brakeman-min 4.2.0 → 4.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 98d495bd4d61bf9a6869fcd63254f6e345954b9fba3a6b7c68ff419cce1b5a73
4
- data.tar.gz: d6d74d5870d660ee0cb09d5061614fab20a67d7ec0dbcfc97cb5e4f1ec93a0aa
3
+ metadata.gz: c25dcd77bdcbd0ce5903925da416d31a793bb4069bd65e8a309e15690159f10f
4
+ data.tar.gz: 328fe0440f586777546a32c5a7924c7d94f5677c4fa69567941b394c16425cfb
5
5
  SHA512:
6
- metadata.gz: d0015017ca35da328c0484366d91bb4605ab496aff8264ac684fbc2891413616c2046fbf9879e752c5ace0604a26dbe24371601bc4c92249f2f89dfe1c9b8a5b
7
- data.tar.gz: 432aa78a3a00b0a7df72f9b50361f77d52c5a1a98ca27fd8cce1ae85eac12405926162c9f3e9b1c377eb597fc120951daf607b75b3db43ce8127e45d1816308b
6
+ metadata.gz: e6dec2815016e94f993a76c2733fbe701a623439f90934fba5368ba2e403967c805fc70ed5d44224708fc7958c4966edcd3cc896ba8ac9a715f9756731946002
7
+ data.tar.gz: 481666a3e235794c55d0e582a33ca56fef8d59fe07addc4c9763edd6c0541492c2581788e793df802845d3fcd4a0b05f8332bb35023b2cd8f19a8a9712208e53
data/CHANGES.md CHANGED
@@ -1,3 +1,10 @@
1
+ # 4.2.1
2
+
3
+ * Add warning for CVE-2018-3741
4
+ * Add warning for CVE-2018-8048
5
+ * Scan `app/jobs/` directory
6
+ * Handle `template_exists?` in controllers
7
+
1
8
  # 4.2.0
2
9
 
3
10
  * Avoid warning about symbol DoS on `Model#attributes`
@@ -112,7 +112,8 @@ module Brakeman
112
112
  def lib_paths
113
113
  @lib_files ||= find_paths("lib").reject { |path| path.include? "/generators/" or path.include? "lib/tasks/" or path.include? "lib/templates/" } +
114
114
  find_additional_lib_paths +
115
- find_helper_paths
115
+ find_helper_paths +
116
+ find_job_paths
116
117
  end
117
118
 
118
119
  private
@@ -121,6 +122,10 @@ module Brakeman
121
122
  find_paths "app/helpers"
122
123
  end
123
124
 
125
+ def find_job_paths
126
+ find_paths "app/jobs"
127
+ end
128
+
124
129
  def find_additional_lib_paths
125
130
  @additional_libs_path.collect{ |path| find_paths path }.flatten
126
131
  end
@@ -22,12 +22,13 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
22
22
  if @fix_version
23
23
  check_cve_2013_1855
24
24
  check_cve_2013_1857
25
- elsif tracker.config.has_gem? :'rails-html-sanitizer' and
26
- version_between? "1.0.0", "1.0.2", tracker.config.gem_version(:'rails-html-sanitizer')
25
+ end
27
26
 
28
- warn_sanitizer_cve "CVE-2015-7578", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/JbvSRpdbFQAJ"
29
- warn_sanitizer_cve "CVE-2015-7580", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/m_CVZtdbFQAJ"
27
+ if tracker.config.has_gem? :'rails-html-sanitizer'
28
+ check_rails_html_sanitizer
30
29
  end
30
+
31
+ check_cve_2018_8048
31
32
  end
32
33
 
33
34
  def check_cve_2013_1855
@@ -60,8 +61,46 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
60
61
  end
61
62
  end
62
63
 
63
- def warn_sanitizer_cve cve, link
64
- message = "rails-html-sanitizer #{tracker.config.gem_version(:'rails-html-sanitizer')} is vulnerable (#{cve}). Upgrade to 1.0.3"
64
+ def check_rails_html_sanitizer
65
+ rhs_version = tracker.config.gem_version(:'rails-html-sanitizer')
66
+
67
+ if version_between? "1.0.0", "1.0.2", rhs_version
68
+ warn_sanitizer_cve "CVE-2015-7578", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/JbvSRpdbFQAJ", "1.0.3"
69
+ warn_sanitizer_cve "CVE-2015-7580", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/m_CVZtdbFQAJ", "1.0.3"
70
+ end
71
+
72
+ if version_between? "1.0.0", "1.0.3", rhs_version
73
+ warn_sanitizer_cve "CVE-2018-3741", "https://groups.google.com/d/msg/rubyonrails-security/tP7W3kLc5u4/uDy2Br7xBgAJ", "1.0.4"
74
+ end
75
+ end
76
+
77
+ def check_cve_2018_8048
78
+ if loofah_vulnerable_cve_2018_8048?
79
+ message = "Loofah #{tracker.config.gem_version(:loofah)} is vulnerable (CVE-2018-8048). Upgrade to 2.1.2"
80
+
81
+ if tracker.find_call(:target => false, :method => :sanitize).any?
82
+ confidence = :high
83
+ else
84
+ confidence = :medium
85
+ end
86
+
87
+ warn :warning_type => "Cross-Site Scripting",
88
+ :warning_code => :CVE_2018_8048,
89
+ :message => message,
90
+ :gem_info => gemfile_or_environment,
91
+ :confidence => confidence,
92
+ :link_path => "https://github.com/flavorjones/loofah/issues/144"
93
+ end
94
+ end
95
+
96
+ def loofah_vulnerable_cve_2018_8048?
97
+ loofah_version = tracker.config.gem_version(:loofah)
98
+
99
+ loofah_version and loofah_version < "2.1.2"
100
+ end
101
+
102
+ def warn_sanitizer_cve cve, link, upgrade_version
103
+ message = "rails-html-sanitizer #{tracker.config.gem_version(:'rails-html-sanitizer')} is vulnerable (#{cve}). Upgrade to #{upgrade_version}"
65
104
 
66
105
  if tracker.find_call(:target => false, :method => :sanitize).any?
67
106
  confidence = :high
@@ -114,6 +114,8 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
114
114
 
115
115
  if method == :head
116
116
  @rendered = true
117
+ elsif exp.target.nil? and method == :template_exists?
118
+ env[exp.first_arg] = Sexp.new(:lit, :"brakeman:existing_template")
117
119
  elsif @tracker.options[:interprocedural] and
118
120
  @current_method and (exp.target.nil? or exp.target.node_type == :self)
119
121
 
@@ -1,3 +1,3 @@
1
1
  module Brakeman
2
- Version = "4.2.0"
2
+ Version = "4.2.1"
3
3
  end
@@ -107,6 +107,8 @@ module Brakeman::WarningCodes
107
107
  :CVE_2016_6317 => 103,
108
108
  :divide_by_zero => 104,
109
109
  :dangerous_permit_key => 105,
110
+ :CVE_2018_8048 => 106,
111
+ :CVE_2018_3741 => 107,
110
112
  }
111
113
 
112
114
  def self.code name
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: brakeman-min
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.2.0
4
+ version: 4.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Justin Collins
@@ -9,7 +9,7 @@ autorequire:
9
9
  bindir: bin
10
10
  cert_chain:
11
11
  - brakeman-public_cert.pem
12
- date: 2018-02-22 00:00:00.000000000 Z
12
+ date: 2018-03-24 00:00:00.000000000 Z
13
13
  dependencies:
14
14
  - !ruby/object:Gem::Dependency
15
15
  name: minitest
@@ -272,7 +272,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
272
272
  version: '0'
273
273
  requirements: []
274
274
  rubyforge_project:
275
- rubygems_version: 2.7.6
275
+ rubygems_version: 2.7.3
276
276
  signing_key:
277
277
  specification_version: 4
278
278
  summary: Security vulnerability scanner for Ruby on Rails.