scnr-introspector 0.1

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 5682baf4ae51753f560e40d01c437b110fb798e9dda4e780799832e397177597
+  data.tar.gz: 6ccac3fd0802d210ae62105c97a27b407337df4a5460e556836201744f6f54c4
+SHA512:
+  metadata.gz: b3256314a27a42c47c2e37b770d953827d487db5cb91f5fb01895a865bebfe7eff0078b435143575d56dbcc11d43accefcabc57ff35891d38d0631c96fc5f86b
+  data.tar.gz: cb0d31f2ad427fc23f04b13092dabf0d801badee3f4cedd41f06a1376535ad254055fca29f6c81ac2cf65ad1b3a696838497777108404c3fdd0d31154c1f2b3d

data/lib/scnr/introspector/coverage/resource/line.rb

@@ -0,0 +1,88 @@
+module SCNR
+class Introspector
+class Coverage
+class Resource
+
+class Line
+
+    # @return   [Integer]
+    #   Line number.
+    attr_accessor :number
+
+    # @return   [String]
+    #   Line content.
+    attr_accessor :content
+
+    # @return   [Resource]
+    #   Resource containing `self`.
+    attr_accessor :resource
+
+    # @return   [nil, Integer]
+    #   Amount of times this line was executed:
+    #
+    #   * `nil` -- {#skipped? Skipped}, irrelevant code.
+    #   * `0` -- {#missed? Missed}, line wasn't executed.
+    #   *  `>= 1` -- {#hit? Hit}, line was executed.
+    attr_accessor :hits
+
+    # @param    [Hash]  options
+    # @option   options [Resource]   :resource
+    # @option   options [Integer]   :number
+    # @option   options [String]   :content
+    # @option   options [nil, Integer]   :his
+    def initialize( options = {} )
+        @resource = options[:resource]
+        fail ArgumentError, 'Missing :resource' if !@resource
+
+        @number = options[:number]
+        fail ArgumentError, 'Missing :number' if !@number.is_a?( Integer )
+
+        @content = options[:content]
+        fail ArgumentError, 'Missing :content' if !@content
+
+        @hits = options[:hits]
+    end
+
+    # @return   [Bool]
+    #   `true` if the line is irrelevant to the coverage, `false` otherwise.
+    def skipped?
+        @hits.nil?
+    end
+
+    # @return   [Bool]
+    #   `true` if the line wasn't executed, `false` otherwise.
+    def missed?
+        @hits == 0
+    end
+
+    # @return   [Bool]
+    #   `true` if the line was executed, `false` otherwise.
+    def hit?
+        @hits.to_i > 0
+    end
+
+    # @return   [Symbol]
+    #   * `:skipped` if {#skipped?}.
+    #   * `:missed` if {#missed?}.
+    #   * `:hit` if {#hit?}.
+    def state
+        [:skipped, :missed, :hit].each do |possible_state|
+            return possible_state if send("#{possible_state}?")
+        end
+    end
+
+    # @param    [Integer]   count
+    #   Register `count` amount of hits.
+    def hit( count )
+        return if !count
+
+        @hits ||= 0
+        @hits += count
+    end
+
+end
+
+end
+end
+end
+end

data/lib/scnr/introspector/coverage/resource.rb

@@ -0,0 +1,90 @@
+require 'scnr/introspector/coverage/resource/line'
+
+module SCNR
+class Introspector
+class Coverage
+
+class Resource
+
+    # @return   [String]
+    attr_reader   :path
+
+    # @return   [Array<Line>]
+    attr_accessor :lines
+
+    # @param    [String]    path
+    #   Path to the resource.
+    def initialize( path )
+        @path  = path
+        @lines = []
+
+        IO.binread( path ).lines.each.with_index do |line, number|
+            @lines << Line.new(
+                number:   number,
+                content:  line.rstrip,
+                resource: self
+            )
+        end
+    end
+
+    # @param    [Integer]   line_number
+    #   Number of the line to return (0-indexed).
+    #
+    # @return   [Line]
+    def []( line_number )
+        @lines[line_number]
+    end
+
+    # @return   [Array<Line>]
+    #   {Line#hit? Hit} lines.
+    def hit_lines
+        lines.select(&:hit?)
+    end
+
+    # @return   [Array<Line>]
+    #   {Line#missed? Missed} lines.
+    def missed_lines
+        lines.select(&:missed?)
+    end
+
+    # @return   [Array<Line>]
+    #   {Line#skipped? Skipped} lines.
+    def skipped_lines
+        lines.select(&:skipped?)
+    end
+
+    # @return   [Array<Line>]
+    #   Lines which should be considered in coverage (i.e. all lines except for
+    #   {#skipped_lines}).
+    def included_lines
+        lines - skipped_lines
+    end
+
+    # @return   [Float]
+    #   Percentage of {#hit_line}s.
+    def hit_percentage
+        return 100.0 if empty?
+
+        lines_to_include = Float(lines.size - skipped_lines.size)
+        return 100.0 if lines_to_include == 0
+
+        (hit_lines.size / lines_to_include) * 100.0
+    end
+
+    # @return   [Float]
+    #   Percentage of {#missed_line}s.
+    def miss_percentage
+        100.0 - hit_percentage
+    end
+
+    # @return   [Bool]
+    #   `true` if {#lines} are empty, `false` otherwise.
+    def empty?
+        lines.empty?
+    end
+
+end
+
+end
+end
+end

data/lib/scnr/introspector/coverage.rb

@@ -0,0 +1,102 @@
+require 'coverage'
+require 'scnr/introspector/coverage/resource'
+
+module SCNR
+class Introspector
+class Coverage
+
+    class <<self
+
+        # @note Enabling scan coverage may cause segfaults depending on
+        #   interpreter version and web application type.
+        #
+        # Enables coverage tracking for all subsequently required source files.
+        def enable
+            ::Coverage.start
+            @enabled = true
+        end
+
+        # @return   [Bool]
+        #   `true` if coverage has been {#enabled}, `false` otherwise.
+        def enabled?
+            !!@enabled
+        end
+    end
+
+    class Scope < Introspector::Scope
+    end
+
+    # @return   [Scope]
+    attr_accessor :scope
+
+    # @return   [Hash<String, Resource>]
+    #   All in-scope web application resources, per path.
+    attr_reader   :resources
+
+    # @param    [Hash]  options
+    # @option   options     [Scope,Hash,nil]    :scope
+    #   * {Scope}:  Configured {Scope} to use.
+    #   * `Hash`:  `Hash` to use for {Scope#initialize}.
+    #   * `nil`:  Will default to an empty {Scope}.
+    #
+    # @raise    [Introspector::Scope::Error::Invalid]
+    #   On unsupported `:scope` option.
+    def initialize( options = {} )
+        options = options.dup
+
+        if (scope = options.delete(:scope)).is_a? Scope
+            @scope = scope
+        elsif scope.is_a? Hash
+            @scope = Scope.new( scope )
+        elsif scope.nil?
+            @scope = Scope.new
+        else
+            fail Scope::Error::Invalid
+        end
+
+        @resources = {}
+    end
+
+    def retrieve_results
+        import_native( ::Coverage.result )
+    end
+
+    def import_native( coverage )
+        coverage.each do |path, lines|
+            next if @scope.out?( path )
+
+            @resources[path] ||= Resource.new( path )
+
+            lines.each.with_index do |hits, line_number|
+                @resources[path][line_number].hit( hits )
+            end
+        end
+
+        self
+    end
+
+    # @return   [Float]
+    #   Percentage of coverage for all application resources which are within scope.
+    def percentage
+        return 100.0 if resources.empty?
+
+        total_coverages = 0
+        resources.each do |_, resource|
+            total_coverages += resource.hit_percentage
+        end
+
+        total_coverages / resources.size
+    end
+
+    def hash
+        [resources, scope].hash
+    end
+
+    def ==( other )
+        hash == other.hash
+    end
+
+end
+
+end
+end

data/lib/scnr/introspector/data_flow/scope.rb

@@ -0,0 +1,11 @@
+module SCNR
+class Introspector
+class DataFlow
+
+class Scope < Introspector::Scope
+end
+
+end
+end
+
+end

data/lib/scnr/introspector/data_flow/sink.rb

@@ -0,0 +1,54 @@
+module SCNR
+class Introspector
+class DataFlow
+
+class Sink
+
+    attr_accessor :object
+
+    attr_accessor :method_name
+
+    attr_accessor :arguments
+
+    attr_accessor :tainted_argument_index
+
+    attr_accessor :tainted_value
+
+    attr_accessor :backtrace
+
+    # @param    [Hash]  options
+    def initialize( options = {} )
+        options.each do |k, v|
+            next if v.nil?
+
+            send( "#{k}=", v )
+        end
+    end
+
+    def marshal_dump
+        instance_variables.inject( {} ) do |h, iv|
+            h[iv.to_s.gsub('@','')] = instance_variable_get( iv )
+            h
+        end
+    end
+
+    def to_rpc_data
+        marshal_dump.merge 'arguments' => arguments.map(&:to_json)
+    end
+
+    def marshal_load( h )
+        h.each { |k, v| instance_variable_set( "@#{k}", v ) }
+    end
+
+    def self.from_rpc_data( data )
+        n = self.new
+        n.marshal_load( data )
+        n.arguments = n.arguments.map { |a| ::JSON.load a }
+        n
+    end
+
+end
+
+end
+end
+end

data/lib/scnr/introspector/data_flow.rb

@@ -0,0 +1,80 @@
+require 'scnr/introspector/data_flow/scope'
+require 'scnr/introspector/data_flow/sink'
+
+module SCNR
+class Introspector
+
+class DataFlow
+
+  # @return   [Scope]
+  attr_accessor :scope
+
+  # @return   [Array<Point>]
+  attr_reader   :sinks
+
+  # @param    [Hash]  options
+  # @option   options     [Scope,Hash,nil]    :scope
+  #   * {Scope}:  Configured {Scope} to use.
+  #   * `Hash`:  `Hash` to use for {Scope#initialize}.
+  #   * `nil`:  Will default to an empty {Scope}.
+  # @param    [Block] block
+  #   Code to {#trace}.
+  #
+  # @raise    [Introspector::Scope::Error::Invalid]
+  #   On unsupported `:scope` option.
+  def initialize( options = {}, &block )
+    options = options.dup
+
+    if (scope = options.delete(:scope)).is_a? DataFlow::Scope
+      @scope = scope
+    elsif scope.is_a? Hash
+      @scope = DataFlow::Scope.new( scope )
+    elsif scope.nil?
+      @scope = DataFlow::Scope.new
+    else
+      fail DataFlow::Scope::Error::Invalid
+    end
+
+    @sinks = []
+  end
+
+  def to_rpc_data
+    data = {}
+    instance_variables.each do |iv|
+      case iv
+      when :@sinks
+        data['sinks'] = @sinks.map(&:to_rpc_data)
+
+      when :@scope
+        next
+
+      else
+        v = instance_variable_get( iv )
+        next if !v
+        data[iv.to_s.gsub('@','')] = v.to_rpc_data
+
+      end
+    end
+    data
+  end
+
+  def self.from_rpc_data( h )
+    n = self.new
+
+    h.each do |k, v|
+      case k
+      when 'sinks'
+        n.instance_variable_set( "@#{k}", v.map { |pd| Sink.from_rpc_data( pd ) } )
+
+      else
+        n.instance_variable_set( "@#{k}", v )
+      end
+    end
+
+    n
+  end
+
+end
+
+end
+end

data/lib/scnr/introspector/error.rb

@@ -0,0 +1,8 @@
+module SCNR
+class Introspector
+
+class Error < StandardError
+end
+
+end
+end

data/lib/scnr/introspector/execution_flow/point.rb

@@ -0,0 +1,88 @@
+module SCNR
+class Introspector
+class ExecutionFlow
+
+# Trace point, similar in function to a native Ruby TracePoint.
+# Points to a code execution {#event}.
+class Point
+
+    # @return   [String,nil]
+    #   Path to the source file, `nil` if no file is available (i.e. compiled code).
+    attr_accessor :path
+
+    # @return   [Integer,nil]
+    #   File line number, `nil` if no file is available (i.e. compiled code).
+    attr_accessor :line_number
+
+    # @return   [String]
+    #   Class name containing the point.
+    attr_accessor :class_name
+
+    # @return   [Symbol]
+    #   Name of method associated with the {#event}.
+    attr_accessor :method_name
+
+    # @return   [Symbol]
+    #   Event name.
+    attr_accessor :event
+
+    # @param    [Hash]  options
+    def initialize( options = {} )
+        options.each do |k, v|
+            next if v.nil?
+
+            send( "#{k}=", v )
+        end
+    end
+
+    def inspect
+        "#{path}:#{line_number} #{class_name}##{method_name} #{event}"
+    end
+
+    def marshal_dump
+        instance_variables.inject( {} ) do |h, iv|
+            h[iv.to_s.gsub('@','')] = instance_variable_get( iv )
+            h
+        end
+    end
+
+    def marshal_load( h )
+        h.each { |k, v| instance_variable_set( "@#{k}", v ) }
+    end
+
+    def to_rpc_data
+        marshal_dump
+    end
+
+    def self.from_rpc_data( data )
+        n = self.new
+        n.marshal_load( data )
+        n
+    end
+
+    class <<self
+
+        # @param    [TracePoint]    tp
+        #   Ruby TracePoint object.
+        #
+        # @return   [Point]
+        def from_trace_point( tp )
+            defined_class =
+                (tp.defined_class.is_a?( Class ) || tp.defined_class.is_a?( Module ) ?
+                    tp.defined_class.name : tp.defined_class.class.name)
+
+            new({
+                path:        tp.path,
+                line_number: tp.lineno,
+                class_name:  defined_class,
+                method_name: tp.method_id,
+                event:       tp.event
+            })
+        end
+    end
+
+end
+
+end
+end
+end

data/lib/scnr/introspector/execution_flow/scope.rb

@@ -0,0 +1,11 @@
+module SCNR
+class Introspector
+class ExecutionFlow
+
+class Scope < Introspector::Scope
+end
+
+end
+end
+
+end

data/lib/scnr/introspector/execution_flow.rb

@@ -0,0 +1,105 @@
+require 'scnr/introspector/execution_flow/scope'
+require 'scnr/introspector/execution_flow/point'
+
+module SCNR
+class Introspector
+
+class ExecutionFlow
+
+    # @return   [Scope]
+    attr_accessor :scope
+
+    # @return   [Array<Point>]
+    attr_reader   :points
+
+    # @param    [Hash]  options
+    # @option   options     [Scope,Hash,nil]    :scope
+    #   * {Scope}:  Configured {Scope} to use.
+    #   * `Hash`:  `Hash` to use for {Scope#initialize}.
+    #   * `nil`:  Will default to an empty {Scope}.
+    # @param    [Block] block
+    #   Code to {#trace}.
+    #
+    # @raise    [Introspector::Scope::Error::Invalid]
+    #   On unsupported `:scope` option.
+    def initialize( options = {}, &block )
+        options = options.dup
+
+        if (scope = options.delete(:scope)).is_a? ExecutionFlow::Scope
+            @scope = scope
+        elsif scope.is_a? Hash
+            @scope = ExecutionFlow::Scope.new( scope )
+        elsif scope.nil?
+            @scope = ExecutionFlow::Scope.new
+        else
+            fail ExecutionFlow::Scope::Error::Invalid
+        end
+
+        @points = []
+
+        trace( &block ) if block_given?
+    end
+
+    # Traces code execution events as {Point points} and populates {#points}.
+    #
+    # @param    [Block] block
+    #   Code to trace.
+    #
+    # @return   [ExecutionFlow]
+    #   `self`
+    def trace( &block )
+        TracePoint.new do |tp|
+            next if @scope.out?( tp.path )
+
+            @points << create_point_from_trace_point( tp )
+        end.enable(&block)
+
+        self
+    end
+
+    def to_rpc_data
+        data = {}
+        instance_variables.each do |iv|
+            case iv
+                when :@points
+                    data['points'] = @points.map(&:to_rpc_data)
+
+                when :@scope
+                    next
+
+            else
+                v = instance_variable_get( iv )
+                next if !v
+                data[iv.to_s.gsub('@','')] = v.to_rpc_data
+
+            end
+        end
+        data
+    end
+
+    def self.from_rpc_data( h )
+        n = self.new
+
+        h.each do |k, v|
+            case k
+                when 'points'
+                    n.instance_variable_set( "@#{k}", v.map { |pd| Point.from_rpc_data( pd ) } )
+
+                else
+                    n.instance_variable_set( "@#{k}", v )
+            end
+        end
+
+        n
+    end
+
+    private
+
+    def create_point_from_trace_point( tp )
+        Point.from_trace_point( tp  )
+    end
+
+end
+
+end
+end

data/lib/scnr/introspector/scope.rb

@@ -0,0 +1,102 @@
+module SCNR
+class Introspector
+class Scope
+
+    class Error < Introspector::Error
+        class Invalid < Error
+        end
+
+        class UnknownOption < Error
+        end
+    end
+
+    # @return   [String,nil]
+    #   Include trace points whose file path starts with this string.
+    attr_accessor :path_start_with
+
+    # @return   [String,nil]
+    #   Include trace points whose file path ends with this string.
+    attr_accessor :path_end_with
+
+    # @return   [Array<Regexp>]
+    #   Include trace points whose file path matches this pattern.
+    attr_accessor :path_include_patterns
+
+    # @return   [Array<Regexp>]
+    #   Exclude trace points whose file path matches this pattern.
+    attr_accessor :path_exclude_patterns
+
+    # @param    [Hash]  options
+    #   Sets instance attributes.
+    def initialize( options = {} )
+        options.each do |k, v|
+            begin
+                send( "#{k}=", v )
+            rescue NoMethodError
+                fail "Unknown option: #{k}", Error::UnknownOption
+            end
+        end
+
+        @path_include_patterns ||= []
+        @path_exclude_patterns ||= []
+    end
+
+    # @return   [Bool]
+    #   `true` if scope has no configuration, `false` otherwise.
+    def empty?
+        !@path_start_with && !@path_end_with && @path_include_patterns.empty? &&
+            @path_exclude_patterns.empty?
+    end
+
+    # @param    [String]    path
+    #   Path to check.
+    #
+    # @return   [Bool]
+    #   `true` if `path` is not `#in?` scope, `false` otherwise.
+    def out?( path )
+        !in?( path )
+    end
+
+    # @param    [String]    path
+    #   Path to check.
+    #
+    # @return   [Bool]
+    #   `true` if `path` is `#in?` scope, `false` otherwise.
+    def in?( path )
+        if @path_start_with
+            return path.to_s.start_with?( @path_start_with )
+        end
+
+        if @path_end_with
+            return path.to_s.end_with?( @path_end_with )
+        end
+
+        if @path_include_patterns.any?
+            @path_include_patterns.each do |pattern|
+                return true if path =~ pattern
+            end
+
+            return false
+        end
+
+        if @path_exclude_patterns.any?
+            @path_exclude_patterns.each do |pattern|
+                return false if path =~ pattern
+            end
+        end
+
+        true
+    end
+
+    def hash
+        [@path_start_with, @path_end_with, @path_include_patterns, @path_exclude_patterns].hash
+    end
+
+    def ==( other )
+        hash == other.hash
+    end
+
+end
+
+end
+end

data/lib/scnr/introspector/version

@@ -0,0 +1 @@
+0.1

data/lib/scnr/introspector/version.rb

@@ -0,0 +1,5 @@
+module SCNR
+class Introspector
+    VERSION = IO.read( File.dirname( __FILE__ ) + '/version' ).strip
+end
+end

data/lib/scnr/introspector.rb

@@ -0,0 +1,291 @@
+require 'rbconfig'
+require 'rack/utils'
+require 'pp'
+
+module SCNR
+class Introspector
+    include Rack::Utils
+
+    require 'scnr/introspector/version'
+    require 'scnr/introspector/error'
+    require 'scnr/introspector/scope'
+    require 'scnr/introspector/execution_flow'
+    require 'scnr/introspector/data_flow'
+    require 'scnr/introspector/coverage'
+
+    # Coverage.enable
+
+    OVERLOAD = [
+      [:erb, :Templates],
+      [:test, [:SCNR, :Introspector, :Test]]
+    ]
+
+    module Overloads
+    end
+
+    OVERLOAD.each do |m, object|
+        if object.is_a? Array
+            name      = object.pop
+            namespace = Object
+
+            n = false
+            object.each do |o|
+                begin
+                    namespace = namespace.const_get( o )
+                rescue
+                    n = true
+                    break
+                end
+            end
+            next if n
+
+            object = namespace.const_get( name ) rescue next
+        else
+            object = Object.const_get( object ) rescue next
+        end
+
+        overload( object, m )
+    end
+
+    @mutex  = Mutex.new
+    class <<self
+        def overload( object, m )
+            ov = <<EORUBY
+        module Overloads
+        module #{object.to_s.split( '::' ).join}Overload
+            def #{m}( *args )
+                SCNR::Introspector.find_and_log_taint( #{object}, :#{m}, args )   
+                super *args
+            end
+        end
+        end
+
+        #{object}.prepend Overloads::#{object.to_s.split( '::' ).join}Overload
+EORUBY
+            eval ov
+            eval ov
+        end
+
+        def taint_seed=( t )
+            @taint = t
+        end
+
+        def taint_seed
+            @taint
+        end
+
+        def data_flows
+            @data_flows ||= {}
+        end
+
+        def synchronize( &block )
+            @mutex.synchronize( &block )
+        end
+
+        def log_sinks( taint, sink )
+            synchronize do
+                (self.data_flows[taint] ||= DataFlow.new).sinks << sink
+            end
+        end
+
+        def filter_caller( a )
+            dir = File.dirname( __FILE__ )
+            a.reject do |c|
+                c.start_with?( dir ) || c.include?( 'trace_point' )
+            end
+        end
+
+        def find_and_log_taint( object, method, args )
+            taint = @taint
+            return if !taint
+
+            tainted = find_taint_in_arguments( taint, args )
+            return if !tainted
+
+            sink = DataFlow::Sink.new(
+              object:       object.to_s,
+              method_name:  method.to_s,
+              arguments:    args,
+              tainted_argument_index: tainted[0],
+              tainted_value:          tainted[1].to_s,
+              backtrace:    filter_caller( Kernel.caller )
+            )
+            log_sinks( taint, sink )
+        end
+
+        def find_taint_in_arguments( taint, args )
+            args.each.with_index do |arg, i|
+                value = find_taint_recursively( taint, arg, i )
+                next if !value
+
+                return [i, value]
+            end
+
+            nil
+        end
+
+        def find_taint_recursively( taint, object, depth )
+            case object
+            when Hash
+                object.each do |k, v|
+                    t = find_taint_recursively( taint, v, depth )
+                    return t if t
+                end
+
+            when Array
+                object.each do |v|
+                    t = find_taint_recursively( taint, v, depth )
+                    return t if t
+                end
+
+            when String
+                return object if object.include? taint
+
+            else
+                nil
+            end
+
+            nil
+        end
+    end
+
+    def initialize( app, options = {} )
+        @app     = app
+        @options = options
+
+        overload_application
+
+        @mutex = Mutex.new
+    end
+
+    def overload_application
+        @app.methods.each do |m|
+            next if @app.method( m ).parameters.empty?
+            self.class.overload( @app.class, m )
+        end
+    end
+
+    def synchronize( &block )
+        @mutex.synchronize( &block )
+    end
+
+    def call( env )
+        info = Set.new
+        info << :platforms
+
+        if env.delete( 'HTTP_X_SCNR_INTROSPECTOR_TRACE' )
+            info << :data_flow
+            info << :execution_flow
+        end
+
+        inject( env, info )
+
+    rescue => e
+        pp e
+        pp e.backtrace
+    end
+
+    def inject( env, info = [] )
+        self.class.taint_seed = env.delete( 'HTTP_X_SCNR_INTROSPECTOR_TAINT' )
+        seed                  = env.delete( 'HTTP_X_SCNR_ENGINE_SCAN_SEED' )
+
+        data = {}
+
+        response = nil
+        if info.include? :execution_flow
+
+            execution_flow = nil
+            synchronize do
+                execution_flow = ExecutionFlow.new @options do
+                    response = @app.call( env )
+                end
+            end
+
+            data['execution_flow'] = execution_flow.to_rpc_data
+        else
+            response = @app.call( env )
+        end
+
+        if info.include? :platforms
+            data['platforms'] = self.platforms
+        end
+
+        if info.include?( :coverage ) && Coverage.enabled?
+            data['coverage'] = Coverage.new( @options ).retrieve_results
+        end
+
+        if info.include?( :data_flow ) && self.class.taint_seed
+            data['data_flow'] = self.class.data_flows.delete( self.class.taint_seed )&.to_rpc_data
+        end
+
+        code    = response.shift
+        headers = response.shift
+        body    = response.shift
+
+        body << "<!-- #{seed}\n#{JSON.dump( data )}\n#{seed} -->"
+        headers['Content-Length'] = body.map(&:bytesize).inject(&:+)
+
+        [code, headers, body ]
+    end
+
+    def platforms
+        platforms = [:ruby, os, db]
+        if rails?
+            platforms << :rails
+        end
+        platforms.compact
+    end
+
+    # @return   [Symbol]
+    #   {SCNR::Platform::Manager::OS OS platform type} to use for
+    #   {SCNR::Options#platforms}.
+    def os
+        @os ||= (
+            host_os = RbConfig::CONFIG['host_os']
+
+            case host_os
+                when /mswin|msys|mingw|cygwin|bccwin|wince|emc/
+                    :windows
+
+                when /linux/
+                    :linux
+
+                when /darwin|mac os|bsd/
+                    :bsd
+
+                when /solaris/
+                    :solaris
+
+                else
+                    nil
+            end
+        )
+    end
+
+    def db
+        return if !rails?
+
+        case ActiveRecord::Base.connection.adapter_name
+        when 'PostgreSQL'
+            :pgsql
+
+        when 'MySQL'
+            :mysql
+
+        when 'SQLite3'
+            :sqlite
+
+        else
+            nil
+
+        end
+    end
+
+    def rails?
+        if defined? Rails
+            return @app.is_a? Rails::Application
+        end
+    end
+
+end
+end

metadata

@@ -0,0 +1,128 @@
+--- !ruby/object:Gem::Specification
+name: scnr-introspector
+version: !ruby/object:Gem::Version
+  version: '0.1'
+platform: ruby
+authors:
+- Tasos Laskos
+autorequire:
+bindir: bin
+cert_chain: []
+date: 2024-02-21 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: puma
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sinatra
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: sinatra-contrib
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+description:
+email:
+- tasos.laskos@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/.gitkeep
+- lib/scnr/introspector.rb
+- lib/scnr/introspector/coverage.rb
+- lib/scnr/introspector/coverage/resource.rb
+- lib/scnr/introspector/coverage/resource/line.rb
+- lib/scnr/introspector/data_flow.rb
+- lib/scnr/introspector/data_flow/scope.rb
+- lib/scnr/introspector/data_flow/sink.rb
+- lib/scnr/introspector/error.rb
+- lib/scnr/introspector/execution_flow.rb
+- lib/scnr/introspector/execution_flow/point.rb
+- lib/scnr/introspector/execution_flow/scope.rb
+- lib/scnr/introspector/scope.rb
+- lib/scnr/introspector/version
+- lib/scnr/introspector/version.rb
+homepage: http://ecsypno.com
+licenses:
+- Commercial
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubygems_version: 3.4.22
+signing_key:
+specification_version: 4
+summary: Rack application security scanner built around the SCNR::Engine.
+test_files: []