brakeman 2.2.0 → 2.3.0

data.tar.gz.sig

@@ -0,0 +1 @@
+enjQ��2EiC�k�S���ћ�5osl�Zÿ-����GW���p���Z�O)��.�,(���=��Rf�@'y��>ˢ':�Y
��g&e��VW��TD[LO[W-J�g��Q`f�jq�%c

data/CHANGES

@@ -1,3 +1,17 @@
+# 2.3.0
+
+ * Add check for Parameters#permit!
+ * Add check for CVE-2013-4491 (i18n XSS)
+ * Add check for CVE-2013-6414 (header DoS)
+ * Add check for CVE-2013-6415 (number_to_currency)
+ * Add check for CVE-2013-6416 (simple_format XSS)
+ * Add check for CVE-2013-6417 (query generation) 
+ * Fix typos in reflection and translate bug messages
+ * Collapse send/try calls 
+ * Fix Slim XSS false positives (Noah Davis)
+ * Whitelist `Model#create` for redirects
+ * Fix scoping issues with instance variables and blocks
+
 # 2.2.0 
 
  * Reduce command injection false positives

data/README.md

@@ -163,6 +163,16 @@ The default config locations are `./config/brakeman.yml`, `~/.brakeman/config.ym
 
 The `-c` option can be used to specify a configuration file to use.
 
+# Who is Using Brakeman?
+
+* [Code Climate](https://codeclimate.com/)
+* [GitHub](https://github.com/)
+* [Groupon](http://www.groupon.com/)
+* [New Relic](http://newrelic.com)
+* [Twitter](https://twitter.com/)
+
+[..and more!](http://brakeman.org/brakeman_users)
+
 # License
 
 see MIT-LICENSE

data/lib/brakeman/checks/base_check.rb

@@ -181,9 +181,30 @@ class Brakeman::BaseCheck < Brakeman::SexpProcessor
       #May need to revisit dependng on what Rails 4 actually does/has
       @mass_assign_disabled = true
     else
-      matches = tracker.check_initializers(:"ActiveRecord::Base", :send)
+      #Check for ActiveRecord::Base.send(:attr_accessible, nil)
+      tracker.check_initializers(:"ActiveRecord::Base", :attr_accessible).each do |result|
+        call = result.call
+        if call? call
+          if call.first_arg == Sexp.new(:nil)
+            @mass_assign_disabled = true
+            break
+          end
+        end
+      end
 
-      if matches.empty?
+      unless @mass_assign_disabled
+        tracker.check_initializers(:"ActiveRecord::Base", :send).each do |result|
+          call = result.call
+          if call? call
+            if call.first_arg == Sexp.new(:lit, :attr_accessible) and call.second_arg == Sexp.new(:nil)
+              @mass_assign_disabled = true
+              break
+            end
+          end
+        end
+      end
+
+      unless @mass_assign_disabled
         #Check for
         #  class ActiveRecord::Base
         #    attr_accessible nil
@@ -200,17 +221,6 @@ class Brakeman::BaseCheck < Brakeman::SexpProcessor
             end
           end
         end
-      else
-        #Check for ActiveRecord::Base.send(:attr_accessible, nil)
-        matches.each do |result|
-          call = result.call
-          if call? call
-            if call.first_arg == Sexp.new(:lit, :attr_accessible) and call.second_arg == Sexp.new(:nil)
-              @mass_assign_disabled = true
-              break
-            end
-          end
-        end
       end
     end
 
@@ -229,10 +239,11 @@ class Brakeman::BaseCheck < Brakeman::SexpProcessor
       end
 
       unless @mass_assign_disabled
-        matches = tracker.check_initializers(:"ActiveRecord::Base", :send)
+        matches = tracker.check_initializers(:"ActiveRecord::Base", [:send, :include])
 
         matches.each do |result|
-          if call? result.call and result.call.second_arg == forbidden_protection
+          call = result.call
+          if call? call and (call.first_arg == forbidden_protection or call.second_arg == forbidden_protection)
             @mass_assign_disabled = true
           end
         end

data/lib/brakeman/checks/check_header_dos.rb

@@ -0,0 +1,31 @@
+require 'brakeman/checks/base_check'
+
+class Brakeman::CheckHeaderDoS < Brakeman::BaseCheck
+  Brakeman::Checks.add self
+
+  @description = "Checks for header DoS (CVE-2013-6414)"
+
+  def run_check
+    if (version_between? "3.0.0", "3.2.15" or version_between? "4.0.0", "4.0.1") and not has_workaround?
+      message = "Rails #{tracker.config[:rails_version]} has a denial of service vulnerability (CVE-2013-6414). Upgrade to Rails version "
+
+      if version_between? "3.0.0", "3.2.15"
+        message << "3.2.16"
+      else
+        message << "4.0.2"
+      end
+
+      warn :warning_type => "Denial of Service",
+        :warning_code => :CVE_2013_6414,
+        :message => message,
+        :confidence => CONFIDENCE[:med],
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/msg/ruby-security-ann/A-ebV4WxzKg/KNPTbX8XAQUJ"
+    end
+  end
+
+  def has_workaround?
+    tracker.check_initializers(:ActiveSupport, :on_load).any? and
+    tracker.check_initializers(:"ActionView::LookupContext::DetailsKey", :class_eval).any?
+  end
+end

data/lib/brakeman/checks/check_i18n_xss.rb

@@ -0,0 +1,49 @@
+require 'brakeman/checks/base_check'
+
+class Brakeman::CheckI18nXSS < Brakeman::BaseCheck
+  Brakeman::Checks.add self
+
+  @description = "Checks for i18n XSS (CVE-2013-4491)"
+
+  def run_check
+    if (version_between? "3.0.6", "3.2.15" or version_between? "4.0.0", "4.0.1")# and not has_workaround?
+      message = "Rails #{tracker.config[:rails_version]} has an XSS vulnerability in i18n (CVE-2013-4491). Upgrade to Rails version "
+
+      i18n_gem = tracker.config[:gems] && tracker.config[:gems][:i18n]
+
+      if version_between? "3.0.6", "3.1.99" and version_before i18n_gem, "0.5.1"
+        message << "3.2.16 or i18n 0.5.1"
+      elsif version_between? "3.2.0", "4.0.1" and version_before i18n_gem, "0.6.6"
+        message << "4.0.2 or i18n 0.6.6"
+      else
+        return
+      end
+
+      warn :warning_type => "Cross Site Scripting",
+        :warning_code => :CVE_2013_4491,
+        :message => message,
+        :confidence => CONFIDENCE[:med],
+        :file => gemfile_or_environment,
+        :link_path => "https://groups.google.com/d/msg/ruby-security-ann/pLrh6DUw998/bLFEyIO4k_EJ"
+    end
+  end
+
+  def version_before gem_version, target
+    return true unless gem_version
+    gem_version.split('.').map(&:to_i).zip(target.split('.').map(&:to_i)).each do |gv, t|
+      if gv < t
+        return true
+      elsif gv > t
+        return false
+      end
+    end
+
+    false
+  end
+
+  def has_workaround?
+    tracker.check_initializers(:I18n, :const_defined?).any? do |match|
+      match.last.first_arg == s(:lit, :MissingTranslation)
+    end
+  end
+end

data/lib/brakeman/checks/check_mass_assignment.rb

@@ -10,7 +10,12 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
   @description = "Finds instances of mass assignment"
 
   def run_check
-    return if mass_assign_disabled?
+    check_mass_assignment
+    check_permit!
+  end
+
+  def find_mass_assign_calls
+    return @mass_assign_calls if @mass_assign_calls
 
     models = []
     tracker.models.each do |name, m|
@@ -19,13 +24,12 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
       end
     end
 
-    return if models.empty?
-
+    return [] if models.empty?
 
     Brakeman.debug "Finding possible mass assignment calls on #{models.length} models"
-    calls = tracker.find_call :chained => true, :targets => models, :methods => [:new,
-      :attributes=, 
-      :update_attributes, 
+    @mass_assign_calls = tracker.find_call :chained => true, :targets => models, :methods => [:new,
+      :attributes=,
+      :update_attributes,
       :update_attributes!,
       :create,
       :create!,
@@ -36,9 +40,13 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
       :assign_attributes,
       :update
     ]
+  end
+
+  def check_mass_assignment
+    return if mass_assign_disabled?
 
     Brakeman.debug "Processing possible mass assignment calls"
-    calls.each do |result|
+    find_mass_assign_calls.each do |result|
       process_result result
     end
   end
@@ -78,12 +86,12 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
         confidence = CONFIDENCE[:low]
         user_input = nil
       end
-      
-      warn :result => res, 
-        :warning_type => "Mass Assignment", 
+
+      warn :result => res,
+        :warning_type => "Mass Assignment",
         :warning_code => :mass_assign_call,
         :message => "Unprotected mass assignment",
-        :code => call, 
+        :code => call,
         :user_input => user_input,
         :confidence => confidence
     end
@@ -140,4 +148,43 @@ class Brakeman::CheckMassAssignment < Brakeman::BaseCheck
       true
     end
   end
+
+  # Look for and warn about uses of Parameters#permit! for mass assignment
+  def check_permit!
+    tracker.find_call(:method => :permit!).each do |result|
+      if params? result[:target]
+        warn_on_permit! result
+      end
+    end
+  end
+
+  # Look for actual use of params in mass assignment to avoid
+  # warning about uses of Parameters#permit! without any mass assignment
+  # or when mass assignment is restricted by model instead.
+  def subsequent_mass_assignment? result
+    location = result[:location]
+    line = result[:call].line
+    find_mass_assign_calls.any? do |call|
+      call[:location] == location and
+      params? call[:call].first_arg and
+      call[:call].line >= line
+    end
+  end
+
+  def warn_on_permit! result
+    return if duplicate? result or result[:call].original_line
+    add_result result
+
+    confidence = if subsequent_mass_assignment? result
+                   CONFIDENCE[:high]
+                 else
+                   CONFIDENCE[:med]
+                 end
+
+    warn :result => result,
+      :warning_type => "Mass Assignment",
+      :warning_code => :mass_assign_permit!,
+      :message => "Parameters should be whitelisted for mass assignment",
+      :confidence => confidence
+  end
 end

data/lib/brakeman/checks/check_number_to_currency.rb

@@ -0,0 +1,55 @@
+require 'brakeman/checks/base_check'
+
+class Brakeman::CheckNumberToCurrency < Brakeman::BaseCheck
+  Brakeman::Checks.add self
+
+  @description = "Checks for number_to_currency XSS vulnerability in certain versions"
+
+  def run_check
+    if (version_between? "2.0.0", "3.2.15" or version_between? "4.0.0", "4.0.1")
+      check_number_to_currency_usage
+
+      generic_warning unless @found_any
+    end
+  end
+
+  def generic_warning
+    message = "Rails #{tracker.config[:rails_version]} has a vulnerability in number_to_currency (CVE-2013-6415). Upgrade to Rails version "
+
+    if version_between? "2.3.0", "3.2.15"
+      message << "3.2.16"
+    else
+      message << "4.0.2"
+    end
+
+    warn :warning_type => "Cross Site Scripting",
+      :warning_code => :CVE_2013_6415,
+      :message => message,
+      :confidence => CONFIDENCE[:med],
+      :file => gemfile_or_environment,
+      :link_path => "https://groups.google.com/d/topic/rubyonrails-security/8CpI7egxX4E/discussion"
+  end
+
+  def check_number_to_currency_usage
+    tracker.find_call(:target => false, :method => :number_to_currency).each do |result|
+      arg = result[:call].second_arg
+      next unless arg
+
+      if match = (has_immediate_user_input? arg or has_immediate_model? arg)
+        match = match.match if match.is_a? Match
+        @found_any = true
+        warn_on_number_to_currency result, match
+      end
+    end
+  end
+
+  def warn_on_number_to_currency result, match
+    warn :result => result,
+      :warning_type => "Cross Site Scripting",
+      :warning_code => :CVE_2013_6415_call,
+      :message => "Currency value in number_to_currency is not safe in Rails #{@tracker.config[:rails_version]}",
+      :confidence => CONFIDENCE[:high],
+      :link_path => "https://groups.google.com/d/topic/rubyonrails-security/8CpI7egxX4E/discussion",
+      :user_input => match
+  end
+end

data/lib/brakeman/checks/check_redirect.rb

@@ -13,7 +13,7 @@ class Brakeman::CheckRedirect < Brakeman::BaseCheck
   def run_check
     Brakeman.debug "Finding calls to redirect_to()"
 
-    @model_find_calls = Set[:all, :find, :find_by_sql, :first, :last, :new]
+    @model_find_calls = Set[:all, :create, :create!, :find, :find_by_sql, :first, :last, :new]
 
     if tracker.options[:rails3]
       @model_find_calls.merge [:from, :group, :having, :joins, :lock, :order, :reorder, :select, :where]

data/lib/brakeman/checks/check_simple_format.rb

@@ -0,0 +1,60 @@
+require 'brakeman/checks/base_check'
+
+class Brakeman::CheckSimpleFormat < Brakeman::CheckCrossSiteScripting
+  Brakeman::Checks.add self
+
+  @description = "Checks for simple_format XSS vulnerability (CVE-2013-6416) in certain versions"
+
+  def run_check
+    if version_between? "4.0.0", "4.0.1"
+      @inspect_arguments = true
+      @ignore_methods = Set[:h, :escapeHTML]
+
+      check_simple_format_usage
+      generic_warning unless @found_any
+    end
+  end
+
+  def generic_warning
+    message = "Rails #{tracker.config[:rails_version]} has a vulnerability in simple_format (CVE-2013-6416). Upgrade to Rails version 4.0.2"
+
+    warn :warning_type => "Cross Site Scripting",
+      :warning_code => :CVE_2013_6416,
+      :message => message,
+      :confidence => CONFIDENCE[:med],
+      :file => gemfile_or_environment,
+      :link_path => "https://groups.google.com/d/msg/ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ"
+  end
+
+  def check_simple_format_usage
+    tracker.find_call(:target => false, :method => :simple_format).each do |result|
+      @matched = false
+      process_call result[:call]
+      if @matched
+        warn_on_simple_format result, @matched
+      end
+    end
+  end
+
+  def process_call exp
+    @mark = true
+    actually_process_call exp
+    exp
+  end
+
+  def warn_on_simple_format result, match
+    return if duplicate? result
+    add_result result
+
+    @found_any = true
+
+    warn :result => result,
+      :warning_type => "Cross Site Scripting",
+      :warning_code => :CVE_2013_6416_call,
+      :message => "Values passed to simple_format are not safe in Rails #{@tracker.config[:rails_version]}",
+      :confidence => CONFIDENCE[:high],
+      :file => gemfile_or_environment,
+      :link_path => "https://groups.google.com/d/msg/ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ",
+      :user_input => match.match
+  end
+end

data/lib/brakeman/checks/check_sql.rb

@@ -556,6 +556,11 @@ def check_rails_versions_against_cve_issues
         :versions => [%w[2.0.0 2.3.15 2.3.16], %w[3.0.0 3.0.18 3.0.19], %w[3.1.0 3.1.9 3.1.10], %w[3.2.0 3.2.10 3.2.11]],
         :url => "https://groups.google.com/d/topic/rubyonrails-security/c7jT-EeN9eI/discussion"
       },
+      {
+        :cve => "CVE-2013-6417",
+        :versions => [%w[2.0.0 3.2.15 3.2.16], %w[4.0.0 4.0.1 4.0.2]],
+        :url => "https://groups.google.com/d/msg/ruby-security-ann/niK4drpSHT4/g8JW8ZsayRkJ"
+      },
     ].each do |cve_issue|
       cve_warning_for cve_issue[:versions], cve_issue[:cve], cve_issue[:url]
     end

data/lib/brakeman/checks/check_translate_bug.rb

@@ -25,7 +25,7 @@ class Brakeman::CheckTranslateBug < Brakeman::BaseCheck
       elsif version =~ /^3\.0/
         "Versions before 3.0.11 #{description}."
       else
-        "Rails 2.3.x using the rails_xss plugin #{description}}."
+        "Rails 2.3.x using the rails_xss plugin #{description}."
       end
 
       warn :warning_type => "Cross Site Scripting",

data/lib/brakeman/checks/check_unsafe_reflection.rb

@@ -7,7 +7,7 @@ require 'brakeman/checks/base_check'
 class Brakeman::CheckUnsafeReflection < Brakeman::BaseCheck
   Brakeman::Checks.add self
 
-  @description = "Checks for Unsafe Reflection"
+  @description = "Checks for unsafe reflection"
 
   def run_check
     reflection_methods = [:constantize, :safe_constantize, :const_get, :qualified_const_get]
@@ -38,7 +38,7 @@ class Brakeman::CheckUnsafeReflection < Brakeman::BaseCheck
     end
 
     if confidence
-      message = "Unsafe Reflection method #{method} called with #{friendly_type_of input}"
+      message = "Unsafe reflection method #{method} called with #{friendly_type_of input}"
 
       warn :result => result,
         :warning_type => "Remote Code Execution",

data/lib/brakeman/processors/alias_processor.rb

@@ -88,6 +88,10 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
     method = exp.method
     first_arg = exp.first_arg
 
+    if method == :send or method == :try
+      collapse_send_call exp, first_arg
+    end
+
     if node_type? target, :or and [:+, :-, :*, :/].include? method
       res = process_or_simple_operation(exp)
       return res if res
@@ -220,13 +224,24 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
 
   #Process a method definition.
   def process_methdef exp
-    env.scope do
-      set_env_defaults
+    meth_env do
       exp.body = process_all! exp.body
     end
     exp
   end
 
+  def meth_env
+    begin
+      env.scope do
+        set_env_defaults
+        @meth_env = env.current
+        yield
+      end
+    ensure
+      @meth_env = nil
+    end
+  end
+
   #Process a method definition on self.
   def process_selfdef exp
     env.scope do
@@ -437,9 +452,11 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
       branch_scopes = []
       exps.each_with_index do |branch, i|
         scope do
+          @branch_env = env.current
           branch_index = 2 + i # s(:if, condition, then_branch, else_branch)
           exp[branch_index] = process_if_branch branch
           branch_scopes << env.current
+          @branch_env = nil
         end
       end
 
@@ -530,6 +547,17 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
     end
   end
 
+  # Change x.send(:y, 1) to x.y(1)
+  def collapse_send_call exp, first_arg
+    return unless symbol? first_arg or string? first_arg
+    exp.method = first_arg.value.to_sym
+    args = exp.args
+    exp.pop # remove last arg
+    if args.length > 1
+      exp.arglist = args[1..-1]
+    end
+  end
+
   #Returns a new SexpProcessor::Environment containing only instance variables.
   #This is useful, for example, when processing views.
   def only_ivars include_request_vars = false, lenv = nil
@@ -731,7 +759,17 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
     end
 
     if @ignore_ifs or not @inside_if
-      env[var] = value
+      if @meth_env and node_type? var, :ivar and env[var].nil?
+        @meth_env[var] = value
+      else
+        env[var] = value
+      end
+    elsif env.current[var]
+      env.current[var] = value
+    elsif @branch_env and @branch_env[var]
+      @branch_env[var] = value
+    elsif @branch_env and @meth_env and node_type? var, :ivar
+      @branch_env[var] = value
     else
       env.current[var] = value
     end
@@ -776,5 +814,4 @@ class Brakeman::AliasProcessor < Brakeman::SexpProcessor
       false
     end
   end
-
 end

data/lib/brakeman/processors/controller_alias_processor.rb

@@ -84,9 +84,7 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
     @current_method = meth_name
     @rendered = false if is_route
 
-    env.scope do
-      set_env_defaults
-
+    meth_env do
       if is_route
         before_filter_list(@current_method, @current_class).each do |f|
           process_before_filter f
@@ -124,7 +122,7 @@ class Brakeman::ControllerAliasProcessor < Brakeman::AliasProcessor
 
   #Check for +respond_to+
   def process_call_with_block exp
-    process_default exp
+    super
 
     if call? exp.block_call and exp.block_call.method == :respond_to
       @rendered = true

data/lib/brakeman/processors/gem_processor.rb

@@ -15,6 +15,7 @@ class Brakeman::GemProcessor < Brakeman::BaseProcessor
     if gem_lock
       get_rails_version gem_lock
       get_json_version gem_lock
+      get_i18n_version gem_lock
     elsif @tracker.config[:gems][:rails] =~ /(\d+.\d+.\d+)/
       @tracker.config[:rails_version] = $1
     end
@@ -61,4 +62,8 @@ class Brakeman::GemProcessor < Brakeman::BaseProcessor
     @tracker.config[:gems][:json] = get_version("json", gem_lock)
     @tracker.config[:gems][:json_pure] = get_version("json_pure", gem_lock)
   end
+
+  def get_i18n_version gem_lock
+    @tracker.config[:gems][:i18n] = get_version("i18n", gem_lock)
+  end
 end

data/lib/brakeman/processors/slim_template_processor.rb

@@ -96,7 +96,7 @@ class Brakeman::SlimTemplateProcessor < Brakeman::TemplateProcessor
   def is_escaped? exp
     call? exp and
     exp.target == TEMPLE_UTILS and
-    exp.method == :escape_html
+    (exp.method == :escape_html or exp.method == :escape_html_safe)
   end
 
   def render? exp

data/lib/brakeman/version.rb

@@ -1,3 +1,3 @@
 module Brakeman
-  Version = "2.2.0"
+  Version = "2.3.0"
 end

data/lib/brakeman/warning_codes.rb

@@ -62,7 +62,15 @@ module Brakeman::WarningCodes
     :unsafe_symbol_creation => 59,
     :dangerous_attr_accessible => 60,
     :local_request_config => 61,
-    :detailed_exceptions => 62
+    :detailed_exceptions => 62,
+    :CVE_2013_4491 => 63,
+    :CVE_2013_6414 => 64,
+    :CVE_2013_6415 => 65,
+    :CVE_2013_6415_call => 66,
+    :CVE_2013_6416 => 67,
+    :CVE_2013_6416_call => 68,
+    :CVE_2013_6417 => 69,
+    :mass_assign_permit! => 70,
   }
 
   def self.code name

data/lib/ruby_parser/bm_sexp.rb

@@ -163,6 +163,12 @@ class Sexp
     end
   end
 
+  def method= name
+    expect :call
+
+    self[2] = name
+  end
+
   #Sets the arglist in a method call.
   def arglist= exp
     expect :call, :attrasgn

metadata

@@ -1,21 +1,42 @@
 --- !ruby/object:Gem::Specification 
 name: brakeman
 version: !ruby/object:Gem::Version 
-  hash: 7
+  hash: 3
   prerelease: 
   segments: 
   - 2
-  - 2
+  - 3
   - 0
-  version: 2.2.0
+  version: 2.3.0
 platform: ruby
 authors: 
 - Justin Collins
 autorequire: 
 bindir: bin
-cert_chain: []
+cert_chain: 
+- |
+  -----BEGIN CERTIFICATE-----
+  MIIDLjCCAhagAwIBAgIBADANBgkqhkiG9w0BAQUFADA9MQwwCgYDVQQDDANnZW0x
+  GDAWBgoJkiaJk/IsZAEZFghicmFrZW1hbjETMBEGCgmSJomT8ixkARkWA29yZzAe
+  Fw0xMzEyMTIwMDMxNTdaFw0xNDEyMTIwMDMxNTdaMD0xDDAKBgNVBAMMA2dlbTEY
+  MBYGCgmSJomT8ixkARkWCGJyYWtlbWFuMRMwEQYKCZImiZPyLGQBGRYDb3JnMIIB
+  IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCHmXCaAcZ4bVjijKoyQFx4N
+  dyN7B7bqY8wOXy6f/UZ6mdC8IRAj82KaWQjNE2LT/ObFUWpCRyLdrwjkDjdFDyOT
+  mZCZkiOeEy2ZxYGfxXMI/xg24c8r5Xmh16ErsYuprRcg+/KZ6s4UjseBNTARmBK4
+  IHcqIdnoWbYa3BWHoflJPaJUIaU+/yTclzFQHpswU7ka8ftIAWeoDQo22gasP/4N
+  HtJvAIyg1DcWPLcn0qbZmdehg8HZv8C+2MuLKX/2qZG9eseegMqMlHHabwwEy9Vv
+  f/t/+ltLjC0CRa2TqZ2EuQ5EEzbOsqAftaZJFmwv9Ut1UhjmdvR5RfN6dWMQ5QID
+  AQABozkwNzALBgNVHQ8EBAMCBLAwHQYDVR0OBBYEFPyEKeRy09i8qSr+9KFbeTqw
+  kMCSMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBALEk8/Wnl2VAqchxWlbg
+  RN0MkVUWMf8L0xxUiVKo5QeL4NBViALMBrU6IS4y6zyn+FoULAMEawUjZlZf4Hcg
+  S9unev3p+RTWUyksAnA27wHZs/NRIkW34s1ZI5NNE/xyu4ULOQjfh1wOjlWzyHu9
+  0t41/CtpgNPM2uAjG3RIqlp7QKXlby50cQqWJQCgTH3JNjMhmROEhTsI6COoApvd
+  Ce7Br39yjeoarvekq0wCXBYakUBw/DdZCG7mFZ6xgh01eqnZUsNd8vM+6V6v23Vu
+  jk2tMjFT4L1dA3MEsz3+MP144PDhPCh7tPe6yy81BOvyYTVkKzrAkgKwHD1CuvsH
+  bdw=
+  -----END CERTIFICATE-----
 
-date: 2013-10-28 00:00:00 Z
+date: 2013-12-12 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: ruby_parser
@@ -186,7 +207,7 @@ dependencies:
   type: :runtime
   version_requirements: *id010
 description: Brakeman detects security vulnerabilities in Ruby on Rails applications via static analysis.
-email: 
+email: gem@brakeman.org
 executables: 
 - brakeman
 extensions: []
@@ -199,122 +220,126 @@ files:
 - WARNING_TYPES
 - FEATURES
 - README.md
-- lib/brakeman/version.rb
-- lib/brakeman/differ.rb
-- lib/brakeman/util.rb
+- lib/brakeman/app_tree.rb
 - lib/brakeman/brakeman.rake
 - lib/brakeman/call_index.rb
-- lib/brakeman/report/report_json.rb
-- lib/brakeman/report/report_hash.rb
-- lib/brakeman/report/report_base.rb
-- lib/brakeman/report/report_tabs.rb
-- lib/brakeman/report/report_html.rb
-- lib/brakeman/report/report_table.rb
-- lib/brakeman/report/renderer.rb
-- lib/brakeman/report/templates/controller_overview.html.erb
-- lib/brakeman/report/templates/model_warnings.html.erb
-- lib/brakeman/report/templates/template_overview.html.erb
-- lib/brakeman/report/templates/view_warnings.html.erb
-- lib/brakeman/report/templates/overview.html.erb
-- lib/brakeman/report/templates/controller_warnings.html.erb
-- lib/brakeman/report/templates/header.html.erb
-- lib/brakeman/report/templates/error_overview.html.erb
-- lib/brakeman/report/templates/security_warnings.html.erb
-- lib/brakeman/report/templates/warning_overview.html.erb
-- lib/brakeman/report/templates/ignored_warnings.html.erb
-- lib/brakeman/report/report_csv.rb
-- lib/brakeman/report/initializers/faster_csv.rb
-- lib/brakeman/report/initializers/multi_json.rb
-- lib/brakeman/report/ignore/interactive.rb
-- lib/brakeman/report/ignore/config.rb
-- lib/brakeman/tracker.rb
-- lib/brakeman/report.rb
-- lib/brakeman/scanner.rb
-- lib/brakeman/processor.rb
-- lib/brakeman/format/style.css
-- lib/brakeman/warning_codes.rb
-- lib/brakeman/app_tree.rb
-- lib/brakeman/checks/check_select_vulnerability.rb
-- lib/brakeman/checks/check_detailed_exceptions.rb
-- lib/brakeman/checks/check_escape_function.rb
-- lib/brakeman/checks/check_single_quotes.rb
-- lib/brakeman/checks/check_model_serialize.rb
+- lib/brakeman/checks/base_check.rb
 - lib/brakeman/checks/check_basic_auth.rb
-- lib/brakeman/checks/check_safe_buffer_manipulation.rb
-- lib/brakeman/checks/check_forgery_setting.rb
-- lib/brakeman/checks/check_session_settings.rb
-- lib/brakeman/checks/check_model_attributes.rb
-- lib/brakeman/checks/check_redirect.rb
-- lib/brakeman/checks/check_yaml_parsing.rb
-- lib/brakeman/checks/check_skip_before_filter.rb
-- lib/brakeman/checks/check_response_splitting.rb
-- lib/brakeman/checks/check_mail_to.rb
 - lib/brakeman/checks/check_content_tag.rb
-- lib/brakeman/checks/check_unsafe_reflection.rb
-- lib/brakeman/checks/check_sql.rb
-- lib/brakeman/checks/check_select_tag.rb
-- lib/brakeman/checks/check_model_attr_accessible.rb
-- lib/brakeman/checks/check_mass_assignment.rb
-- lib/brakeman/checks/check_link_to_href.rb
-- lib/brakeman/checks/check_filter_skipping.rb
-- lib/brakeman/checks/check_symbol_dos.rb
-- lib/brakeman/checks/check_sanitize_methods.rb
-- lib/brakeman/checks/check_file_access.rb
+- lib/brakeman/checks/check_cross_site_scripting.rb
+- lib/brakeman/checks/check_default_routes.rb
 - lib/brakeman/checks/check_deserialize.rb
-- lib/brakeman/checks/base_check.rb
-- lib/brakeman/checks/check_validation_regex.rb
-- lib/brakeman/checks/check_evaluation.rb
+- lib/brakeman/checks/check_detailed_exceptions.rb
 - lib/brakeman/checks/check_digest_dos.rb
-- lib/brakeman/checks/check_render.rb
-- lib/brakeman/checks/check_send_file.rb
-- lib/brakeman/checks/check_json_parsing.rb
+- lib/brakeman/checks/check_escape_function.rb
+- lib/brakeman/checks/check_evaluation.rb
 - lib/brakeman/checks/check_execute.rb
-- lib/brakeman/checks/check_translate_bug.rb
+- lib/brakeman/checks/check_file_access.rb
+- lib/brakeman/checks/check_filter_skipping.rb
+- lib/brakeman/checks/check_forgery_setting.rb
+- lib/brakeman/checks/check_header_dos.rb
+- lib/brakeman/checks/check_i18n_xss.rb
 - lib/brakeman/checks/check_jruby_xml.rb
-- lib/brakeman/checks/check_default_routes.rb
+- lib/brakeman/checks/check_json_parsing.rb
 - lib/brakeman/checks/check_link_to.rb
+- lib/brakeman/checks/check_link_to_href.rb
+- lib/brakeman/checks/check_mail_to.rb
+- lib/brakeman/checks/check_mass_assignment.rb
+- lib/brakeman/checks/check_model_attr_accessible.rb
+- lib/brakeman/checks/check_model_attributes.rb
+- lib/brakeman/checks/check_model_serialize.rb
+- lib/brakeman/checks/check_nested_attributes.rb
+- lib/brakeman/checks/check_number_to_currency.rb
 - lib/brakeman/checks/check_quote_table_name.rb
+- lib/brakeman/checks/check_redirect.rb
+- lib/brakeman/checks/check_render.rb
+- lib/brakeman/checks/check_response_splitting.rb
+- lib/brakeman/checks/check_safe_buffer_manipulation.rb
+- lib/brakeman/checks/check_sanitize_methods.rb
+- lib/brakeman/checks/check_select_tag.rb
+- lib/brakeman/checks/check_select_vulnerability.rb
 - lib/brakeman/checks/check_send.rb
-- lib/brakeman/checks/check_cross_site_scripting.rb
+- lib/brakeman/checks/check_send_file.rb
+- lib/brakeman/checks/check_session_settings.rb
+- lib/brakeman/checks/check_simple_format.rb
+- lib/brakeman/checks/check_single_quotes.rb
+- lib/brakeman/checks/check_skip_before_filter.rb
+- lib/brakeman/checks/check_sql.rb
 - lib/brakeman/checks/check_strip_tags.rb
-- lib/brakeman/checks/check_nested_attributes.rb
+- lib/brakeman/checks/check_symbol_dos.rb
+- lib/brakeman/checks/check_translate_bug.rb
+- lib/brakeman/checks/check_unsafe_reflection.rb
+- lib/brakeman/checks/check_validation_regex.rb
 - lib/brakeman/checks/check_without_protection.rb
+- lib/brakeman/checks/check_yaml_parsing.rb
 - lib/brakeman/checks.rb
+- lib/brakeman/differ.rb
+- lib/brakeman/format/style.css
+- lib/brakeman/options.rb
+- lib/brakeman/parsers/rails2_erubis.rb
+- lib/brakeman/parsers/rails2_xss_plugin_erubis.rb
+- lib/brakeman/parsers/rails3_erubis.rb
+- lib/brakeman/processor.rb
+- lib/brakeman/processors/alias_processor.rb
+- lib/brakeman/processors/base_processor.rb
+- lib/brakeman/processors/config_processor.rb
 - lib/brakeman/processors/controller_alias_processor.rb
+- lib/brakeman/processors/controller_processor.rb
+- lib/brakeman/processors/erb_template_processor.rb
+- lib/brakeman/processors/erubis_template_processor.rb
+- lib/brakeman/processors/gem_processor.rb
+- lib/brakeman/processors/haml_template_processor.rb
+- lib/brakeman/processors/lib/find_all_calls.rb
+- lib/brakeman/processors/lib/find_call.rb
 - lib/brakeman/processors/lib/find_return_value.rb
-- lib/brakeman/processors/lib/route_helper.rb
-- lib/brakeman/processors/lib/rails2_route_processor.rb
-- lib/brakeman/processors/lib/render_helper.rb
-- lib/brakeman/processors/lib/rails2_config_processor.rb
-- lib/brakeman/processors/lib/rails3_route_processor.rb
 - lib/brakeman/processors/lib/processor_helper.rb
+- lib/brakeman/processors/lib/rails2_config_processor.rb
+- lib/brakeman/processors/lib/rails2_route_processor.rb
 - lib/brakeman/processors/lib/rails3_config_processor.rb
-- lib/brakeman/processors/lib/find_all_calls.rb
-- lib/brakeman/processors/lib/find_call.rb
-- lib/brakeman/processors/template_alias_processor.rb
+- lib/brakeman/processors/lib/rails3_route_processor.rb
+- lib/brakeman/processors/lib/render_helper.rb
+- lib/brakeman/processors/lib/route_helper.rb
+- lib/brakeman/processors/library_processor.rb
 - lib/brakeman/processors/model_processor.rb
 - lib/brakeman/processors/output_processor.rb
-- lib/brakeman/processors/library_processor.rb
-- lib/brakeman/processors/erb_template_processor.rb
-- lib/brakeman/processors/template_processor.rb
-- lib/brakeman/processors/alias_processor.rb
-- lib/brakeman/processors/config_processor.rb
-- lib/brakeman/processors/gem_processor.rb
-- lib/brakeman/processors/erubis_template_processor.rb
 - lib/brakeman/processors/route_processor.rb
-- lib/brakeman/processors/controller_processor.rb
 - lib/brakeman/processors/slim_template_processor.rb
-- lib/brakeman/processors/haml_template_processor.rb
-- lib/brakeman/processors/base_processor.rb
-- lib/brakeman/warning.rb
-- lib/brakeman/options.rb
+- lib/brakeman/processors/template_alias_processor.rb
+- lib/brakeman/processors/template_processor.rb
+- lib/brakeman/report/ignore/config.rb
+- lib/brakeman/report/ignore/interactive.rb
+- lib/brakeman/report/initializers/faster_csv.rb
+- lib/brakeman/report/initializers/multi_json.rb
+- lib/brakeman/report/renderer.rb
+- lib/brakeman/report/report_base.rb
+- lib/brakeman/report/report_csv.rb
+- lib/brakeman/report/report_hash.rb
+- lib/brakeman/report/report_html.rb
+- lib/brakeman/report/report_json.rb
+- lib/brakeman/report/report_table.rb
+- lib/brakeman/report/report_tabs.rb
+- lib/brakeman/report/templates/controller_overview.html.erb
+- lib/brakeman/report/templates/controller_warnings.html.erb
+- lib/brakeman/report/templates/error_overview.html.erb
+- lib/brakeman/report/templates/header.html.erb
+- lib/brakeman/report/templates/ignored_warnings.html.erb
+- lib/brakeman/report/templates/model_warnings.html.erb
+- lib/brakeman/report/templates/overview.html.erb
+- lib/brakeman/report/templates/security_warnings.html.erb
+- lib/brakeman/report/templates/template_overview.html.erb
+- lib/brakeman/report/templates/view_warnings.html.erb
+- lib/brakeman/report/templates/warning_overview.html.erb
+- lib/brakeman/report.rb
 - lib/brakeman/rescanner.rb
-- lib/brakeman/parsers/rails2_erubis.rb
-- lib/brakeman/parsers/rails3_erubis.rb
-- lib/brakeman/parsers/rails2_xss_plugin_erubis.rb
+- lib/brakeman/scanner.rb
+- lib/brakeman/tracker.rb
+- lib/brakeman/util.rb
+- lib/brakeman/version.rb
+- lib/brakeman/warning.rb
+- lib/brakeman/warning_codes.rb
+- lib/brakeman.rb
 - lib/ruby_parser/bm_sexp.rb
 - lib/ruby_parser/bm_sexp_processor.rb
-- lib/brakeman.rb
 homepage: http://brakemanscanner.org
 licenses: 
 - MIT

metadata.gz.sig

@@ -0,0 +1 @@
+G\�1mt����q%Uv��*u��>H�gj)C����$&���׸��U�0@U�囡聢.�7�0m�&�0�O��g��l 5v� Z:2�Q���v���<9L(]��N��N����T)� f�#(Tv,�;������m01y25��7��-��۠���玆�������I��3D�~-<�<=PT�zE2=o��q)j Q~ź]�p"d��ޒ�	�m~ř�_�{3�γm�qGxc
>�3�'��uK��i��w��j