brakeman-min 3.7.2 → 4.0.0

data/lib/brakeman/checks/check_simple_format.rb

@@ -18,10 +18,10 @@ class Brakeman::CheckSimpleFormat < Brakeman::CheckCrossSiteScripting
   def generic_warning
     message = "Rails #{rails_version} has a vulnerability in simple_format (CVE-2013-6416). Upgrade to Rails version 4.0.2"
 
-    warn :warning_type => "Cross Site Scripting",
+    warn :warning_type => "Cross-Site Scripting",
       :warning_code => :CVE_2013_6416,
       :message => message,
-      :confidence => CONFIDENCE[:med],
+      :confidence => :medium,
       :gem_info => gemfile_or_environment,
       :link_path => "https://groups.google.com/d/msg/ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ"
   end
@@ -48,10 +48,10 @@ class Brakeman::CheckSimpleFormat < Brakeman::CheckCrossSiteScripting
     @found_any = true
 
     warn :result => result,
-      :warning_type => "Cross Site Scripting",
+      :warning_type => "Cross-Site Scripting",
       :warning_code => :CVE_2013_6416_call,
       :message => "Values passed to simple_format are not safe in Rails #{rails_version}",
-      :confidence => CONFIDENCE[:high],
+      :confidence => :high,
       :link_path => "https://groups.google.com/d/msg/ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ",
       :user_input => match
   end

data/lib/brakeman/checks/check_single_quotes.rb

@@ -29,10 +29,10 @@ class Brakeman::CheckSingleQuotes < Brakeman::BaseCheck
       return
     end
 
-    warn :warning_type => "Cross Site Scripting",
+    warn :warning_type => "Cross-Site Scripting",
       :warning_code => :CVE_2012_3464,
       :message => message,
-      :confidence => CONFIDENCE[:med],
+      :confidence => :medium,
       :gem_info => gemfile_or_environment,
       :link_path => "https://groups.google.com/d/topic/rubyonrails-security/kKGNeMrnmiY/discussion"
   end
@@ -40,7 +40,7 @@ class Brakeman::CheckSingleQuotes < Brakeman::BaseCheck
   #Process initializers to see if they use workaround
   #by replacing Erb::Util.html_escape
   def uses_rack_escape?
-    @tracker.initializers.each do |name, src|
+    @tracker.initializers.each do |_name, src|
       process src
     end
 

data/lib/brakeman/checks/check_skip_before_filter.rb

@@ -13,7 +13,7 @@ class Brakeman::CheckSkipBeforeFilter < Brakeman::BaseCheck
   @description = "Warn when skipping CSRF or authentication checks by default"
 
   def run_check
-    tracker.controllers.each do |name, controller|
+    tracker.controllers.each do |_name, controller|
       controller.skip_filters.each do |filter|
         process_skip_filter filter, controller
       end
@@ -28,7 +28,7 @@ class Brakeman::CheckSkipBeforeFilter < Brakeman::BaseCheck
         :warning_code => :csrf_blacklist,
         :message => "Use whitelist (:only => [..]) when skipping CSRF check",
         :code => filter,
-        :confidence => CONFIDENCE[:med],
+        :confidence => :medium,
         :file => controller.file
 
     when :login_required, :authenticate_user!, :require_user
@@ -37,7 +37,7 @@ class Brakeman::CheckSkipBeforeFilter < Brakeman::BaseCheck
         :warning_type => "Authentication",
         :message => "Use whitelist (:only => [..]) when skipping authentication",
         :code => filter,
-        :confidence => CONFIDENCE[:med],
+        :confidence => :medium,
         :link => "authentication_whitelist",
         :file => controller.file
     end

data/lib/brakeman/checks/check_sql.rb

@@ -207,19 +207,19 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
 
       input = include_user_input? dangerous_value
       if input
-        confidence = CONFIDENCE[:high]
+        confidence = :high
         user_input = input
       else
-        confidence = CONFIDENCE[:med]
+        confidence = :medium
         user_input = dangerous_value
       end
 
       if result[:call].target and result[:chain] and not @expected_targets.include? result[:chain].first
         confidence = case confidence
-                     when CONFIDENCE[:high]
-                       CONFIDENCE[:med]
-                     when CONFIDENCE[:med]
-                       CONFIDENCE[:low]
+                     when :high
+                       :medium
+                     when :medium
+                       :weak
                      else
                        confidence
                      end
@@ -235,9 +235,9 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
 
     if check_for_limit_or_offset_vulnerability call.last_arg
       if include_user_input? call.last_arg
-        confidence = CONFIDENCE[:high]
+        confidence = :high
       else
-        confidence = CONFIDENCE[:low]
+        confidence = :weak
       end
 
       warn :result => result,
@@ -364,7 +364,7 @@ class Brakeman::CheckSQL < Brakeman::BaseCheck
   #(Seems unlikely, but if a user can control the column names queried, that
   #could be bad)
   def check_hash_keys exp
-    hash_iterate(exp) do |key, value|
+    hash_iterate(exp) do |key, _value|
       unless symbol?(key)
         unsafe_key = unsafe_sql? key
         return unsafe_key if unsafe_key

data/lib/brakeman/checks/check_sql_cves.rb

@@ -79,7 +79,7 @@ class Brakeman::CheckSQLCVEs < Brakeman::BaseCheck
     warn :warning_type => 'SQL Injection',
       :warning_code => code,
       :message => "Rails #{rails_version} contains a SQL injection vulnerability (#{cve}). Upgrade to #{upgrade_version}",
-      :confidence => CONFIDENCE[:high],
+      :confidence => :high,
       :gem_info => gemfile_or_environment,
       :link_path => link
   end
@@ -99,7 +99,7 @@ class Brakeman::CheckSQLCVEs < Brakeman::BaseCheck
     warn :warning_type => 'SQL Injection',
       :warning_code => :CVE_2014_0080,
       :message => "Rails #{rails_version} contains a SQL injection vulnerability (CVE-2014-0080) with PostgreSQL. Upgrade to 4.0.3",
-      :confidence => CONFIDENCE[:high],
+      :confidence => :high,
       :gem_info => gemfile_or_environment(:pg),
       :link_path => "https://groups.google.com/d/msg/rubyonrails-security/Wu96YkTUR6s/pPLBMZrlwvYJ"
   end

data/lib/brakeman/checks/check_ssl_verify.rb

@@ -43,6 +43,6 @@ class Brakeman::CheckSSLVerify < Brakeman::BaseCheck
       :warning_type => "SSL Verification Bypass",
       :warning_code => :ssl_verification_bypass,
       :message => "SSL certificate verification was bypassed",
-      :confidence => CONFIDENCE[:high]
+      :confidence => :high
   end
 end

data/lib/brakeman/checks/check_strip_tags.rb

@@ -30,11 +30,11 @@ class Brakeman::CheckStripTags < Brakeman::BaseCheck
         message = "Versions before 2.3.13 have a vulnerability in strip_tags (CVE-2011-2931)"
       end
 
-      warn :warning_type => "Cross Site Scripting",
+      warn :warning_type => "Cross-Site Scripting",
         :warning_code => :CVE_2011_2931,
         :message => message,
         :gem_info => gemfile_or_environment,
-        :confidence => CONFIDENCE[:high],
+        :confidence => :high,
         :link_path => "https://groups.google.com/d/topic/rubyonrails-security/K5EwdJt06hI/discussion"
     end
   end
@@ -53,10 +53,10 @@ class Brakeman::CheckStripTags < Brakeman::BaseCheck
       return
     end
 
-    warn :warning_type => "Cross Site Scripting",
+    warn :warning_type => "Cross-Site Scripting",
       :warning_code => :CVE_2012_3465,
       :message => message,
-      :confidence => CONFIDENCE[:high],
+      :confidence => :high,
       :gem_info => gemfile_or_environment,
       :link_path => "https://groups.google.com/d/topic/rubyonrails-security/FgVEtBajcTY/discussion"
   end
@@ -64,14 +64,14 @@ class Brakeman::CheckStripTags < Brakeman::BaseCheck
   def cve_2015_7579
     if tracker.config.gem_version(:'rails-html-sanitizer') == '1.0.2'
       if uses_strip_tags?
-        confidence = CONFIDENCE[:high]
+        confidence = :high
       else
-        confidence = CONFIDENCE[:med]
+        confidence = :medium
       end
 
       message = "rails-html-sanitizer 1.0.2 is vulnerable (CVE-2015-7579). Upgrade to 1.0.3"
 
-      warn :warning_type => "Cross Site Scripting",
+      warn :warning_type => "Cross-Site Scripting",
         :warning_code => :CVE_2015_7579,
         :message => message,
         :confidence => confidence,

data/lib/brakeman/checks/check_symbol_dos.rb

@@ -28,9 +28,9 @@ class Brakeman::CheckSymbolDoS < Brakeman::BaseCheck
     end
 
     if input = args.map{ |arg| has_immediate_user_input?(arg) }.compact.first
-      confidence = CONFIDENCE[:high]
+      confidence = :high
     elsif input = args.map{ |arg| include_user_input?(arg) }.compact.first
-      confidence = CONFIDENCE[:med]
+      confidence = :medium
     end
 
     if confidence

data/lib/brakeman/checks/check_symbol_dos_cve.rb

@@ -21,7 +21,7 @@ class Brakeman::CheckSymbolDoSCVE < Brakeman::BaseCheck
       warn :warning_type => "Denial of Service",
         :warning_code => :CVE_2013_1854,
         :message => "Rails #{rails_version} has a denial of service vulnerability in ActiveRecord: upgrade to #{fix_version} or patch",
-        :confidence => CONFIDENCE[:med],
+        :confidence => :medium,
         :gem_info => gemfile_or_environment,
         :link => "https://groups.google.com/d/msg/rubyonrails-security/jgJ4cjjS8FE/BGbHRxnDRTIJ"
     end

data/lib/brakeman/checks/check_translate_bug.rb

@@ -13,9 +13,9 @@ class Brakeman::CheckTranslateBug < Brakeman::BaseCheck
         version_between?('3.1.0', '3.1.1')
 
       confidence = if uses_translate?
-        CONFIDENCE[:high]
+        :high
       else
-        CONFIDENCE[:med]
+        :medium
       end
 
       description = "have a vulnerability in the translate helper with keys ending in _html"
@@ -28,7 +28,7 @@ class Brakeman::CheckTranslateBug < Brakeman::BaseCheck
         "Rails 2.3.x using the rails_xss plugin #{description}."
       end
 
-      warn :warning_type => "Cross Site Scripting",
+      warn :warning_type => "Cross-Site Scripting",
         :warning_code => :translate_vuln,
         :message => message,
         :confidence => confidence,

data/lib/brakeman/checks/check_unsafe_reflection.rb

@@ -31,9 +31,9 @@ class Brakeman::CheckUnsafeReflection < Brakeman::BaseCheck
     end
 
     if input = has_immediate_user_input?(arg)
-      confidence = CONFIDENCE[:high]
+      confidence = :high
     elsif input = include_user_input?(arg)
-      confidence = CONFIDENCE[:med]
+      confidence = :medium
     end
 
     if confidence

data/lib/brakeman/checks/check_unscoped_find.rb

@@ -35,7 +35,7 @@ class Brakeman::CheckUnscopedFind < Brakeman::BaseCheck
       :warning_code => :unscoped_find,
       :message      => "Unscoped call to #{result[:target]}##{result[:method]}",
       :code         => result[:call],
-      :confidence   => CONFIDENCE[:low],
+      :confidence   => :weak,
       :user_input   => input
   end
 end

data/lib/brakeman/checks/check_validation_regex.rb

@@ -91,7 +91,7 @@ class Brakeman::CheckValidationRegex < Brakeman::BaseCheck
       :warning_code => :validation_regex,
       :message => "Insufficient validation for '#{get_name validator}' using #{regex.inspect}. Use \\A and \\z as anchors",
       :line => value.line,
-      :confidence => CONFIDENCE[:high]
+      :confidence => :high
     end
   end
 

data/lib/brakeman/checks/check_weak_hash.rb

@@ -29,14 +29,14 @@ class Brakeman::CheckWeakHash < Brakeman::BaseCheck
 
     if DIGEST_CALLS.include? call.method
       if input = user_input_as_arg?(call)
-        confidence = CONFIDENCE[:high]
+        confidence = :high
       elsif input = hashing_password?(call)
-        confidence = CONFIDENCE[:high]
+        confidence = :high
       else
-        confidence = CONFIDENCE[:med]
+        confidence = :medium
       end
     else
-      confidence = CONFIDENCE[:med]
+      confidence = :medium
     end
 
 
@@ -75,7 +75,7 @@ class Brakeman::CheckWeakHash < Brakeman::BaseCheck
       :warning_type => "Weak Hash",
       :warning_code => :weak_hash_hmac,
       :message => "Weak hashing algorithm (#{alg}) used in HMAC",
-      :confidence => CONFIDENCE[:med]
+      :confidence => :medium
   end
 
   def process_openssl_result result
@@ -91,7 +91,7 @@ class Brakeman::CheckWeakHash < Brakeman::BaseCheck
           :warning_type => "Weak Hash",
           :warning_code => :weak_hash_digest,
           :message => "Weak hashing algorithm (#{alg}) used",
-          :confidence => CONFIDENCE[:med]
+          :confidence => :medium
       end
     end
   end

data/lib/brakeman/checks/check_without_protection.rb

@@ -42,11 +42,11 @@ class Brakeman::CheckWithoutProtection < Brakeman::BaseCheck
           add_result res
 
           if input = include_user_input?(call.arglist)
-            confidence = CONFIDENCE[:high]
+            confidence = :high
           elsif all_literals? call
             return
           else
-            confidence = CONFIDENCE[:med]
+            confidence = :medium
           end
 
           warn :result => res, 

data/lib/brakeman/checks/check_xml_dos.rb

@@ -28,7 +28,7 @@ class Brakeman::CheckXMLDoS < Brakeman::BaseCheck
     warn :warning_type => "Denial of Service",
       :warning_code => :CVE_2015_3227,
       :message => message,
-      :confidence => CONFIDENCE[:med],
+      :confidence => :medium,
       :gem_info => gemfile_or_environment,
       :link_path => "https://groups.google.com/d/msg/rubyonrails-security/bahr2JLnxvk/x4EocXnHPp8J"
   end

data/lib/brakeman/checks/check_yaml_parsing.rb

@@ -27,7 +27,7 @@ class Brakeman::CheckYAMLParsing < Brakeman::BaseCheck
       warn :warning_type => "Remote Code Execution",
         :warning_code => :CVE_2013_0156,
         :message => message,
-        :confidence => CONFIDENCE[:high],
+        :confidence => :high,
         :gem_info => gemfile_or_environment,
         :link_path => "https://groups.google.com/d/topic/rubyonrails-security/61bkgvnSGTQ/discussion"
     end
@@ -39,7 +39,7 @@ class Brakeman::CheckYAMLParsing < Brakeman::BaseCheck
       warn :warning_type => "Remote Code Execution",
         :warning_code => :CVE_2013_0156,
         :message => message,
-        :confidence => CONFIDENCE[:high],
+        :confidence => :high,
         :gem_info => gemfile_or_environment,
         :link_path => "https://groups.google.com/d/topic/rubyonrails-security/61bkgvnSGTQ/discussion"
     end

data/lib/brakeman/commandline.rb

@@ -117,11 +117,11 @@ module Brakeman
       def regular_report options
         tracker = run_brakeman options 
 
-        if options[:exit_on_warn] and not tracker.filtered_warnings.empty?
+        if tracker.options[:exit_on_warn] and not tracker.filtered_warnings.empty?
           quit Brakeman::Warnings_Found_Exit_Code
         end
 
-        if options[:exit_on_error] and tracker.errors.any?
+        if tracker.options[:exit_on_error] and tracker.errors.any?
           quit Brakeman::Errors_Found_Exit_Code
         end
       end

data/lib/brakeman/options.rb

@@ -55,11 +55,11 @@ module Brakeman::Options
           options[:quiet] = quiet
         end
 
-        opts.on( "-z", "--[no-]exit-on-warn", "Exit code is non-zero if warnings found") do |exit_on_warn|
+        opts.on( "-z", "--[no-]exit-on-warn", "Exit code is non-zero if warnings found (Default)") do |exit_on_warn|
           options[:exit_on_warn] = exit_on_warn
         end
 
-        opts.on "--[no-]exit-on-error", "Exit code is non-zero if errors found" do |exit_on_error|
+        opts.on "--[no-]exit-on-error", "Exit code is non-zero if errors raised (Default)" do |exit_on_error|
           options[:exit_on_error] = exit_on_error
         end
 
@@ -89,7 +89,7 @@ module Brakeman::Options
           options[:run_all_checks] = true
         end
 
-        opts.on "-a", "--[no-]assume-routes", "Assume all controller methods are actions (default)" do |assume|
+        opts.on "-a", "--[no-]assume-routes", "Assume all controller methods are actions (Default)" do |assume|
           options[:assume_all_routes] = assume
         end
 
@@ -111,7 +111,7 @@ module Brakeman::Options
           options[:ignore_attr_protected] = true
         end
 
-        opts.on "--[no-]index-libs", "Add libraries to call index (default)" do |index|
+        opts.on "--[no-]index-libs", "Add libraries to call index (Default)" do |index|
           options[:index_libs] = index
         end
 
@@ -201,7 +201,7 @@ module Brakeman::Options
 
         opts.on "-f",
           "--format TYPE",
-          [:pdf, :text, :html, :csv, :tabs, :json, :markdown, :codeclimate, :cc, :plain],
+          [:pdf, :text, :html, :csv, :tabs, :json, :markdown, :codeclimate, :cc, :plain, :table],
           "Specify output formats. Default is text" do |type|
 
           type = "s" if type == :text
@@ -240,6 +240,10 @@ module Brakeman::Options
           options[:message_limit] = limit.to_i
         end
 
+        opts.on "--[no-]pager", "Use pager for output to terminal (Default)" do |pager|
+          options[:pager] = pager
+        end
+
         opts.on "--table-width WIDTH", "Limit table width in text report" do |width|
           options[:table_width] = width.to_i
         end

data/lib/brakeman/processors/alias_processor.rb

@@ -706,9 +706,11 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
 
   def early_return? exp
     return true if node_type? exp, :return
+    return true if call? exp and [:fail, :raise].include? exp.method
 
     if node_type? exp, :block, :rlist
-      node_type? exp.last, :return
+      node_type? exp.last, :return or
+        (call? exp and [:fail, :raise].include? exp.method)
     else
       false
     end

data/lib/brakeman/processors/lib/rails2_route_processor.rb

@@ -184,7 +184,7 @@ class Brakeman::Rails2RoutesProcessor < Brakeman::BasicProcessor
 
     controller = check_for_controller_name exp
     self.current_controller = controller if controller
-    
+
     #Check for default route
     if string? exp.first
       if exp.first.value == ":controller/:action/:id"
@@ -202,7 +202,7 @@ class Brakeman::Rails2RoutesProcessor < Brakeman::BasicProcessor
     exp.last.each_with_index do |e,i|
       if symbol? e and e.value == :action
         action = exp.last[i + 1]
-        
+
         if node_type? action, :lit
           @tracker.routes[@current_controller] << action.value.to_sym
         end
@@ -220,7 +220,7 @@ class Brakeman::Rails2RoutesProcessor < Brakeman::BasicProcessor
     @nested = Sexp.new(:lvar, exp.block_args.value)
 
     self.current_controller = check_for_controller_name exp.block_call.args
-    
+
     #process block
     process exp.block
 
@@ -258,7 +258,7 @@ class Brakeman::Rails2RoutesProcessor < Brakeman::BasicProcessor
     return unless exp.node_type == :hash
     routes = @tracker.routes[@current_controller]
 
-    hash_iterate(exp) do |action, type|
+    hash_iterate(exp) do |action, _type|
       routes << action.value
     end
   end
@@ -283,14 +283,14 @@ end
 #This is for a really specific case where a hash is used as arguments
 #to one of the map methods.
 class Brakeman::RouteAliasProcessor < Brakeman::AliasProcessor
-  
+
   #This replaces
   # { :some => :hash }.keys
-  #with 
+  #with
   # [:some]
   def process_call exp
     process_default exp
-    
+
     if hash? exp.target and exp.method == :keys
       keys = get_keys exp.target
       exp.clear
@@ -304,7 +304,7 @@ class Brakeman::RouteAliasProcessor < Brakeman::AliasProcessor
   #Returns an array Sexp containing the keys from the hash
   def get_keys hash
     keys = Sexp.new(:array)
-    hash_iterate(hash) do |key, value|
+    hash_iterate(hash) do |key, _value|
       keys << key
     end