scnr-introspector 0.2 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/scnr/introspector/execution_flow/point.rb +3 -1
- data/lib/scnr/introspector/version +1 -1
- data/lib/scnr/introspector.rb +31 -11
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 8725bd56ebb19d4dc43d75c4c19a2fde62996e6b0df84ac074f7baf5049f95db
|
|
4
|
+
data.tar.gz: b5b35b5cd86bbb75554b2ba8b144f87606b17990c90351df37417f3ec79cd3f2
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2ce2e0fa5215945851e1249a00f258a9ad542e090fe5f64402d2f804e1944f472c46438468a86b3fbf6cbb7d2e4aa2a092b89f5a7d50a90b92007b9a1bd1ca88
|
|
7
|
+
data.tar.gz: 5f281728c6423aa8222eb3b362dbac6a5715c60361a8d52666ea37a9b075542bac4fa4342e3b26e2aff80bb57bedaa7da44c8eb57ffc8e56cfb26467c3018b6d
|
|
@@ -29,6 +29,7 @@ class Point
|
|
|
29
29
|
attr_accessor :event
|
|
30
30
|
|
|
31
31
|
attr_accessor :source
|
|
32
|
+
attr_accessor :file_contents
|
|
32
33
|
|
|
33
34
|
# @param [Hash] options
|
|
34
35
|
def initialize( options = {} )
|
|
@@ -81,7 +82,8 @@ class Point
|
|
|
81
82
|
class_name: defined_class,
|
|
82
83
|
method_name: tp.method_id,
|
|
83
84
|
event: tp.event,
|
|
84
|
-
source: source_line( tp.path, tp.lineno )
|
|
85
|
+
source: source_line( tp.path, tp.lineno ),
|
|
86
|
+
file_contents: IO.read( tp.path )
|
|
85
87
|
})
|
|
86
88
|
end
|
|
87
89
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
0.
|
|
1
|
+
0.3.0
|
data/lib/scnr/introspector.rb
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
require 'rbconfig'
|
|
2
2
|
require 'securerandom'
|
|
3
3
|
require 'rack/utils'
|
|
4
|
+
require 'base64'
|
|
4
5
|
require 'pp'
|
|
5
6
|
|
|
6
7
|
module SCNR
|
|
@@ -50,15 +51,15 @@ EORUBY
|
|
|
50
51
|
end
|
|
51
52
|
|
|
52
53
|
def taint_seed=( t )
|
|
53
|
-
|
|
54
|
+
Thread.current[:taint] = t
|
|
54
55
|
end
|
|
55
56
|
|
|
56
57
|
def taint_seed
|
|
57
|
-
|
|
58
|
+
Thread.current[:taint]
|
|
58
59
|
end
|
|
59
60
|
|
|
60
61
|
def data_flows
|
|
61
|
-
|
|
62
|
+
Thread.current[:data_flows] ||= {}
|
|
62
63
|
end
|
|
63
64
|
|
|
64
65
|
def synchronize( &block )
|
|
@@ -71,6 +72,12 @@ EORUBY
|
|
|
71
72
|
end
|
|
72
73
|
end
|
|
73
74
|
|
|
75
|
+
def flush_sinks( taint )
|
|
76
|
+
synchronize do
|
|
77
|
+
self.data_flows.delete taint
|
|
78
|
+
end
|
|
79
|
+
end
|
|
80
|
+
|
|
74
81
|
def filter_caller( a )
|
|
75
82
|
dir = File.dirname( __FILE__ )
|
|
76
83
|
a.reject do |c|
|
|
@@ -79,7 +86,7 @@ EORUBY
|
|
|
79
86
|
end
|
|
80
87
|
|
|
81
88
|
def find_and_log_taint( object, method, method_source_location, args )
|
|
82
|
-
taint =
|
|
89
|
+
taint = self.taint_seed
|
|
83
90
|
return if !taint
|
|
84
91
|
|
|
85
92
|
tainted = find_taint_in_arguments( taint, args )
|
|
@@ -204,10 +211,13 @@ EORUBY
|
|
|
204
211
|
info << :platforms
|
|
205
212
|
|
|
206
213
|
if env.delete( 'HTTP_X_SCNR_INTROSPECTOR_TRACE' )
|
|
207
|
-
info << :data_flow
|
|
208
214
|
info << :execution_flow
|
|
209
215
|
end
|
|
210
216
|
|
|
217
|
+
if env['HTTP_X_SCNR_INTROSPECTOR_TAINT']
|
|
218
|
+
info << :data_flow
|
|
219
|
+
end
|
|
220
|
+
|
|
211
221
|
inject( env, info )
|
|
212
222
|
|
|
213
223
|
rescue => e
|
|
@@ -217,7 +227,12 @@ EORUBY
|
|
|
217
227
|
|
|
218
228
|
def inject( env, info = [] )
|
|
219
229
|
self.class.taint_seed = env.delete( 'HTTP_X_SCNR_INTROSPECTOR_TAINT' )
|
|
220
|
-
|
|
230
|
+
if self.class.taint_seed
|
|
231
|
+
self.class.taint_seed = Base64.decode64( self.class.taint_seed )
|
|
232
|
+
self.class.taint_seed = nil if self.class.taint_seed.empty?
|
|
233
|
+
end
|
|
234
|
+
|
|
235
|
+
seed = env.delete( 'HTTP_X_SCNR_ENGINE_SCAN_SEED' )
|
|
221
236
|
|
|
222
237
|
data = {}
|
|
223
238
|
|
|
@@ -245,20 +260,25 @@ EORUBY
|
|
|
245
260
|
end
|
|
246
261
|
|
|
247
262
|
if info.include?( :data_flow ) && self.class.taint_seed
|
|
248
|
-
data['data_flow'] = self.class.
|
|
263
|
+
data['data_flow'] = self.class.flush_sinks( self.class.taint_seed )&.to_rpc_data
|
|
249
264
|
end
|
|
250
265
|
|
|
251
266
|
code = response.shift
|
|
252
267
|
headers = response.shift
|
|
253
268
|
body = response.shift
|
|
254
|
-
body = body.respond_to?( :body ) ? body.body : body
|
|
255
269
|
|
|
256
|
-
|
|
257
|
-
|
|
270
|
+
if headers['Content-Type'] && headers['Content-Type'].include?( 'html' )
|
|
271
|
+
body = body.respond_to?( :body ) ? body.body : body
|
|
272
|
+
body = [body].flatten
|
|
273
|
+
body << "<!-- #{seed}\n#{JSON.dump( data )}\n#{seed} -->"
|
|
258
274
|
|
|
259
|
-
|
|
275
|
+
headers['Content-Length'] = body.map(&:bytesize).inject(:+)
|
|
276
|
+
end
|
|
260
277
|
|
|
261
278
|
[code, headers, [body].flatten ]
|
|
279
|
+
rescue => e
|
|
280
|
+
pp e
|
|
281
|
+
pp e.backtrace
|
|
262
282
|
end
|
|
263
283
|
|
|
264
284
|
def platforms
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: scnr-introspector
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version:
|
|
4
|
+
version: 0.3.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Tasos Laskos
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2025-01-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|