lint_fu 0.5.0 → 0.5.3

data/lib/lint_fu/plugins/rails/model_application.rb

@@ -0,0 +1,21 @@
+module LintFu::Plugins
+  module Rails
+    class ModelApplication
+      attr_reader :fs_root
+      
+      include LintFu::EidosContainer
+
+      def initialize(fs_root)
+        @fs_root = fs_root
+      end
+
+      def controllers
+        eide.select { |m| m.kind_of?(LintFu::Plugins::ActionPack::ControllerEidos) }
+      end
+
+      def models
+        eide.select { |m| m.kind_of?(LintFu::Plugins::ActiveRecord::ModelEidos) }
+      end
+    end
+  end
+end

data/lib/lint_fu/plugins/rails/model_application_factory.rb

@@ -0,0 +1,31 @@
+module LintFu::Plugins
+  module Rails
+    class ModelApplicationFactory < LintFu::EidosBuilder
+      def initialize(fs_root)
+        super
+        @application = ModelApplication.new(fs_root)
+        self.eide << @application
+      end
+
+      def build
+        models_dir = File.join(@application.fs_root, 'app', 'models')
+        builder = LintFu::Plugins::ActiveRecord::ModelEidosBuilder.new
+        #TODO ensure the Rails app is using ActiveRecord
+        Dir.glob(File.join(models_dir, '**', '*.rb')).each do |f|
+          sexp = LintFu::Parser.parse_ruby(f)
+          builder.process(sexp)
+        end
+        builder.eide.each { |elem| @application.add_eidos(elem) }
+
+        controllers_dir = File.join(@application.fs_root, 'app', 'controllers')
+        builder = ActionPack::ControllerEidosBuilder.new
+        Dir.glob(File.join(controllers_dir, '**', '*.rb')).each do |f|
+          sexp = LintFu::Parser.parse_ruby(f)
+          sexp.file = f
+          builder.process(sexp)
+        end
+        builder.eide.each { |elem| @application.add_eidos(elem) }
+      end
+    end
+  end
+end

data/lib/lint_fu/{rails → plugins/rails}/sql_injection_checker.rb

@@ -1,6 +1,6 @@
-module LintFu
+module LintFu::Plugins
   module Rails
-    class SqlInjection < Issue
+    class SqlInjection < LintFu::Issue
       def initialize(scan, file, sexp, subject, confidence=1.0)
         super(scan, file, sexp, confidence)
         @subject = subject
@@ -44,7 +44,7 @@ EOF
 
     # Visit a Rails controller looking for ActiveRecord queries that contain interpolated
     # strings. 
-    class SqlInjectionChecker < Checker
+    class SqlInjectionChecker < LintFu::Checker
       FINDER_REGEXP = /^(find|first|all)(_or_initialize)?(_by_.*_id)?/
       SINK_OPTIONS  = Set.new([:conditions, :select, :order, :group, :from, :include, :join])
       
@@ -55,30 +55,34 @@ EOF
       end
 
       def observe_class_begin(sexp)
+        super(sexp)
         @class_definition_scope.push sexp
       end
 
       def observe_class_end(sexp)
+        super(sexp)
         @class_definition_scope.pop
       end
 
       def observe_defn_begin(sexp)
-        
+        super(sexp)
         @in_method = true
       end
 
       def observe_defn_end(sexp)
+        super(sexp)
         @in_method = false
       end
 
       def observe_call(sexp)
+        super(sexp)
         return if @class_definition_scope.empty? || !@in_method
 
         call    = sexp[2].to_s
         arglist = sexp[3]
 
         tp = tainted_params(arglist)
-        if finder?(call) && !tp.empty?
+        if finder?(call) && !tp.empty? && !suppressed?(UnsafeFind)
           scan.issues << SqlInjection.new(scan, self.file, sexp, tp[0].to_ruby_string, @base_confidence)
         end
       end

data/lib/lint_fu/{rails → plugins/rails}/unsafe_find_checker.rb

@@ -1,6 +1,6 @@
-module LintFu
+module LintFu::Plugins
   module Rails
-    class UnsafeFind < Issue
+    class UnsafeFind < LintFu::Issue
       def initialize(scan, file, sexp, subject)
         super(scan, file, sexp)
         @subject = subject
@@ -55,64 +55,51 @@ EOF
     # Visit a Rails controller looking for ActiveRecord finders being called in a way that
     # might allow an attacker to perform unauthorized operations on resources, e.g. creating,
     # updating or deleting someone else's records.
-    class UnsafeFindChecker < Checker
+    class UnsafeFindChecker < LintFu::Checker
       FINDER_REGEXP  = /^(find|first|all)(_or_initialize)?(_by_.*_id)?/
-
-      #sexp:: s(:class, <class_name>, <superclass>, s(:scope, <class_definition>))
-      def observe_class_begin(sexp)
-        #TODO get rid of RightScale-specific assumption
-        @in_admin_controller = !!(sexp[1].to_ruby_string =~ /^Admin/)
-      end
-
-      #sexp:: s(:class, <class_name>, <superclass>, s(:scope, <class_definition>))
-      def observe_class_end(sexp)
-        @in_admin_controller = false
-      end
+      #TODO: make this tunable, also expose it to the user to make sure it's appropriate!!
+      SAFE_INSTANCE_METHODS = [:current_user, :current_account]
 
       #sexp:: s(:call, <target>, <method_name>, s(:arglist))
       def observe_call(sexp)
+        super(sexp)
         check_suspicious_finder(sexp)
       end
 
       protected
 
       def check_suspicious_finder(sexp)
-        return if @in_admin_controller
-
         #sexp:: :call, <target>, <method_name>, <argslist...>
         if (sexp[1] != nil) && (sexp[1][0] == :const || sexp[1][0] == :colon2)
           name = sexp[1].to_ruby_string
           type = self.context.models.detect { |m| m.modeled_class_name == name }
           call   = sexp[2].to_s
           params = sexp[3]
-          if finder?(type, call) && !params.constant? && !sexp_contains_scope?(params)
+          if finder?(type, call) && !params.constant? &&
+             !safely_scoped?(params) && !suppressed?(UnsafeFind)
             scan.issues << UnsafeFind.new(scan, self.file, sexp, params.to_ruby_string)
           end
-        end        
+        end
       end
 
       def finder?(type, call)
-        type.kind_of?(LintFu::ActiveRecord::ModelModel) &&
+        type.kind_of?(LintFu::Plugins::ActiveRecord::ModelEidos) &&
                      ( call =~ FINDER_REGEXP || type.associations.has_key?(call) )
       end
 
-      def sexp_contains_scope?(sexp)
+      def safely_scoped?(sexp)
         return false if !sexp.kind_of?(Sexp) || sexp.empty?
+        return true if sexp.constant?
         
-        sexp_type = sexp[0]
-
-        #If calling a method -- check to see if we're accessing a current_* method
-        if (sexp_type == :call) && (sexp[1] == nil)
+        #Some local methods introduce safe scope
+        if (sexp[0] == :call)
           #TODO get rid of RightScale-specific assumptions
-          return true if (sexp[2] == :current_user)
-          return true if (sexp[2] == :current_account)
+          return true if sexp[1].nil? && SAFE_INSTANCE_METHODS.include?(sexp[2])
         end
 
-        #Generic case: check all subexpressions of the sexp
+        #Generic case: check that all subexpressions of the sexp are safely scoped
         sexp.each do |subexp|
-          if subexp.kind_of?(Sexp)
-            return true if sexp_contains_scope?(subexp)            
-          end
+          return false if subexp.kind_of?(Sexp) && !safely_scoped?(subexp)
         end
 
         return false

data/lib/lint_fu/plugins/rails.rb

@@ -0,0 +1,29 @@
+require 'lint_fu/plugins/action_pack'
+require 'lint_fu/plugins/active_record'
+
+require 'lint_fu/plugins/rails/model_application'
+require 'lint_fu/plugins/rails/model_application_factory'
+require 'lint_fu/plugins/rails/buggy_eager_load_checker'
+require 'lint_fu/plugins/rails/sql_injection_checker'
+require 'lint_fu/plugins/rails/unsafe_find_checker'
+require 'lint_fu/plugins/rails/issue_builder'
+
+module LintFu::Plugins
+  module Rails
+    def self.applies_to?(dir)
+      File.exist?(File.join(dir, 'app')) &&
+      File.exist?(File.join(dir, 'config', 'environments')) &&
+      File.exist?(File.join(dir, 'config', 'environment.rb'))
+    end
+
+    def self.context_builder_for(dir)
+      return nil unless applies_to?(dir)
+      ModelApplicationFactory.new(dir)
+    end
+
+    def self.issue_builder_for(dir)
+      return nil unless applies_to?(dir)
+      IssueBuilder.new(dir)
+    end
+  end
+end

data/lib/lint_fu/plugins.rb

@@ -0,0 +1,11 @@
+#Ensure the module's namespace exists, so plugin authors can
+#abbreviate the namespace decls in their files.
+module LintFu
+  module Plugins
+  end
+end
+
+plugins_dir = File.expand_path('../plugins', __FILE__)
+Dir[File.join(plugins_dir, '*.rb')].each do |file|
+  require file
+end

data/lib/lint_fu/scan.rb

@@ -2,10 +2,6 @@ module LintFu
   class ScanNotFinalized < Exception; end
   
   class Scan
-    COMMENT                  = /^\s*#/
-    VERBOSE_BLESSING_COMMENT = /#\s*(lint|security)\s*[-:]\s*not\s*a?n?\s*([a-z0-9 ]*) ?(as|because|;)\s*(.*)/i
-    BLESSING_COMMENT         = /#\s*(lint|security)\s*[-:]\s*not\s*a?n?\s*([a-z0-9 ]*)/i
-
     attr_reader :fs_root, :issues
 
     def initialize(fs_root)
@@ -14,51 +10,7 @@ module LintFu
     end
 
     def blessed?(issue)
-      comments = preceeding_comments(issue.sexp)
-      return false unless comments
-
-      match = nil
-      comments.each do |line|
-        match = VERBOSE_BLESSING_COMMENT.match(line)
-        match = BLESSING_COMMENT.match(line) unless match
-        break if match
-      end
-
-      return false unless match
-      blessed_issue_class = match[2].downcase.split(/\s+/).join('_').camelize
-
-      # Determine whether the blessed issue class appears anywhere in the class hierarchy of
-      # issue_class.
-      klass = issue.class
-      while klass
-        return true if klass.name.index(blessed_issue_class)
-        klass = klass.superclass
-      end
-
-      return false
+      issue.sexp.blessings.any? { |b| b.issue_class = issue.class }
     end
-
-    def preceeding_comments(sexp)
-      @file_contents ||= {}
-      @file_contents[sexp.file] ||= File.readlines(sexp.file)
-      cont = @file_contents[sexp.file]
-
-      comments = ''
-
-      max_line = sexp.line - 1 - 1
-      max_line = 0 if max_line < 0
-      min_line = max_line
-
-      while cont[min_line] =~ COMMENT && min_line >= 0
-        min_line -= 1
-      end
-
-      if cont[max_line] =~ COMMENT
-        min_line +=1 unless min_line == max_line
-        return cont[min_line..max_line]
-      else
-        return nil
-      end
-    end    
   end
 end

data/lib/lint_fu.rb

@@ -4,10 +4,11 @@ require 'digest/md5'
 require 'digest/sha1'
 
 # Activate the various gems we depend on
-require 'active_support'
+require 'trollop'
 require 'ruby_parser'
 require 'sexp_processor'
 require 'ruby2ruby'
+require 'active_support'
 require 'builder'
 require 'redcloth'
 
@@ -15,20 +16,24 @@ require 'redcloth'
 require 'lint_fu/mixins'
 
 # Core lint-fu sources
+require 'lint_fu/file_range'
 require 'lint_fu/parser'
-require 'lint_fu/model_element'
-require 'lint_fu/model_element_builder'
+require 'lint_fu/eidos'
+require 'lint_fu/eidos_container'
+require 'lint_fu/eidos_builder'
 require 'lint_fu/source_control_provider'
 require 'lint_fu/issue'
+require 'lint_fu/blessing'
 require 'lint_fu/checker'
 require 'lint_fu/visitor'
 require 'lint_fu/scan'
 require 'lint_fu/report'
 
-# lint-fu source control providers
+# source control providers
 require 'lint_fu/source_control/git'
 
-# lint-fu plugins
-require 'lint_fu/active_record'
-require 'lint_fu/action_pack'
-require 'lint_fu/rails'
+# plugins
+require 'lint_fu/plugins'
+
+# command line interface
+require 'lint_fu/cli'

data/lint_fu.gemspec

@@ -1,4 +1,4 @@
-# -*- encoding: utf-8 -*-
+# -*- mode: ruby; encoding: utf-8 -*-
 
 require 'rubygems'
 
@@ -7,7 +7,7 @@ spec = Gem::Specification.new do |s|
   s.required_ruby_version = Gem::Requirement.new(">= 1.8.7")
 
   s.name    = 'lint_fu'
-  s.version = '0.5.0'
+  s.version = '0.5.3'
   s.date    = '2011-02-19'
 
   s.authors = ['Tony Spataro']
@@ -17,10 +17,18 @@ spec = Gem::Specification.new do |s|
   s.summary = %q{Security scanner that performs static analysis of Ruby code.}
   s.description = %q{This tool helps identify bugs in your code. It is Rails-centric but its modular design allows support for other application frameworks.}
 
+  s.add_runtime_dependency('trollop', [">= 1.16.0"])
   s.add_runtime_dependency('ruby_parser', ["~> 2.0"])
   s.add_runtime_dependency('ruby2ruby', ["~> 1.2"])
   s.add_runtime_dependency('activesupport', ["~> 2.3"])
+  s.add_runtime_dependency('builder', ["~> 2.1"])
+  s.add_runtime_dependency('RedCloth', ["~> 4.2"])
 
+  s.add_development_dependency('rake', [">= 0.8.7"])
+  s.add_development_dependency('ruby-debug', [">= 0.10.3"])
+  s.add_development_dependency('rspec', ["~> 1.3"])
+  s.add_development_dependency('flexmock', ["~> 0.8"])
+  
   s.executables = ["lint_fu"]
 
   candidates = ['lint_fu.gemspec', 'MIT-LICENSE', 'README.rdoc'] +
@@ -28,8 +36,3 @@ spec = Gem::Specification.new do |s|
                Dir['bin/*']  
   s.files = candidates.sort
 end
-
-if $PROGRAM_NAME == __FILE__
-   Gem.manage_gems if Gem::RubyGemsVersion.to_f < 1.0
-   Gem::Builder.new(spec).build
-end

metadata

@@ -1,13 +1,13 @@
 --- !ruby/object:Gem::Specification 
 name: lint_fu
 version: !ruby/object:Gem::Version 
-  hash: 11
+  hash: 13
   prerelease: false
   segments: 
   - 0
   - 5
-  - 0
-  version: 0.5.0
+  - 3
+  version: 0.5.3
 platform: ruby
 authors: 
 - Tony Spataro
@@ -19,9 +19,25 @@ date: 2011-02-19 00:00:00 -08:00
 default_executable: 
 dependencies: 
 - !ruby/object:Gem::Dependency 
-  name: ruby_parser
+  name: trollop
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 87
+        segments: 
+        - 1
+        - 16
+        - 0
+        version: 1.16.0
+  type: :runtime
+  version_requirements: *id001
+- !ruby/object:Gem::Dependency 
+  name: ruby_parser
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -32,11 +48,11 @@ dependencies:
         - 0
         version: "2.0"
   type: :runtime
-  version_requirements: *id001
+  version_requirements: *id002
 - !ruby/object:Gem::Dependency 
   name: ruby2ruby
   prerelease: false
-  requirement: &id002 !ruby/object:Gem::Requirement 
+  requirement: &id003 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -47,11 +63,11 @@ dependencies:
         - 2
         version: "1.2"
   type: :runtime
-  version_requirements: *id002
+  version_requirements: *id003
 - !ruby/object:Gem::Dependency 
   name: activesupport
   prerelease: false
-  requirement: &id003 !ruby/object:Gem::Requirement 
+  requirement: &id004 !ruby/object:Gem::Requirement 
     none: false
     requirements: 
     - - ~>
@@ -62,7 +78,99 @@ dependencies:
         - 3
         version: "2.3"
   type: :runtime
-  version_requirements: *id003
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: builder
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 1
+        segments: 
+        - 2
+        - 1
+        version: "2.1"
+  type: :runtime
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: RedCloth
+  prerelease: false
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 31
+        segments: 
+        - 4
+        - 2
+        version: "4.2"
+  type: :runtime
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: rake
+  prerelease: false
+  requirement: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 49
+        segments: 
+        - 0
+        - 8
+        - 7
+        version: 0.8.7
+  type: :development
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency 
+  name: ruby-debug
+  prerelease: false
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 49
+        segments: 
+        - 0
+        - 10
+        - 3
+        version: 0.10.3
+  type: :development
+  version_requirements: *id008
+- !ruby/object:Gem::Dependency 
+  name: rspec
+  prerelease: false
+  requirement: &id009 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 9
+        segments: 
+        - 1
+        - 3
+        version: "1.3"
+  type: :development
+  version_requirements: *id009
+- !ruby/object:Gem::Dependency 
+  name: flexmock
+  prerelease: false
+  requirement: &id010 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 27
+        segments: 
+        - 0
+        - 8
+        version: "0.8"
+  type: :development
+  version_requirements: *id010
 description: This tool helps identify bugs in your code. It is Rails-centric but its modular design allows support for other application frameworks.
 email: code@tracker.xeger.net
 executables: 
@@ -76,28 +184,36 @@ files:
 - README.rdoc
 - bin/lint_fu
 - lib/lint_fu.rb
-- lib/lint_fu/action_pack.rb
-- lib/lint_fu/action_pack/model_controller.rb
-- lib/lint_fu/action_pack/model_controller_builder.rb
-- lib/lint_fu/active_record.rb
-- lib/lint_fu/active_record/model_model.rb
-- lib/lint_fu/active_record/model_model_builder.rb
+- lib/lint_fu/blessing.rb
 - lib/lint_fu/checker.rb
+- lib/lint_fu/cli.rb
+- lib/lint_fu/cli/command.rb
+- lib/lint_fu/cli/prune.rb
+- lib/lint_fu/cli/scan.rb
+- lib/lint_fu/eidos.rb
+- lib/lint_fu/eidos_builder.rb
+- lib/lint_fu/eidos_container.rb
+- lib/lint_fu/file_range.rb
 - lib/lint_fu/issue.rb
 - lib/lint_fu/mixins.rb
 - lib/lint_fu/mixins/file_class_methods.rb
 - lib/lint_fu/mixins/sexp_instance_methods.rb
 - lib/lint_fu/mixins/symbol_instance_methods.rb
-- lib/lint_fu/model_element.rb
-- lib/lint_fu/model_element_builder.rb
 - lib/lint_fu/parser.rb
-- lib/lint_fu/rails.rb
-- lib/lint_fu/rails/buggy_eager_load_checker.rb
-- lib/lint_fu/rails/model_application.rb
-- lib/lint_fu/rails/model_application_builder.rb
-- lib/lint_fu/rails/scan_builder.rb
-- lib/lint_fu/rails/sql_injection_checker.rb
-- lib/lint_fu/rails/unsafe_find_checker.rb
+- lib/lint_fu/plugins.rb
+- lib/lint_fu/plugins/action_pack.rb
+- lib/lint_fu/plugins/action_pack/controller_eidos.rb
+- lib/lint_fu/plugins/action_pack/controller_eidos_builder.rb
+- lib/lint_fu/plugins/active_record.rb
+- lib/lint_fu/plugins/active_record/model_eidos.rb
+- lib/lint_fu/plugins/active_record/model_eidos_builder.rb
+- lib/lint_fu/plugins/rails.rb
+- lib/lint_fu/plugins/rails/buggy_eager_load_checker.rb
+- lib/lint_fu/plugins/rails/issue_builder.rb
+- lib/lint_fu/plugins/rails/model_application.rb
+- lib/lint_fu/plugins/rails/model_application_factory.rb
+- lib/lint_fu/plugins/rails/sql_injection_checker.rb
+- lib/lint_fu/plugins/rails/unsafe_find_checker.rb
 - lib/lint_fu/report.rb
 - lib/lint_fu/scan.rb
 - lib/lint_fu/source_control/git.rb