and method == :template_exists?
|
118
|
+
env[exp.first_arg] = Sexp.new(:lit, :"brakeman:existing_template")
|
117
119
|
elsif @tracker.options[:interprocedural] and
|
118
120
|
@current_method and (exp.target.nil? or exp.target.node_type == :self)
|
119
121
|
|
data/lib/brakeman/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: brakeman-lib
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.2.
|
4
|
+
version: 4.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Collins
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain:
|
11
11
|
- brakeman-public_cert.pem
|
12
|
-
date: 2018-
|
12
|
+
date: 2018-03-24 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: minitest
|
@@ -380,7 +380,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
380
380
|
version: '0'
|
381
381
|
requirements: []
|
382
382
|
rubyforge_project:
|
383
|
-
rubygems_version: 2.7.
|
383
|
+
rubygems_version: 2.7.3
|
384
384
|
signing_key:
|
385
385
|
specification_version: 4
|
386
386
|
summary: Security vulnerability scanner for Ruby on Rails.
|