ruby-zoom 4.3.1 → 4.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: cd252380a5979c6eda76dc1607556ea9b804c71c
4
- data.tar.gz: d2bec9859eab0677bb5ca165dba444ef1d609861
3
+ metadata.gz: 69f08853e0d57951199bd5457687518398ed65eb
4
+ data.tar.gz: 05bc33a3d915ee9a1d4bc819f0943c8de682febc
5
5
  SHA512:
6
- metadata.gz: 5d6383393173db1b54f55c594184034fdef74826cd57eabd04857ca90be37bea62e582dc96fc098502c087cbccf42630e67b8bed9afe9fd329047fe5fdfc2203
7
- data.tar.gz: '034815f2c6302adc1296000654d9d2846c83cb8f27f9a6575b4b99a5d55b05840c7afc603a4aa4d04d41e9f4b06ff858c2b62340fda7e1c647c84134fac2191c'
6
+ metadata.gz: 12dc726079299ef9971130305bfde110b7a96e4384f4718bcbb4a03a7f6bdafbcb13f5586197a77176e36d9778f5322b57f28ccde571f162df98756abfa288f9
7
+ data.tar.gz: 58515511ddba68d407730311e4330b500970fd3b47adcf0652cac6863db61f87a6a6d7e685a217cf91b147901c22bd59c397d99251e4ce93a4ee8ad387eba475
data/bin/z CHANGED
@@ -112,6 +112,13 @@ def parse(args)
112
112
  options["action"] = "rc"
113
113
  end
114
114
 
115
+ opts.on(
116
+ "--secprofs",
117
+ "Create some security related profiles"
118
+ ) do
119
+ options["action"] = "secprofs"
120
+ end
121
+
115
122
  opts.on("", "MISC_OPTIONS")
116
123
 
117
124
  opts.on(
@@ -279,6 +286,8 @@ begin
279
286
  when "rc"
280
287
  zoom.config.default_config
281
288
  zoom.cache.clear
289
+ when "secprofs"
290
+ zoom.config.add_security_profiles
282
291
  when "version"
283
292
  __FILE__.match(/ruby-zoom-(\d+\.\d+\.\d+)/) do |m|
284
293
  puts m[1]
data/bin/zc CHANGED
@@ -112,6 +112,13 @@ def parse(args)
112
112
  options["action"] = "rc"
113
113
  end
114
114
 
115
+ opts.on(
116
+ "--secprofs",
117
+ "Create some security related profiles"
118
+ ) do
119
+ options["action"] = "secprofs"
120
+ end
121
+
115
122
  opts.on("", "MISC_OPTIONS")
116
123
 
117
124
  opts.on(
@@ -279,6 +286,8 @@ begin
279
286
  when "rc"
280
287
  zoom.config.default_config
281
288
  zoom.cache.clear
289
+ when "secprofs"
290
+ zoom.config.add_security_profiles
282
291
  when "version"
283
292
  __FILE__.match(/ruby-zoom-(\d+\.\d+\.\d+)/) do |m|
284
293
  puts m[1]
data/bin/zf CHANGED
@@ -112,6 +112,13 @@ def parse(args)
112
112
  options["action"] = "rc"
113
113
  end
114
114
 
115
+ opts.on(
116
+ "--secprofs",
117
+ "Create some security related profiles"
118
+ ) do
119
+ options["action"] = "secprofs"
120
+ end
121
+
115
122
  opts.on("", "MISC_OPTIONS")
116
123
 
117
124
  opts.on(
@@ -279,6 +286,8 @@ begin
279
286
  when "rc"
280
287
  zoom.config.default_config
281
288
  zoom.cache.clear
289
+ when "secprofs"
290
+ zoom.config.add_security_profiles
282
291
  when "version"
283
292
  __FILE__.match(/ruby-zoom-(\d+\.\d+\.\d+)/) do |m|
284
293
  puts m[1]
data/bin/zg CHANGED
@@ -112,6 +112,13 @@ def parse(args)
112
112
  options["action"] = "rc"
113
113
  end
114
114
 
115
+ opts.on(
116
+ "--secprofs",
117
+ "Create some security related profiles"
118
+ ) do
119
+ options["action"] = "secprofs"
120
+ end
121
+
115
122
  opts.on("", "MISC_OPTIONS")
116
123
 
117
124
  opts.on(
@@ -279,6 +286,8 @@ begin
279
286
  when "rc"
280
287
  zoom.config.default_config
281
288
  zoom.cache.clear
289
+ when "secprofs"
290
+ zoom.config.add_security_profiles
282
291
  when "version"
283
292
  __FILE__.match(/ruby-zoom-(\d+\.\d+\.\d+)/) do |m|
284
293
  puts m[1]
data/bin/zl CHANGED
@@ -112,6 +112,13 @@ def parse(args)
112
112
  options["action"] = "rc"
113
113
  end
114
114
 
115
+ opts.on(
116
+ "--secprofs",
117
+ "Create some security related profiles"
118
+ ) do
119
+ options["action"] = "secprofs"
120
+ end
121
+
115
122
  opts.on("", "MISC_OPTIONS")
116
123
 
117
124
  opts.on(
@@ -279,6 +286,8 @@ begin
279
286
  when "rc"
280
287
  zoom.config.default_config
281
288
  zoom.cache.clear
289
+ when "secprofs"
290
+ zoom.config.add_security_profiles
282
291
  when "version"
283
292
  __FILE__.match(/ruby-zoom-(\d+\.\d+\.\d+)/) do |m|
284
293
  puts m[1]
data/bin/zr CHANGED
@@ -112,6 +112,13 @@ def parse(args)
112
112
  options["action"] = "rc"
113
113
  end
114
114
 
115
+ opts.on(
116
+ "--secprofs",
117
+ "Create some security related profiles"
118
+ ) do
119
+ options["action"] = "secprofs"
120
+ end
121
+
115
122
  opts.on("", "MISC_OPTIONS")
116
123
 
117
124
  opts.on(
@@ -279,6 +286,8 @@ begin
279
286
  when "rc"
280
287
  zoom.config.default_config
281
288
  zoom.cache.clear
289
+ when "secprofs"
290
+ zoom.config.add_security_profiles
282
291
  when "version"
283
292
  __FILE__.match(/ruby-zoom-(\d+\.\d+\.\d+)/) do |m|
284
293
  puts m[1]
@@ -3,6 +3,14 @@ require "json_config"
3
3
  require "scoobydoo"
4
4
 
5
5
  class Zoom::Config < JSONConfig
6
+ def add_security_profiles
7
+ profiles = get("profiles")
8
+ Zoom::ProfileManager::security_profiles.each do |profile|
9
+ profiles[profile.name] = profile
10
+ end
11
+ set("profiles", profiles)
12
+ end
13
+
6
14
  def color(key, value)
7
15
  if (value)
8
16
  validate_color(value)
@@ -22,20 +22,16 @@ class Zoom::Profile < Hash
22
22
 
23
23
  def exe(args, pattern, paths)
24
24
  # Use hard-coded pattern if defined
25
- if (@pattern && !@pattern.empty?)
25
+ if (@pattern && !@pattern.empty? && (pattern != @pattern))
26
26
  args += " #{pattern}"
27
27
  pattern = @pattern
28
28
  end
29
29
 
30
30
  # If not pattern and no after, then return nothing
31
31
  if (pattern.nil? || pattern.empty?)
32
- return "" if (after.nil? || after.empty? || after == ".")
32
+ return "" if (after.nil? || after.empty?)
33
33
  end
34
34
 
35
- # If paths are specified then remove "." for profiles like
36
- # grep
37
- after.gsub!(/^\.\s+/, "") if (!paths.empty?)
38
-
39
35
  # Emulate grep
40
36
  case operator.split("/")[-1]
41
37
  when "ack", "ack-grep"
@@ -61,7 +57,6 @@ class Zoom::Profile < Hash
61
57
  after
62
58
  ].join(" ").strip
63
59
  when "find"
64
- flags.gsub!(/^\.\s+/, "") if (!paths.empty?)
65
60
  cmd = [
66
61
  before,
67
62
  operator,
@@ -76,12 +71,12 @@ class Zoom::Profile < Hash
76
71
  before,
77
72
  operator,
78
73
  "--color=never -EHInRs",
74
+ flags,
75
+ args,
79
76
  "--exclude-dir=.bzr",
80
77
  "--exclude-dir=.git",
81
78
  "--exclude-dir=.git-crypt",
82
79
  "--exclude-dir=.svn",
83
- flags,
84
- args,
85
80
  pattern.shellescape,
86
81
  paths,
87
82
  after
@@ -249,3 +244,8 @@ require "zoom/profile/find"
249
244
  require "zoom/profile/grep"
250
245
  require "zoom/profile/passwords"
251
246
  require "zoom/profile/pt"
247
+ require "zoom/profile/unsafe_c"
248
+ require "zoom/profile/unsafe_java"
249
+ require "zoom/profile/unsafe_js"
250
+ require "zoom/profile/unsafe_php"
251
+ require "zoom/profile/unsafe_python"
@@ -1,5 +1,5 @@
1
1
  class Zoom::Profile::Find < Zoom::Profile
2
- def initialize(n, o = "find", f = ". -name", b = "", a = "")
2
+ def initialize(n, o = "find", f = "-name", b = "", a = "")
3
3
  super(n, o, f, b, a)
4
4
  @taggable = true
5
5
  end
@@ -1,5 +1,5 @@
1
1
  class Zoom::Profile::Grep < Zoom::Profile
2
- def initialize(n, o = "grep", f = "-i", b = "", a = ".")
2
+ def initialize(n, o = "grep", f = "-i", b = "", a = "")
3
3
  super(n, o, f, b, a)
4
4
  @taggable = true
5
5
  end
@@ -1,36 +1,26 @@
1
1
  require "zoom/profile_manager"
2
2
 
3
- case Zoom::ProfileManager.default_profile
4
- when /^ack(-grep)?$/
5
- class Zoom::Profile::Passwords < Zoom::Profile::Ack; end
6
- when "ag"
7
- class Zoom::Profile::Passwords < Zoom::Profile::Ag; end
8
- when "pt"
9
- class Zoom::Profile::Passwords < Zoom::Profile::Pt; end
10
- when "grep"
11
- class Zoom::Profile::Passwords < Zoom::Profile::Grep; end
12
- else
13
- # Shouldn't happen
14
- end
15
-
16
- class Zoom::Profile::Passwords
3
+ clas = Zoom::ProfileManager.default_profile.capitalize
4
+ superclass = Zoom::Profile.profile_by_name("Zoom::Profile::#{clas}")
5
+ class Zoom::Profile::Passwords < superclass
17
6
  def initialize(n, o = nil, f = "", b = "", a = "")
18
- op = Zoom::ProfileManager.default_profile
7
+ # I don't care about test code
19
8
  after = "| \\grep -v \"^[^:]*test[^:]*:[0-9]+:\""
9
+ flags = ""
20
10
 
11
+ op = Zoom::ProfileManager.default_profile
21
12
  case op
22
13
  when /^ack(-grep)?$/
23
- super(n, op, "--smart-case", "", after)
14
+ flags = "--smart-case"
24
15
  when "ag"
25
- super(n, op, "-Su", "", after)
16
+ flags = "-Su"
26
17
  when "pt"
27
- super(n, op, "-SU --hidden", "", after)
18
+ flags = "-SU --hidden"
28
19
  when "grep"
29
- super(n, op, "-ai", "", after)
30
- else
31
- # Shouldn't happen
20
+ flags = "-ai"
32
21
  end
33
22
 
23
+ super(n, op, flags, "", after)
34
24
  @pattern = "(key|pass(word|wd)?)[^:=,>]? *[:=,>]"
35
25
  @taggable = true
36
26
  end
@@ -0,0 +1,40 @@
1
+ require "zoom/profile_manager"
2
+
3
+ clas = Zoom::ProfileManager.default_profile.capitalize
4
+ superclass = Zoom::Profile.profile_by_name("Zoom::Profile::#{clas}")
5
+ class Zoom::Profile::UnsafeC < superclass
6
+ def initialize(n, o = nil, f = "", b = "", a = "")
7
+ # I don't care about test code
8
+ after = "| \\grep -v \"^[^:]*test[^:]*:[0-9]+:\""
9
+ flags = ""
10
+
11
+ op = Zoom::ProfileManager.default_profile
12
+ case op
13
+ when /^ack(-grep)?$/
14
+ flags = "--smart-case --cc --cpp"
15
+ when "ag"
16
+ flags = "-S -G \"\\.(c|h)(pp)?$\""
17
+ when "pt"
18
+ flags = "-S -G \"\\.(c|h)(pp)?$\""
19
+ when "grep"
20
+ flags = "-i --include=\"*.[ch]\" --include=\"*.[ch]pp\""
21
+ end
22
+
23
+ super(n, op, flags, "", after)
24
+ @pattern = [
25
+ "(",
26
+ [
27
+ "_splitpath",
28
+ "ato[fil]",
29
+ "gets",
30
+ "makepath",
31
+ "(sn?)?scanf",
32
+ "str(cat|cpy|len)",
33
+ "v?sprintf"
34
+ ].join("|"),
35
+ ")",
36
+ "\\("
37
+ ].join
38
+ @taggable = true
39
+ end
40
+ end
@@ -0,0 +1,31 @@
1
+ require "zoom/profile_manager"
2
+
3
+ clas = Zoom::ProfileManager.default_profile.capitalize
4
+ superclass = Zoom::Profile.profile_by_name("Zoom::Profile::#{clas}")
5
+ class Zoom::Profile::UnsafeJava < superclass
6
+ def initialize(n, o = nil, f = "", b = "", a = "")
7
+ # I don't care about test code
8
+ after = "| \\grep -v \"^[^:]*test[^:]*:[0-9]+:\""
9
+ flags = ""
10
+
11
+ op = Zoom::ProfileManager.default_profile
12
+ case op
13
+ when /^ack(-grep)?$/
14
+ flags = "--smart-case --java"
15
+ when "ag"
16
+ flags = "-S -G \"\\.(java|properties)$\""
17
+ when "pt"
18
+ flags = "-S -G \"\\.(java|properties)$\""
19
+ when "grep"
20
+ flags = [
21
+ "-i",
22
+ "--include=\"*.java\"",
23
+ "--include=\"*.properties\""
24
+ ].join(" ")
25
+ end
26
+
27
+ super(n, op, flags, "", after)
28
+ @pattern = "(sun\\.misc\\.)?Unsafe|readObject\\(\\)"
29
+ @taggable = true
30
+ end
31
+ end
@@ -0,0 +1,27 @@
1
+ require "zoom/profile_manager"
2
+
3
+ clas = Zoom::ProfileManager.default_profile.capitalize
4
+ superclass = Zoom::Profile.profile_by_name("Zoom::Profile::#{clas}")
5
+ class Zoom::Profile::UnsafeJs < superclass
6
+ def initialize(n, o = nil, f = "", b = "", a = "")
7
+ # I don't care about test code
8
+ after = "| \\grep -v \"^[^:]*test[^:]*:[0-9]+:\""
9
+ flags = ""
10
+
11
+ op = Zoom::ProfileManager.default_profile
12
+ case op
13
+ when /^ack(-grep)?$/
14
+ flags = "--smart-case --js"
15
+ when "ag"
16
+ flags = "-S -G \"\\.js$\""
17
+ when "pt"
18
+ flags = "-S -G \"\\.js$\""
19
+ when "grep"
20
+ flags = "-i --include=\"*.js\""
21
+ end
22
+
23
+ super(n, op, flags, "", after)
24
+ @pattern = "\\.((eval|html)\\(|innerHTML)"
25
+ @taggable = true
26
+ end
27
+ end
@@ -0,0 +1,67 @@
1
+ require "zoom/profile_manager"
2
+
3
+ clas = Zoom::ProfileManager.default_profile.capitalize
4
+ superclass = Zoom::Profile.profile_by_name("Zoom::Profile::#{clas}")
5
+ class Zoom::Profile::UnsafePhp < superclass
6
+ def initialize(n, o = nil, f = "", b = "", a = "")
7
+ # I don't care about test code
8
+ after = "| \\grep -v \"^[^:]*test[^:]*:[0-9]+:\""
9
+ flags = ""
10
+
11
+ op = Zoom::ProfileManager.default_profile
12
+ case op
13
+ when /^ack(-grep)?$/
14
+ flags = "--smart-case --php"
15
+ when "ag"
16
+ flags = "-S -G \"\\.ph(p[345t]?|tml)$\""
17
+ when "pt"
18
+ flags = "-S -G \"\\.ph(p[345t]?|tml)$\""
19
+ when "grep"
20
+ flags = [
21
+ "-i",
22
+ "--include=\"*.php\"",
23
+ "--include=\"*.php[345t]\"",
24
+ "--include=\"*.phtml\""
25
+ ].join(" ")
26
+ end
27
+
28
+ super(n, op, flags, "", after)
29
+ # From here: https://www.eukhost.com/blog/webhosting/dangerous-php-functions-must-be-disabled/
30
+ # OMG is anything safe?!
31
+ @pattern = [
32
+ "\\`|",
33
+ "\\$_GET\\[|",
34
+ "(",
35
+ [
36
+ "apache_(child_terminate|setenv)",
37
+ "assert",
38
+ "create_function",
39
+ "define_syslog_variables",
40
+ "escapeshell(arg|cmd)",
41
+ "eval",
42
+ "fp(ut)?",
43
+ "ftp_(connect|exec|get|login|(nb_f)?put|raw(list)?)",
44
+ "highlight_file",
45
+ "include(_once)?",
46
+ "ini_(alter|get_all|restore)",
47
+ "inject_code",
48
+ "mysql_pconnect",
49
+ "openlog",
50
+ "passthru",
51
+ "pcntl_exec",
52
+ "php_uname",
53
+ "phpAds_(remoteInfo|XmlRpc|xmlrpc(De|En)code)",
54
+ "popen",
55
+ "posix_(getpwuid|kill|mkfifo|set(pg|s|u)id|_uname)",
56
+ "preg_replace",
57
+ "proc_(close|get_status|nice|open|terminate)",
58
+ "require(_once)?",
59
+ "(shell_)?exec",
60
+ "sys(log|tem)",
61
+ "xmlrpc_entity_decode"
62
+ ].join("|"),
63
+ ")\\("
64
+ ].join
65
+ @taggable = true
66
+ end
67
+ end
@@ -0,0 +1,38 @@
1
+ require "zoom/profile_manager"
2
+
3
+ clas = Zoom::ProfileManager.default_profile.capitalize
4
+ superclass = Zoom::Profile.profile_by_name("Zoom::Profile::#{clas}")
5
+ class Zoom::Profile::UnsafePython < superclass
6
+ def initialize(n, o = nil, f = "", b = "", a = "")
7
+ # I don't care about test code
8
+ after = "| \\grep -v \"^[^:]*test[^:]*:[0-9]+:\""
9
+ flags = ""
10
+
11
+ op = Zoom::ProfileManager.default_profile
12
+ case op
13
+ when /^ack(-grep)?$/
14
+ flags = "--smart-case --python"
15
+ when "ag"
16
+ flags = "-S -G \"\\.py$\""
17
+ when "pt"
18
+ flags = "-S -G \"\\.py$\""
19
+ when "grep"
20
+ flags = "-i --include=\"*.py\""
21
+ end
22
+
23
+ super(n, op, flags, "", after)
24
+ @pattern = [
25
+ "(",
26
+ [
27
+ "c?[Pp]ickle\\.loads?",
28
+ "eval",
29
+ "exec",
30
+ "os\\.(popen|system)",
31
+ "subprocess\\.call",
32
+ "yaml\\.load"
33
+ ].join("|"),
34
+ ")\\("
35
+ ].join
36
+ @taggable = true
37
+ end
38
+ end
@@ -40,10 +40,17 @@ class Zoom::ProfileManager
40
40
  end
41
41
  end
42
42
 
43
- profiles["passwords"] = Zoom::Profile::Passwords.new(
44
- "passwords"
45
- )
46
-
47
43
  return profiles
48
44
  end
45
+
46
+ def self.security_profiles
47
+ return [
48
+ Zoom::Profile::Passwords.new("passwords"),
49
+ Zoom::Profile::UnsafeC.new("unsafe_c"),
50
+ Zoom::Profile::UnsafeJava.new("unsafe_java"),
51
+ Zoom::Profile::UnsafeJs.new("unsafe_js"),
52
+ Zoom::Profile::UnsafePhp.new("unsafe_php"),
53
+ Zoom::Profile::UnsafePython.new("unsafe_python")
54
+ ]
55
+ end
49
56
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby-zoom
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.3.1
4
+ version: 4.3.2
5
5
  platform: ruby
6
6
  authors:
7
7
  - Miles Whittaker
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2016-10-27 00:00:00.000000000 Z
11
+ date: 2016-10-29 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: minitest
@@ -174,6 +174,11 @@ files:
174
174
  - lib/zoom/profile/grep.rb
175
175
  - lib/zoom/profile/passwords.rb
176
176
  - lib/zoom/profile/pt.rb
177
+ - lib/zoom/profile/unsafe_c.rb
178
+ - lib/zoom/profile/unsafe_java.rb
179
+ - lib/zoom/profile/unsafe_js.rb
180
+ - lib/zoom/profile/unsafe_php.rb
181
+ - lib/zoom/profile/unsafe_python.rb
177
182
  - lib/zoom/profile_manager.rb
178
183
  - lib/zoom/wish/add_wish.rb
179
184
  - lib/zoom/wish/color_wish.rb