codesake-dawn 0.60 → 0.70

data/lib/codesake/dawn/version.rb

@@ -1,5 +1,5 @@
 module Codesake
   module Dawn
-    VERSION = "0.60"
+    VERSION = "0.70"
   end
 end

data/spec/lib/dawn/codesake_knowledgebase_spec.rb

@@ -225,6 +225,93 @@ describe "The Codesake Dawn knowledge base" do
     sc.class.should == Codesake::Dawn::Kb::CVE_2013_3221
   end
 
+  it "must have test for CVE-2011-0447" do
+    sc = kb.find("CVE-2011-0447")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2011_0447
+  end
+
+  it "must have test for CVE-2011-3186" do
+    sc = kb.find("CVE-2011-3186")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2011_3186
+  end
+  it "must have test for CVE-2012-1099" do
+    sc = kb.find("CVE-2012-1099")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_1099
+  end
+  it "must have test for CVE-2012-1241" do
+    sc = kb.find("CVE-2012-1241")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_1241
+  end
+  it "must have test for CVE-2012-2140" do
+    sc = kb.find("CVE-2012-2140")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_2140
+  end
+  it "must have test for CVE-2012-5370" do
+    sc = kb.find("CVE-2012-5370")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_5370
+  end
+  it "must have test for CVE-2012-5371" do
+    sc = kb.find("CVE-2012-5371")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_5371
+  end
+  it "must have test for CVE-2011-2197" do
+    sc = kb.find("CVE-2011-2197")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2011_2197
+  end
+  it "must have test for CVE-2011-2932" do
+    sc = kb.find("CVE-2011-2932")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2011_2932
+  end
+  it "must have test for CVE-2012-3463" do
+    sc = kb.find("CVE-2012-3463")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_3463
+  end
+  it "must have test for CVE-2012-3464" do
+    sc = kb.find("CVE-2012-3464")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_3464
+  end
+  it "must have test for CVE-2012-4464" do
+    sc = kb.find("CVE-2012-4464")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_4464
+  end
+  it "must have test for CVE-2012-4466" do
+    sc = kb.find("CVE-2012-4466")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_4466
+  end
+  it "must have test for CVE-2012-4481" do
+    sc = kb.find("CVE-2012-4481")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_4481
+  end
+  it "must have test for CVE-2012-6134" do
+    sc = kb.find("CVE-2012-6134")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_6134
+  end
+  it "must have test for CVE-2012-6496" do
+    sc = kb.find("CVE-2012-6496")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_6496
+  end
+
+  it "must have test for CVE-2012-6497" do
+    sc = kb.find("CVE-2012-6497")
+    sc.should_not   be_nil
+    sc.class.should == Codesake::Dawn::Kb::CVE_2012_6497
+  end
 
 
 end

data/spec/lib/dawn/codesake_sinatra_engine_spec.rb

@@ -7,6 +7,9 @@ describe "The Codesake::Dawn engine for sinatra applications" do
     @engine.name.should   ==    "sinatra"
   end
 
+  it "detects the default application name" do
+    @engine.appname.should == "application.rb"
+  end
   it "has a valid target" do
     @engine.target.should ==   "./spec/support/sinatra-safe"
     @engine.target_is_dir?.should  be_true
@@ -20,6 +23,14 @@ describe "The Codesake::Dawn engine for sinatra applications" do
     @engine.mvc_version.should   == "1.4.2"
   end
 
+  it "detects 2 views" do
+    @engine.views.should == [{:filename=>"./spec/support/sinatra-safe/views/layout.haml", :language=>:haml}, {:filename=>"./spec/support/sinatra-safe/views/root.haml", :language=>:haml}]
+  end
+  it "detects views are written using HAML" do
+    @engine.views[0][:language].should == :haml
+    @engine.views[1][:language].should == :haml
+  end
+
   it "has some check in the knowledge base" do
     @engine.checks.should_not be_nil 
     @engine.checks.should_not be_empty
@@ -53,7 +64,7 @@ describe "The Codesake::Dawn engine for sinatra applications" do
     end
   end  
 
-  describe "applied do the sinatra-vulnerable application do" do
+  describe "applied do the sinatra-vulnerable application" do
     before (:all) {@engine= Codesake::Dawn::Sinatra.new('./spec/support/sinatra-vulnerable')}
     it "has a valid target" do
       @engine.target.should ==   "./spec/support/sinatra-vulnerable"
@@ -80,5 +91,37 @@ describe "The Codesake::Dawn engine for sinatra applications" do
       e2 =  Codesake::Dawn::Sinatra.new('./spec/support/sinatra-vulnerable')
       e2.vulnerabilities.should_not be_empty
     end
+
+    context "when scanning for XSS" do
+      it "detects 3 views" do
+        @engine.views.should == [
+          {:filename=>"./spec/support/sinatra-vulnerable/views/layout.haml", :language=>:haml}, 
+          {:filename=>"./spec/support/sinatra-vulnerable/views/root.haml", :language=>:haml}, 
+          {:filename=>"./spec/support/sinatra-vulnerable/views/xss.haml", :language=>:haml}
+        ]
+      end
+      it "detects views are written using HAML" do
+        @engine.views[0][:language].should == :haml
+        @engine.views[1][:language].should == :haml
+        @engine.views[2][:language].should == :haml
+      end
+
+      it "detects a sink on application.rb" do
+        sink = @engine.detect_sinks("application.rb")
+        sink.should == [ 
+          {:sink_name=>"@xss_param", :sink_kind=>:params, :sink_source=>"name", :sink_line=>26}, 
+          {:sink_name=>"@my_arr", :sink_kind=>:params, :sink_source=>"second", :sink_line=>27} 
+        ]
+      end
+
+      it "detects reflected ones in HAML views" do
+        reflected_xss= @engine.detect_reflected_xss
+        @engine.reflected_xss.should_not be_nil
+        @engine.reflected_xss.should_not be_empty 
+        @engine.reflected_xss.should == [
+          {:sink_name=>"@xss_param", :sink_kind=>:params, :sink_source=>"name", :sink_line=>26}, 
+        ]
+      end
+    end
   end
 end

data/spec/spec_helper.rb

@@ -1 +1,4 @@
+require 'coveralls'
+
 require 'codesake-dawn'
+Coveralls.wear!

data/spec/support/sinatra-vulnerable/application.rb

@@ -22,6 +22,12 @@ get '/' do
   haml :root
 end
 
+get '/xss' do
+  @xss_param = params['name']
+  @my_arr[0] = params['second']
+  haml :xss
+end
+
 # FIXME: I must raise an error here
 get '/foo' do
   haml :bar

data/spec/support/sinatra-vulnerable/views/xss.haml

@@ -0,0 +1,3 @@
+%h2 xss
+%p 
+  =@xss_param

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: codesake-dawn
 version: !ruby/object:Gem::Version
-  version: '0.60'
+  version: '0.70'
   prerelease: 
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2013-05-28 00:00:00.000000000 Z
+date: 2013-06-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: codesake_commons
@@ -43,6 +43,70 @@ dependencies:
     - - ! '>='
       - !ruby/object:Gem::Version
         version: '0'
+- !ruby/object:Gem::Dependency
+  name: haml
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: parser
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: ptools
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: coveralls
+  requirement: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    none: false
+    requirements:
+    - - ! '>='
+      - !ruby/object:Gem::Version
+        version: '0'
 - !ruby/object:Gem::Dependency
   name: rake
   requirement: !ruby/object:Gem::Requirement
@@ -145,20 +209,37 @@ files:
 - Roadmap.md
 - TODO.md
 - bin/dawn
-- codesake_dawn.gemspec
+- codesake-dawn.gemspec
 - features/dawn_complains_about_an_incorrect_command_line.feature
 - features/dawn_scan_a_secure_sinatra_app.feature
+- features/dawn_scan_a_vulnerable_sinatra_app.feature
 - features/step_definition/dawn_steps.rb
 - features/support/env.rb
 - lib/codesake-dawn.rb
+- lib/codesake/dawn/core.rb
 - lib/codesake/dawn/engine.rb
 - lib/codesake/dawn/kb/basic_check.rb
+- lib/codesake/dawn/kb/cve_2011_0447.rb
+- lib/codesake/dawn/kb/cve_2011_2197.rb
 - lib/codesake/dawn/kb/cve_2011_2931.rb
+- lib/codesake/dawn/kb/cve_2011_2932.rb
+- lib/codesake/dawn/kb/cve_2011_3186.rb
+- lib/codesake/dawn/kb/cve_2012_1099.rb
+- lib/codesake/dawn/kb/cve_2012_1241.rb
+- lib/codesake/dawn/kb/cve_2012_2140.rb
 - lib/codesake/dawn/kb/cve_2012_2660.rb
 - lib/codesake/dawn/kb/cve_2012_2661.rb
 - lib/codesake/dawn/kb/cve_2012_2694.rb
 - lib/codesake/dawn/kb/cve_2012_2695.rb
+- lib/codesake/dawn/kb/cve_2012_3463.rb
+- lib/codesake/dawn/kb/cve_2012_3464.rb
 - lib/codesake/dawn/kb/cve_2012_3465.rb
+- lib/codesake/dawn/kb/cve_2012_4464.rb
+- lib/codesake/dawn/kb/cve_2012_4466.rb
+- lib/codesake/dawn/kb/cve_2012_4481.rb
+- lib/codesake/dawn/kb/cve_2012_5370.rb
+- lib/codesake/dawn/kb/cve_2012_5371.rb
+- lib/codesake/dawn/kb/cve_2012_6134.rb
 - lib/codesake/dawn/kb/cve_2012_6496.rb
 - lib/codesake/dawn/kb/cve_2012_6497.rb
 - lib/codesake/dawn/kb/cve_2013_0155.rb
@@ -205,7 +286,6 @@ files:
 - spec/lib/kb/codesake_cve_2013_0175_spec.rb
 - spec/lib/kb/codesake_ruby_version_check_spec.rb
 - spec/spec_helper.rb
-- spec/support/hello_world_3.0.19/.gitignore
 - spec/support/hello_world_3.0.19/Gemfile
 - spec/support/hello_world_3.0.19/README
 - spec/support/hello_world_3.0.19/Rakefile
@@ -247,7 +327,6 @@ files:
 - spec/support/hello_world_3.0.19/test/performance/browsing_test.rb
 - spec/support/hello_world_3.0.19/test/test_helper.rb
 - spec/support/hello_world_3.0.19/vendor/plugins/.gitkeep
-- spec/support/hello_world_3.1.0/.gitignore
 - spec/support/hello_world_3.1.0/Gemfile
 - spec/support/hello_world_3.1.0/README
 - spec/support/hello_world_3.1.0/Rakefile
@@ -294,7 +373,6 @@ files:
 - spec/support/hello_world_3.1.0/test/unit/.gitkeep
 - spec/support/hello_world_3.1.0/vendor/assets/stylesheets/.gitkeep
 - spec/support/hello_world_3.1.0/vendor/plugins/.gitkeep
-- spec/support/hello_world_3.2.13/.gitignore
 - spec/support/hello_world_3.2.13/Gemfile
 - spec/support/hello_world_3.2.13/README.rdoc
 - spec/support/hello_world_3.2.13/Rakefile
@@ -344,7 +422,6 @@ files:
 - spec/support/hello_world_3.2.13/vendor/plugins/.gitkeep
 - spec/support/lorem.txt
 - spec/support/sinatra-safe/.gems
-- spec/support/sinatra-safe/.gitignore
 - spec/support/sinatra-safe/Gemfile
 - spec/support/sinatra-safe/MIT-LICENSE
 - spec/support/sinatra-safe/README.rdoc
@@ -358,19 +435,20 @@ files:
 - spec/support/sinatra-safe/views/layout.haml
 - spec/support/sinatra-safe/views/root.haml
 - spec/support/sinatra-vulnerable/.gems
-- spec/support/sinatra-vulnerable/.gitignore
 - spec/support/sinatra-vulnerable/Gemfile
 - spec/support/sinatra-vulnerable/MIT-LICENSE
 - spec/support/sinatra-vulnerable/README.rdoc
 - spec/support/sinatra-vulnerable/Rakefile
 - spec/support/sinatra-vulnerable/application.rb
 - spec/support/sinatra-vulnerable/config.ru
+- spec/support/sinatra-vulnerable/disabled.png
 - spec/support/sinatra-vulnerable/environment.rb
 - spec/support/sinatra-vulnerable/lib/profile.rb
 - spec/support/sinatra-vulnerable/public/main.css
 - spec/support/sinatra-vulnerable/script/console
 - spec/support/sinatra-vulnerable/views/layout.haml
 - spec/support/sinatra-vulnerable/views/root.haml
+- spec/support/sinatra-vulnerable/views/xss.haml
 homepage: http://codesake.com
 licenses: []
 post_install_message: 
@@ -385,7 +463,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4144472411104473385
+      hash: -4262732666483923590
 required_rubygems_version: !ruby/object:Gem::Requirement
   none: false
   requirements:
@@ -394,7 +472,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
       segments:
       - 0
-      hash: 4144472411104473385
+      hash: -4262732666483923590
 requirements: []
 rubyforge_project: 
 rubygems_version: 1.8.25
@@ -405,6 +483,7 @@ summary: dawn is a security static source code analyzer for sinatra, padrino and
 test_files:
 - features/dawn_complains_about_an_incorrect_command_line.feature
 - features/dawn_scan_a_secure_sinatra_app.feature
+- features/dawn_scan_a_vulnerable_sinatra_app.feature
 - features/step_definition/dawn_steps.rb
 - features/support/env.rb
 - spec/lib/dawn/codesake_knowledgebase_spec.rb
@@ -413,7 +492,6 @@ test_files:
 - spec/lib/kb/codesake_cve_2013_0175_spec.rb
 - spec/lib/kb/codesake_ruby_version_check_spec.rb
 - spec/spec_helper.rb
-- spec/support/hello_world_3.0.19/.gitignore
 - spec/support/hello_world_3.0.19/Gemfile
 - spec/support/hello_world_3.0.19/README
 - spec/support/hello_world_3.0.19/Rakefile
@@ -455,7 +533,6 @@ test_files:
 - spec/support/hello_world_3.0.19/test/performance/browsing_test.rb
 - spec/support/hello_world_3.0.19/test/test_helper.rb
 - spec/support/hello_world_3.0.19/vendor/plugins/.gitkeep
-- spec/support/hello_world_3.1.0/.gitignore
 - spec/support/hello_world_3.1.0/Gemfile
 - spec/support/hello_world_3.1.0/README
 - spec/support/hello_world_3.1.0/Rakefile
@@ -502,7 +579,6 @@ test_files:
 - spec/support/hello_world_3.1.0/test/unit/.gitkeep
 - spec/support/hello_world_3.1.0/vendor/assets/stylesheets/.gitkeep
 - spec/support/hello_world_3.1.0/vendor/plugins/.gitkeep
-- spec/support/hello_world_3.2.13/.gitignore
 - spec/support/hello_world_3.2.13/Gemfile
 - spec/support/hello_world_3.2.13/README.rdoc
 - spec/support/hello_world_3.2.13/Rakefile
@@ -552,7 +628,6 @@ test_files:
 - spec/support/hello_world_3.2.13/vendor/plugins/.gitkeep
 - spec/support/lorem.txt
 - spec/support/sinatra-safe/.gems
-- spec/support/sinatra-safe/.gitignore
 - spec/support/sinatra-safe/Gemfile
 - spec/support/sinatra-safe/MIT-LICENSE
 - spec/support/sinatra-safe/README.rdoc
@@ -566,16 +641,17 @@ test_files:
 - spec/support/sinatra-safe/views/layout.haml
 - spec/support/sinatra-safe/views/root.haml
 - spec/support/sinatra-vulnerable/.gems
-- spec/support/sinatra-vulnerable/.gitignore
 - spec/support/sinatra-vulnerable/Gemfile
 - spec/support/sinatra-vulnerable/MIT-LICENSE
 - spec/support/sinatra-vulnerable/README.rdoc
 - spec/support/sinatra-vulnerable/Rakefile
 - spec/support/sinatra-vulnerable/application.rb
 - spec/support/sinatra-vulnerable/config.ru
+- spec/support/sinatra-vulnerable/disabled.png
 - spec/support/sinatra-vulnerable/environment.rb
 - spec/support/sinatra-vulnerable/lib/profile.rb
 - spec/support/sinatra-vulnerable/public/main.css
 - spec/support/sinatra-vulnerable/script/console
 - spec/support/sinatra-vulnerable/views/layout.haml
 - spec/support/sinatra-vulnerable/views/root.haml
+- spec/support/sinatra-vulnerable/views/xss.haml