brakeman-min 4.2.0 → 4.2.1
Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA256:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: c25dcd77bdcbd0ce5903925da416d31a793bb4069bd65e8a309e15690159f10f
|
4
|
+
data.tar.gz: 328fe0440f586777546a32c5a7924c7d94f5677c4fa69567941b394c16425cfb
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e6dec2815016e94f993a76c2733fbe701a623439f90934fba5368ba2e403967c805fc70ed5d44224708fc7958c4966edcd3cc896ba8ac9a715f9756731946002
|
7
|
+
data.tar.gz: 481666a3e235794c55d0e582a33ca56fef8d59fe07addc4c9763edd6c0541492c2581788e793df802845d3fcd4a0b05f8332bb35023b2cd8f19a8a9712208e53
|
data/CHANGES.md
CHANGED
data/lib/brakeman/app_tree.rb
CHANGED
@@ -112,7 +112,8 @@ module Brakeman
|
|
112
112
|
def lib_paths
|
113
113
|
@lib_files ||= find_paths("lib").reject { |path| path.include? "/generators/" or path.include? "lib/tasks/" or path.include? "lib/templates/" } +
|
114
114
|
find_additional_lib_paths +
|
115
|
-
find_helper_paths
|
115
|
+
find_helper_paths +
|
116
|
+
find_job_paths
|
116
117
|
end
|
117
118
|
|
118
119
|
private
|
@@ -121,6 +122,10 @@ module Brakeman
|
|
121
122
|
find_paths "app/helpers"
|
122
123
|
end
|
123
124
|
|
125
|
+
def find_job_paths
|
126
|
+
find_paths "app/jobs"
|
127
|
+
end
|
128
|
+
|
124
129
|
def find_additional_lib_paths
|
125
130
|
@additional_libs_path.collect{ |path| find_paths path }.flatten
|
126
131
|
end
|
@@ -22,12 +22,13 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
|
|
22
22
|
if @fix_version
|
23
23
|
check_cve_2013_1855
|
24
24
|
check_cve_2013_1857
|
25
|
-
|
26
|
-
version_between? "1.0.0", "1.0.2", tracker.config.gem_version(:'rails-html-sanitizer')
|
25
|
+
end
|
27
26
|
|
28
|
-
|
29
|
-
|
27
|
+
if tracker.config.has_gem? :'rails-html-sanitizer'
|
28
|
+
check_rails_html_sanitizer
|
30
29
|
end
|
30
|
+
|
31
|
+
check_cve_2018_8048
|
31
32
|
end
|
32
33
|
|
33
34
|
def check_cve_2013_1855
|
@@ -60,8 +61,46 @@ class Brakeman::CheckSanitizeMethods < Brakeman::BaseCheck
|
|
60
61
|
end
|
61
62
|
end
|
62
63
|
|
63
|
-
def
|
64
|
-
|
64
|
+
def check_rails_html_sanitizer
|
65
|
+
rhs_version = tracker.config.gem_version(:'rails-html-sanitizer')
|
66
|
+
|
67
|
+
if version_between? "1.0.0", "1.0.2", rhs_version
|
68
|
+
warn_sanitizer_cve "CVE-2015-7578", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/JbvSRpdbFQAJ", "1.0.3"
|
69
|
+
warn_sanitizer_cve "CVE-2015-7580", "https://groups.google.com/d/msg/rubyonrails-security/uh--W4TDwmI/m_CVZtdbFQAJ", "1.0.3"
|
70
|
+
end
|
71
|
+
|
72
|
+
if version_between? "1.0.0", "1.0.3", rhs_version
|
73
|
+
warn_sanitizer_cve "CVE-2018-3741", "https://groups.google.com/d/msg/rubyonrails-security/tP7W3kLc5u4/uDy2Br7xBgAJ", "1.0.4"
|
74
|
+
end
|
75
|
+
end
|
76
|
+
|
77
|
+
def check_cve_2018_8048
|
78
|
+
if loofah_vulnerable_cve_2018_8048?
|
79
|
+
message = "Loofah #{tracker.config.gem_version(:loofah)} is vulnerable (CVE-2018-8048). Upgrade to 2.1.2"
|
80
|
+
|
81
|
+
if tracker.find_call(:target => false, :method => :sanitize).any?
|
82
|
+
confidence = :high
|
83
|
+
else
|
84
|
+
confidence = :medium
|
85
|
+
end
|
86
|
+
|
87
|
+
warn :warning_type => "Cross-Site Scripting",
|
88
|
+
:warning_code => :CVE_2018_8048,
|
89
|
+
:message => message,
|
90
|
+
:gem_info => gemfile_or_environment,
|
91
|
+
:confidence => confidence,
|
92
|
+
:link_path => "https://github.com/flavorjones/loofah/issues/144"
|
93
|
+
end
|
94
|
+
end
|
95
|
+
|
96
|
+
def loofah_vulnerable_cve_2018_8048?
|
97
|
+
loofah_version = tracker.config.gem_version(:loofah)
|
98
|
+
|
99
|
+
loofah_version and loofah_version < "2.1.2"
|
100
|
+
end
|
101
|
+
|
102
|
+
def warn_sanitizer_cve cve, link, upgrade_version
|
103
|
+
message = "rails-html-sanitizer #{tracker.config.gem_version(:'rails-html-sanitizer')} is vulnerable (#{cve}). Upgrade to #{upgrade_version}"
|
65
104
|
|
66
105
|
if tracker.find_call(:target => false, :method => :sanitize).any?
|
67
106
|
confidence = :high
|
@@ -114,6 +114,8 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
|
|
114
114
|
|
115
115
|
if method == :head
|
116
116
|
@rendered = true
|
117
|
+
elsif exp.target.nil? and method == :template_exists?
|
118
|
+
env[exp.first_arg] = Sexp.new(:lit, :"brakeman:existing_template")
|
117
119
|
elsif @tracker.options[:interprocedural] and
|
118
120
|
@current_method and (exp.target.nil? or exp.target.node_type == :self)
|
119
121
|
|
data/lib/brakeman/version.rb
CHANGED
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: brakeman-min
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 4.2.
|
4
|
+
version: 4.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Collins
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain:
|
11
11
|
- brakeman-public_cert.pem
|
12
|
-
date: 2018-
|
12
|
+
date: 2018-03-24 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: minitest
|
@@ -272,7 +272,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
272
272
|
version: '0'
|
273
273
|
requirements: []
|
274
274
|
rubyforge_project:
|
275
|
-
rubygems_version: 2.7.
|
275
|
+
rubygems_version: 2.7.3
|
276
276
|
signing_key:
|
277
277
|
specification_version: 4
|
278
278
|
summary: Security vulnerability scanner for Ruby on Rails.
|