brakeman 3.1.1 → 3.1.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGES +18 -0
- data/lib/brakeman.rb +17 -13
- data/lib/brakeman/checks/base_check.rb +2 -0
- data/lib/brakeman/checks/check_content_tag.rb +2 -2
- data/lib/brakeman/checks/check_cross_site_scripting.rb +6 -6
- data/lib/brakeman/checks/check_deserialize.rb +1 -1
- data/lib/brakeman/checks/check_evaluation.rb +1 -1
- data/lib/brakeman/checks/check_execute.rb +3 -5
- data/lib/brakeman/checks/check_file_access.rb +1 -1
- data/lib/brakeman/checks/check_forgery_setting.rb +2 -1
- data/lib/brakeman/checks/check_link_to.rb +2 -2
- data/lib/brakeman/checks/check_link_to_href.rb +10 -3
- data/lib/brakeman/checks/check_mass_assignment.rb +2 -4
- data/lib/brakeman/checks/check_model_attributes.rb +1 -0
- data/lib/brakeman/checks/check_model_serialize.rb +2 -1
- data/lib/brakeman/checks/check_number_to_currency.rb +0 -1
- data/lib/brakeman/checks/check_redirect.rb +1 -1
- data/lib/brakeman/checks/check_regex_dos.rb +1 -1
- data/lib/brakeman/checks/check_render.rb +1 -1
- data/lib/brakeman/checks/check_render_inline.rb +28 -16
- data/lib/brakeman/checks/check_select_tag.rb +1 -1
- data/lib/brakeman/checks/check_send.rb +1 -1
- data/lib/brakeman/checks/check_session_manipulation.rb +1 -1
- data/lib/brakeman/checks/check_simple_format.rb +1 -1
- data/lib/brakeman/checks/check_sql.rb +2 -2
- data/lib/brakeman/checks/check_symbol_dos.rb +1 -1
- data/lib/brakeman/checks/check_unsafe_reflection.rb +1 -1
- data/lib/brakeman/checks/check_unscoped_find.rb +1 -1
- data/lib/brakeman/checks/check_weak_hash.rb +0 -1
- data/lib/brakeman/checks/check_without_protection.rb +1 -3
- data/lib/brakeman/processors/alias_processor.rb +11 -1
- data/lib/brakeman/processors/base_processor.rb +4 -1
- data/lib/brakeman/processors/controller_processor.rb +2 -0
- data/lib/brakeman/processors/haml_template_processor.rb +1 -1
- data/lib/brakeman/processors/lib/processor_helper.rb +13 -0
- data/lib/brakeman/processors/library_processor.rb +8 -0
- data/lib/brakeman/processors/model_processor.rb +2 -0
- data/lib/brakeman/report/report_html.rb +11 -1
- data/lib/brakeman/report/templates/controller_overview.html.erb +18 -14
- data/lib/brakeman/report/templates/controller_warnings.html.erb +18 -14
- data/lib/brakeman/report/templates/error_overview.html.erb +8 -4
- data/lib/brakeman/report/templates/header.html.erb +32 -18
- data/lib/brakeman/report/templates/ignored_warnings.html.erb +11 -7
- data/lib/brakeman/report/templates/model_warnings.html.erb +18 -14
- data/lib/brakeman/report/templates/overview.html.erb +32 -28
- data/lib/brakeman/report/templates/security_warnings.html.erb +18 -14
- data/lib/brakeman/report/templates/template_overview.html.erb +10 -6
- data/lib/brakeman/report/templates/view_warnings.html.erb +30 -26
- data/lib/brakeman/report/templates/warning_overview.html.erb +12 -8
- data/lib/brakeman/tracker/collection.rb +12 -0
- data/lib/brakeman/tracker/controller.rb +2 -2
- data/lib/brakeman/version.rb +1 -1
- data/lib/brakeman/warning.rb +29 -6
- data/lib/ruby_parser/bm_sexp.rb +18 -0
- metadata +16 -2
@@ -1,34 +1,38 @@
|
|
1
1
|
<h2 id='summary'>Summary</h2>
|
2
2
|
<table>
|
3
|
-
<
|
4
|
-
<
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
3
|
+
<thead>
|
4
|
+
<tr>
|
5
|
+
<th>Scanned/Reported</th>
|
6
|
+
<th>Total</th>
|
7
|
+
</tr>
|
8
|
+
</thead>
|
9
|
+
<tbody>
|
10
|
+
<tr>
|
11
|
+
<td>Controllers</td>
|
12
|
+
<td><%= tracker.controllers.length %></td>
|
13
|
+
</tr>
|
14
|
+
<tr>
|
15
|
+
<td>Models</td>
|
16
|
+
<td><%= tracker.models.length - 1 %></td>
|
17
|
+
</tr>
|
18
|
+
<tr>
|
19
|
+
<td>Templates</td>
|
20
|
+
<td><%= number_of_templates %></td>
|
21
|
+
</tr>
|
22
|
+
<tr>
|
23
|
+
<td>Errors</td>
|
24
|
+
<td><%= tracker.errors.length %></td>
|
25
|
+
</tr>
|
26
|
+
<tr>
|
27
|
+
<td>Security Warnings</td>
|
28
|
+
<td><%= warnings %> <span class='high-confidence'>(<%= warnings_summary[:high_confidence] %>)</span></td>
|
29
|
+
</tr>
|
27
30
|
<% if warnings_summary['Ignored Warnings'] %>
|
28
|
-
|
29
|
-
|
30
|
-
|
31
|
-
|
31
|
+
<tr>
|
32
|
+
<td>Ignored Warnings</td>
|
33
|
+
<td><%= ignored_warnings %></td>
|
34
|
+
</tr>
|
32
35
|
<% end %>
|
36
|
+
</tbody>
|
33
37
|
</table>
|
34
38
|
<br>
|
@@ -1,19 +1,23 @@
|
|
1
1
|
<h2>Security Warnings</h2>
|
2
2
|
<table>
|
3
|
-
<
|
4
|
-
<
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
3
|
+
<thead>
|
4
|
+
<tr>
|
5
|
+
<th>Confidence</th>
|
6
|
+
<th>Class</th>
|
7
|
+
<th>Method</th>
|
8
|
+
<th>Warning Type</th>
|
9
|
+
<th>Message</th>
|
10
|
+
</tr>
|
11
|
+
</thead>
|
12
|
+
<tbody>
|
10
13
|
<% warnings.each do |warning| %>
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
14
|
+
<tr>
|
15
|
+
<td><%= warning['Confidence']%></td>
|
16
|
+
<td><%= warning['Class']%></td>
|
17
|
+
<td><%= warning['Method']%></td>
|
18
|
+
<td><%= warning['Warning Type']%></td>
|
19
|
+
<td><%= warning['Message']%></td>
|
20
|
+
</tr>
|
18
21
|
<% end %>
|
22
|
+
</tbody>
|
19
23
|
</table>
|
@@ -4,14 +4,18 @@
|
|
4
4
|
|
5
5
|
<p><%= template[0] %></p>
|
6
6
|
<table>
|
7
|
-
<
|
8
|
-
<
|
9
|
-
|
7
|
+
<thead>
|
8
|
+
<tr>
|
9
|
+
<th>Output</th>
|
10
|
+
</tr>
|
11
|
+
</thead>
|
12
|
+
<tbody>
|
10
13
|
<% template[1].each do |call| %>
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
+
<tr>
|
15
|
+
<td><%= call %></td>
|
16
|
+
</tr>
|
14
17
|
<% end %>
|
18
|
+
</tbody>
|
15
19
|
</table>
|
16
20
|
|
17
21
|
<% end %>
|
@@ -1,30 +1,34 @@
|
|
1
1
|
<p>View Warnings</p>
|
2
2
|
<table>
|
3
|
-
<
|
4
|
-
<
|
5
|
-
|
6
|
-
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
11
|
-
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
3
|
+
<thead>
|
4
|
+
<tr>
|
5
|
+
<th>Confidence</th>
|
6
|
+
<th>Template</th>
|
7
|
+
<th>Warning Type</th>
|
8
|
+
<th>Message</th>
|
9
|
+
</tr>
|
10
|
+
</thead>
|
11
|
+
<tbody>
|
12
|
+
<% warnings.each_with_index do |warning, i| %>
|
13
|
+
<tr>
|
14
|
+
<td><%= warning['Confidence']%></td>
|
15
|
+
<td>
|
16
|
+
<% if warning['Called From'] and warning['Called From'].length > 1 %>
|
17
|
+
<div class="template_name" onClick="toggle('callers<%= i %>')" >
|
18
|
+
<div>
|
19
|
+
<%= warning['Template'] %>
|
20
|
+
</div>
|
21
|
+
<div class="render_path" id="callers<%= i %>" >
|
22
|
+
<%= warning['Called From'].join(' → ') %> → <%= warning['Template Name'] %>
|
23
|
+
</div>
|
17
24
|
</div>
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
26
|
-
|
27
|
-
<td><%= warning['Message']%></td>
|
28
|
-
</tr>
|
29
|
-
<% end %>
|
25
|
+
<% else %>
|
26
|
+
<%= warning['Template']%>
|
27
|
+
<% end %>
|
28
|
+
</td>
|
29
|
+
<td><%= warning['Warning Type']%></td>
|
30
|
+
<td><%= warning['Message']%></td>
|
31
|
+
</tr>
|
32
|
+
<% end %>
|
33
|
+
</tbody>
|
30
34
|
</table>
|
@@ -1,13 +1,17 @@
|
|
1
1
|
<table>
|
2
|
-
<
|
3
|
-
<
|
4
|
-
|
5
|
-
|
2
|
+
<thead>
|
3
|
+
<tr>
|
4
|
+
<th>Warning Type</th>
|
5
|
+
<th>Total</th>
|
6
|
+
</tr>
|
7
|
+
</thead>
|
8
|
+
<tbody>
|
6
9
|
<% types.sort.each do |warning_type| %>
|
7
|
-
|
8
|
-
|
9
|
-
|
10
|
-
|
10
|
+
<tr>
|
11
|
+
<td><%= warning_type %></td>
|
12
|
+
<td><%= warnings_summary[warning_type] %></td>
|
13
|
+
</tr>
|
11
14
|
<% end %>
|
15
|
+
</tbody>
|
12
16
|
</table>
|
13
17
|
<br>
|
@@ -70,6 +70,18 @@ module Brakeman
|
|
70
70
|
@files.first
|
71
71
|
end
|
72
72
|
|
73
|
+
def top_line
|
74
|
+
if sexp? @src[file]
|
75
|
+
@src[file].line
|
76
|
+
else
|
77
|
+
@src.each_value do |source|
|
78
|
+
if sexp? source
|
79
|
+
return source.line
|
80
|
+
end
|
81
|
+
end
|
82
|
+
end
|
83
|
+
end
|
84
|
+
|
73
85
|
def methods_public
|
74
86
|
@methods[:public]
|
75
87
|
end
|
data/lib/brakeman/version.rb
CHANGED
data/lib/brakeman/warning.rb
CHANGED
@@ -5,21 +5,39 @@ require 'brakeman/warning_codes'
|
|
5
5
|
#The Warning class stores information about warnings
|
6
6
|
class Brakeman::Warning
|
7
7
|
attr_reader :called_from, :check, :class, :confidence, :controller,
|
8
|
-
:line, :method, :model, :template, :user_input, :
|
9
|
-
:warning_type
|
8
|
+
:line, :method, :model, :template, :user_input, :user_input_type,
|
9
|
+
:warning_code, :warning_set, :warning_type
|
10
10
|
|
11
11
|
attr_accessor :code, :context, :file, :message, :relative_path
|
12
12
|
|
13
13
|
TEXT_CONFIDENCE = [ "High", "Medium", "Weak" ]
|
14
14
|
|
15
|
+
OPTIONS = {:called_from => :@called_from,
|
16
|
+
:check => :@check,
|
17
|
+
:class => :@class,
|
18
|
+
:code => :@code,
|
19
|
+
:confidence => :@confidence,
|
20
|
+
:controller => :@controller,
|
21
|
+
:file => :@file,
|
22
|
+
:gem_info => :@gem_info,
|
23
|
+
:line => :@line,
|
24
|
+
:link_path => :@link_path,
|
25
|
+
:message => :@message,
|
26
|
+
:method => :@method,
|
27
|
+
:model => :@model,
|
28
|
+
:relative_path => :@relative_path,
|
29
|
+
:template => :@template,
|
30
|
+
:user_input => :@user_input,
|
31
|
+
:warning_set => :@warning_set,
|
32
|
+
:warning_type => :@warning_type
|
33
|
+
}
|
34
|
+
|
15
35
|
#+options[:result]+ can be a result from Tracker#find_call. Otherwise, it can be +nil+.
|
16
36
|
def initialize options = {}
|
17
37
|
@view_name = nil
|
18
38
|
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
self.instance_variable_set("@#{option}", options[option])
|
39
|
+
OPTIONS.each do |key, var|
|
40
|
+
self.instance_variable_set(var, options[key])
|
23
41
|
end
|
24
42
|
|
25
43
|
result = options[:result]
|
@@ -39,6 +57,11 @@ class Brakeman::Warning
|
|
39
57
|
@method = :before_filter
|
40
58
|
end
|
41
59
|
|
60
|
+
if @user_input.is_a? Brakeman::BaseCheck::Match
|
61
|
+
@user_input_type = @user_input.type
|
62
|
+
@user_input = @user_input.match
|
63
|
+
end
|
64
|
+
|
42
65
|
if not @line
|
43
66
|
if @user_input and @user_input.respond_to? :line
|
44
67
|
@line = @user_input.line
|
data/lib/ruby_parser/bm_sexp.rb
CHANGED
@@ -554,6 +554,24 @@ class Sexp
|
|
554
554
|
|
555
555
|
self[2]
|
556
556
|
end
|
557
|
+
|
558
|
+
require 'set'
|
559
|
+
def inspect seen = Set.new
|
560
|
+
if seen.include? self.object_id
|
561
|
+
's(...)'
|
562
|
+
else
|
563
|
+
seen << self.object_id
|
564
|
+
sexp_str = self.map do |x|
|
565
|
+
if x.is_a? Sexp
|
566
|
+
x.inspect seen
|
567
|
+
else
|
568
|
+
x.inspect
|
569
|
+
end
|
570
|
+
end.join(', ')
|
571
|
+
|
572
|
+
"s(#{sexp_str})"
|
573
|
+
end
|
574
|
+
end
|
557
575
|
end
|
558
576
|
|
559
577
|
#Invalidate hash cache if the Sexp changes
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: brakeman
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 3.1.
|
4
|
+
version: 3.1.2
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Justin Collins
|
@@ -9,7 +9,7 @@ autorequire:
|
|
9
9
|
bindir: bin
|
10
10
|
cert_chain:
|
11
11
|
- brakeman-public_cert.pem
|
12
|
-
date: 2015-
|
12
|
+
date: 2015-10-28 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: test-unit
|
@@ -183,6 +183,20 @@ dependencies:
|
|
183
183
|
- - "~>"
|
184
184
|
- !ruby/object:Gem::Version
|
185
185
|
version: '1.2'
|
186
|
+
- !ruby/object:Gem::Dependency
|
187
|
+
name: safe_yaml
|
188
|
+
requirement: !ruby/object:Gem::Requirement
|
189
|
+
requirements:
|
190
|
+
- - ">="
|
191
|
+
- !ruby/object:Gem::Version
|
192
|
+
version: '0'
|
193
|
+
type: :runtime
|
194
|
+
prerelease: false
|
195
|
+
version_requirements: !ruby/object:Gem::Requirement
|
196
|
+
requirements:
|
197
|
+
- - ">="
|
198
|
+
- !ruby/object:Gem::Version
|
199
|
+
version: '0'
|
186
200
|
description: Brakeman detects security vulnerabilities in Ruby on Rails applications
|
187
201
|
via static analysis.
|
188
202
|
email: gem@brakeman.org
|