tainted 0.2.0 → 0.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 2d61982c033f50c5e79a00dc34ef94fe612400097ef70e2e934d6def3f28cfac
4
- data.tar.gz: 55314168a8b4a3026e4c0cf9c9c61adcd277ed306ef656078b29f9930cff8dcd
3
+ metadata.gz: 278da9234147c4a8df18795ca9666877032253e8cb4409219ba0fd8e4420444b
4
+ data.tar.gz: 16e24fa14406e9755b3f631809a23a13fcf255605b5f6a2f66fc60d27ecee27a
5
5
  SHA512:
6
- metadata.gz: a211a22a04214a44ddb858930a69af6014f2c18aeb23c86c63ebcfbb8034f6f2da2d2f541088314fed8a0a59eb2a410ea9a9ca9e5527a89bef08e168a60eac5d
7
- data.tar.gz: 1da46aac7509d85177687d1b4f1ab06824d6f7e944c2404dfc249cffe17c3cf9eb29b9470ca7914df86b113c8134655ee5a06e6c533a3164544fa4e6935b179e
6
+ metadata.gz: b1fdc6834f8e8727e6e7fa0328ddd4193d4a7433f3c020f16eacaa6d63ef61f96b682a7a7e8b34db7e39d28a4554c77373d96467bb3a9cab8b8b00348d4b0fd0
7
+ data.tar.gz: 96b9a1687308bed7f57317dd66ece9eca69a7d0e2a7544cc8e40861017911d447aa11244daf44d5e3d27620358e80150e117b008c3a7a97b76e633608ff73f31
data/README.md CHANGED
@@ -29,8 +29,13 @@ require 'tainted'
29
29
  file = "#{__dir__}/../fixtures/simple.rb"
30
30
  lint = Tainted::Lint.new(file, %i[tainted], %i[unsafe])
31
31
  lint.analyze
32
- # Method `unsafe()` consuming tainted variable `d`
33
- # Method `unsafe()` consuming tainted variable `c`
32
+ =>
33
+ [#<Tainted::Offense:0x0000000107caf690
34
+ @message="Method `unsafe()` consuming tainted variable `d`",
35
+ @node=(call nil nil (ident "unsafe") (arg_paren (args ((var_ref (ident "d"))))))>,
36
+ #<Tainted::Offense:0x0000000107caf5f0
37
+ @message="Method `unsafe()` consuming tainted variable `c`",
38
+ @node=(call nil nil (ident "unsafe") (arg_paren (args ((var_ref (ident "c"))))))>]
34
39
  ```
35
40
 
36
41
  ## Development
data/lib/tainted/lint.rb CHANGED
@@ -15,7 +15,7 @@ module Tainted
15
15
 
16
16
  def analyze
17
17
  @visitor.visit(SyntaxTree.parse_file(@filepath))
18
- @visitor.result
18
+ @visitor.offenses
19
19
  end
20
20
  end
21
21
  end
@@ -0,0 +1,12 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Tainted
4
+ class Offense
5
+ attr_reader :node, :message
6
+
7
+ def initialize(node, message)
8
+ @node = node
9
+ @message = message
10
+ end
11
+ end
12
+ end
@@ -2,14 +2,14 @@
2
2
 
3
3
  module Tainted
4
4
  class Static < SyntaxTree::Visitor
5
- attr_reader :result
5
+ attr_reader :offenses
6
6
 
7
7
  def initialize(sources, sinks)
8
8
  super()
9
9
 
10
10
  @sources = sources
11
11
  @sinks = sinks
12
- @result = []
12
+ @offenses = []
13
13
  end
14
14
 
15
15
  def visit(node)
@@ -58,7 +58,7 @@ module Tainted
58
58
  taint_statuses.each do |status|
59
59
  next unless status[1]
60
60
 
61
- @result << "Method `#{method_name}()` consuming tainted variable `#{status[0].value.value}`"
61
+ @offenses << Offense.new(node, "Method `#{method_name}()` consuming tainted variable `#{status[0].value.value}`")
62
62
  end
63
63
  end
64
64
 
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module Tainted
4
- VERSION = "0.2.0"
4
+ VERSION = "0.3.0"
5
5
  end
data/lib/tainted.rb CHANGED
@@ -6,6 +6,7 @@ require_relative "tainted/state"
6
6
  require_relative "tainted/static"
7
7
  require_relative "tainted/lint"
8
8
  require_relative "tainted/dataflow"
9
+ require_relative "tainted/offense"
9
10
  require_relative "tainted/version"
10
11
 
11
12
  module Tainted
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tainted
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Syed Faraaz Ahmad
8
8
  autorequire:
9
9
  bindir: exe
10
10
  cert_chain: []
11
- date: 2023-11-04 00:00:00.000000000 Z
11
+ date: 2023-11-09 00:00:00.000000000 Z
12
12
  dependencies: []
13
13
  description:
14
14
  email:
@@ -26,6 +26,7 @@ files:
26
26
  - lib/tainted.rb
27
27
  - lib/tainted/dataflow.rb
28
28
  - lib/tainted/lint.rb
29
+ - lib/tainted/offense.rb
29
30
  - lib/tainted/state.rb
30
31
  - lib/tainted/static.rb
31
32
  - lib/tainted/version.rb