veracode 1.0.0.alpha10 → 1.0.0.alpha17
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/bin/veracode +22 -1
- data/lib/veracode.rb +158 -95
- data/lib/veracode/version.rb +1 -1
- metadata +3 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: e5cb7c4ca35c0ba950a80cd3128abe49464b68357d59528a09af7e17998bf2d9
|
4
|
+
data.tar.gz: fea0072496133717cc1f109cfe987eee7ee6099443c6032efd594c823338353f
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: 955ceacaea17f867fbbacbeb50607cdf71c4392474e71d73c5a3ba2c585139fef63ea6b73cc1fd6713a078e76c2855465f65a9a567d066a654989a3fdac9caf7
|
7
|
+
data.tar.gz: 0700d727fe2b5a19ebec8ba118e6d4438473e3234ffbd3fa26520f7cce054fd9fd5cd5c20d1d09e550bbcb417708cccf1019ad24a784f3e6b59a8fbea30de1a9
|
data/bin/veracode
CHANGED
@@ -23,8 +23,13 @@ require 'veracode/version'
|
|
23
23
|
$options = {
|
24
24
|
:archive_source => true,
|
25
25
|
:include_inherited => false,
|
26
|
-
:jruby => false,
|
27
26
|
:environment => false,
|
27
|
+
:verbose => false,
|
28
|
+
:jruby => false,
|
29
|
+
:skipactiverecord => false,
|
30
|
+
:skipactionview => false,
|
31
|
+
:skipsprockets => false,
|
32
|
+
:snapshot => false
|
28
33
|
}
|
29
34
|
|
30
35
|
subcommand = ARGV.shift
|
@@ -41,6 +46,18 @@ case subcommand
|
|
41
46
|
$options[:jruby] = true
|
42
47
|
end
|
43
48
|
|
49
|
+
opts.on("-O", "--skip-active-record", "Skip ActiveRecord") do
|
50
|
+
$options[:skipactiverecord] = true
|
51
|
+
end
|
52
|
+
|
53
|
+
opts.on("-V", "--skip-action-view", "Skip ActionView") do
|
54
|
+
$options[:skipactionview] = true
|
55
|
+
end
|
56
|
+
|
57
|
+
opts.on("-S", "--skip-sprockets", "Skip Sprockets") do
|
58
|
+
$options[:skipsprockets] = true
|
59
|
+
end
|
60
|
+
|
44
61
|
# opts.on("--[no-]source", "[Don't] Include source code in archive") do |s|
|
45
62
|
# $options[:archive_source] = s
|
46
63
|
# end
|
@@ -49,6 +66,10 @@ case subcommand
|
|
49
66
|
$DEBUG = true
|
50
67
|
end
|
51
68
|
|
69
|
+
opts.on("--debug-snapshot", "Generate a snapshot of the prepare state for Veracode debugging.") do
|
70
|
+
$options[:snapshot] = true
|
71
|
+
end
|
72
|
+
|
52
73
|
end.parse!
|
53
74
|
|
54
75
|
Veracode.prepare
|
data/lib/veracode.rb
CHANGED
@@ -202,7 +202,11 @@ module Veracode
|
|
202
202
|
exit
|
203
203
|
end
|
204
204
|
|
205
|
-
|
205
|
+
if $options[:snapshot]
|
206
|
+
puts "Please provide #{@archive_filename} to veracode for further investigation."
|
207
|
+
else
|
208
|
+
puts "Please upload #{@archive_filename}"
|
209
|
+
end
|
206
210
|
end
|
207
211
|
|
208
212
|
def self.cleanup
|
@@ -419,20 +423,25 @@ module Veracode
|
|
419
423
|
##############################################################################
|
420
424
|
# Archiving Headers
|
421
425
|
def self.class_header(c)
|
422
|
-
|
426
|
+
begin
|
427
|
+
return "" unless c.is_a? Class
|
423
428
|
|
424
|
-
|
429
|
+
puts " class header" if $options[:verbose]
|
425
430
|
|
426
|
-
|
427
|
-
|
431
|
+
case
|
432
|
+
when c.superclass.nil? # this should only happen for BasicObject
|
433
|
+
return ""
|
434
|
+
when c.superclass.name.nil? # in case the parent is anonymous
|
435
|
+
name = c.superclass.to_s.dump
|
436
|
+
else
|
437
|
+
name = c.superclass.name.dump
|
438
|
+
end
|
439
|
+
|
440
|
+
"superclass #{name}\n"
|
441
|
+
rescue Exception => e
|
442
|
+
log_error e.message
|
428
443
|
return ""
|
429
|
-
when c.superclass.name.nil? # in case the parent is anonymous
|
430
|
-
name = c.superclass.to_s.dump
|
431
|
-
else
|
432
|
-
name = c.superclass.name.dump
|
433
444
|
end
|
434
|
-
|
435
|
-
"superclass #{name}\n"
|
436
445
|
end
|
437
446
|
|
438
447
|
def self.module_header(m)
|
@@ -440,14 +449,27 @@ module Veracode
|
|
440
449
|
|
441
450
|
puts " module header" if $options[:verbose]
|
442
451
|
|
443
|
-
|
444
|
-
|
445
|
-
|
446
|
-
|
447
|
-
|
448
|
-
|
449
|
-
|
450
|
-
|
452
|
+
formatted_contents = ""
|
453
|
+
|
454
|
+
begin
|
455
|
+
formatted_contents += ( m.included_modules.count > 0 ?
|
456
|
+
m.included_modules.map {|m| "include #{m.inspect.dump}\n" }.join :
|
457
|
+
""
|
458
|
+
)
|
459
|
+
rescue Exception => e
|
460
|
+
log_error "Error archiving module header #{m.inspect.dump}: #{e.message}"
|
461
|
+
end
|
462
|
+
|
463
|
+
begin
|
464
|
+
formatted_contents += ( m.respond_to?(:singleton_class) && m.singleton_class.included_modules.count > 0 ?
|
465
|
+
m.singleton_class.included_modules.map {|m| "extend #{m.inspect.dump}\n" }.join :
|
466
|
+
""
|
467
|
+
)
|
468
|
+
rescue Exception => e
|
469
|
+
log_error "Error archiving module header #{m.inspect.dump}: #{e.message}"
|
470
|
+
end
|
471
|
+
|
472
|
+
return formatted_contents
|
451
473
|
end
|
452
474
|
|
453
475
|
|
@@ -496,51 +518,63 @@ module Veracode
|
|
496
518
|
# m.respond_to?(:global_variables) was throwing exceptions
|
497
519
|
end
|
498
520
|
|
499
|
-
|
500
|
-
|
501
|
-
|
502
|
-
m.__send__(get_methods, $options[:include_inherited]).
|
503
|
-
|
504
|
-
|
505
|
-
|
506
|
-
|
507
|
-
|
521
|
+
begin
|
522
|
+
%w[ public protected private ].each {|p|
|
523
|
+
get_methods = (p + "_instance_methods").to_sym
|
524
|
+
if m.respond_to?(get_methods) && m.__send__(get_methods, $options[:include_inherited]).count > 0
|
525
|
+
m.__send__(get_methods, $options[:include_inherited]).each do |m_symbol|
|
526
|
+
begin
|
527
|
+
method = m.instance_method(m_symbol)
|
528
|
+
formatted_contents += format_method(method, "#{p.to_s}_instance", with_disasm)
|
529
|
+
rescue Exception => e
|
530
|
+
log_error "Error archiving #{p.to_s} instance method #{m_symbol.to_s.dump}: #{e.message}"
|
531
|
+
end
|
508
532
|
end
|
509
533
|
end
|
510
|
-
|
511
|
-
|
534
|
+
}
|
535
|
+
rescue Exception => e
|
536
|
+
# m.respond_to?(get_methods)
|
537
|
+
end
|
512
538
|
|
513
539
|
formatted_contents
|
514
540
|
end
|
515
541
|
|
516
542
|
def self.object_contents(o, with_disasm=true)
|
517
|
-
return "" unless o.is_a?
|
543
|
+
return "" unless !o.nil? && o.is_a?(Object)
|
518
544
|
|
519
545
|
puts " object contents" if $options[:verbose]
|
520
546
|
|
521
547
|
formatted_contents = ""
|
522
|
-
|
523
|
-
|
524
|
-
o.instance_variables.
|
525
|
-
|
526
|
-
|
527
|
-
|
528
|
-
|
529
|
-
|
530
|
-
|
548
|
+
|
549
|
+
begin
|
550
|
+
if o.respond_to?(:instance_variables) && o.instance_variables.count > 0
|
551
|
+
o.instance_variables.each do |v_symbol|
|
552
|
+
begin
|
553
|
+
v = o.instance_variable_get(v_symbol)
|
554
|
+
formatted_contents += format_variable(v_symbol, v, "instance")
|
555
|
+
rescue Exception => e
|
556
|
+
log_error "Error archiving instance variable #{v_symbol.to_s.dump}: #{e.message}"
|
557
|
+
formatted_contents += format_variable(v_symbol, :veracode_nil, "instance")
|
558
|
+
end
|
531
559
|
end
|
532
560
|
end
|
561
|
+
rescue Exception => e
|
562
|
+
log_error "Error getting :instance_variables for object #{o}: #{e.message}"
|
533
563
|
end
|
534
564
|
|
535
|
-
|
536
|
-
o.singleton_methods($options[:include_inherited]).
|
537
|
-
|
538
|
-
|
539
|
-
|
540
|
-
|
541
|
-
|
565
|
+
begin
|
566
|
+
if o.respond_to?(:singleton_methods) && o.singleton_methods($options[:include_inherited]).count > 0
|
567
|
+
o.singleton_methods($options[:include_inherited]).each do |m_symbol|
|
568
|
+
begin
|
569
|
+
m = o.method(m_symbol)
|
570
|
+
formatted_contents += format_method(m, "singleton", with_disasm)
|
571
|
+
rescue Exception => e
|
572
|
+
log_error "Error archiving singleton method #{m_symbol.to_s.dump}: #{e.message}"
|
573
|
+
end
|
542
574
|
end
|
543
575
|
end
|
576
|
+
rescue Exception => e
|
577
|
+
log_error "Error getting :singleton_methods for object #{o}: #{e.message}"
|
544
578
|
end
|
545
579
|
|
546
580
|
formatted_contents
|
@@ -550,13 +584,12 @@ module Veracode
|
|
550
584
|
##############################################################################
|
551
585
|
# Archiving Objects
|
552
586
|
def self.archive(objects, with_disasm=true)
|
553
|
-
|
554
587
|
objects = objects - [
|
555
|
-
|
556
|
-
|
557
|
-
|
558
|
-
|
559
|
-
|
588
|
+
Veracode,
|
589
|
+
Veracode::ActiveRecord,
|
590
|
+
Veracode::ActiveRecord::Model,
|
591
|
+
Veracode::ActiveRecord::Schema,
|
592
|
+
]
|
560
593
|
|
561
594
|
if $options[:verbose]
|
562
595
|
puts "Archiving #{objects.count.to_s} objects" + (with_disasm ? " with disassembly" : "")
|
@@ -565,20 +598,16 @@ module Veracode
|
|
565
598
|
|
566
599
|
objects.sort_by {|o| safe_name(o) }.each do |o|
|
567
600
|
|
568
|
-
|
569
|
-
|
570
|
-
add_to_archive "#{o.class.to_s.downcase} #{quote(safe_name(o))}\n" +
|
571
|
-
|
572
|
-
( o.is_a?(Class) ? class_header(o) : "") + # superclass
|
573
|
-
( o.is_a?(Module) ? module_header(o) : "") + # included modules
|
601
|
+
puts "archiving #{o.class.to_s.downcase} #{quote(safe_name(o))}" if $options[:verbose]
|
574
602
|
|
575
|
-
|
576
|
-
|
577
|
-
|
578
|
-
|
579
|
-
|
603
|
+
add_to_archive "#{o.class.to_s.downcase} #{quote(safe_name(o))}\n" +
|
604
|
+
( o.is_a?(Class) ? class_header(o) : "") + # superclass
|
605
|
+
( o.is_a?(Module) ? module_header(o) : "") + # included modules
|
606
|
+
( (o.is_a?(Object) && !o.nil?) ? object_contents(o, with_disasm) : "") +
|
607
|
+
( o.is_a?(Module) ? module_contents(o, with_disasm) : "") +
|
608
|
+
"end#{o.class.to_s.downcase}\n" +
|
609
|
+
"\n"
|
580
610
|
end
|
581
|
-
|
582
611
|
end
|
583
612
|
|
584
613
|
|
@@ -626,7 +655,11 @@ module Veracode
|
|
626
655
|
|
627
656
|
assigns = {}
|
628
657
|
view = ActionView::Base.new(view_paths, assigns)
|
629
|
-
|
658
|
+
begin
|
659
|
+
|
660
|
+
rescue Exception => e
|
661
|
+
log_error "Unable to get controller view context (#{e.message})"
|
662
|
+
end
|
630
663
|
|
631
664
|
templates.each { |template|
|
632
665
|
puts "Compiling template #{template}" if $options[:verbose]
|
@@ -845,7 +878,17 @@ end
|
|
845
878
|
|
846
879
|
puts "Phase 2 - Load Rails" if $options[:verbose]
|
847
880
|
begin
|
848
|
-
|
881
|
+
if $options[:skipactiverecord] || $options[:skipactionview] || $options[:skipsprockets]
|
882
|
+
require "active_model/railtie"
|
883
|
+
require "active_record/railtie" unless $options[:skipactiverecord]
|
884
|
+
require "action_controller/railtie"
|
885
|
+
require "action_mailer/railtie"
|
886
|
+
require "action_view/railtie" unless $options[:skipactionview]
|
887
|
+
require "sprockets/railtie" unless $options[:skipsprockets]
|
888
|
+
require "rails/test_unit/railtie"
|
889
|
+
else
|
890
|
+
require "rails/all"
|
891
|
+
end
|
849
892
|
rescue Exception => e
|
850
893
|
puts "Unable to require rails: #{e.message}"
|
851
894
|
log_error "Unable to require rails: #{e.message}"
|
@@ -856,9 +899,9 @@ end
|
|
856
899
|
|
857
900
|
## Imitate script/rails
|
858
901
|
# APP_PATH = File.expand_path('config/application')
|
859
|
-
|
902
|
+
# APP_PATH is already set in bin/veracode
|
860
903
|
#require File.expand_path('../../config/boot', __FILE__)
|
861
|
-
|
904
|
+
glob_require "config/boot.rb"
|
862
905
|
#require 'rails/commands'
|
863
906
|
# this will trigger the console to be launched
|
864
907
|
# ARGV.clear
|
@@ -867,7 +910,16 @@ end
|
|
867
910
|
# require 'rails/commands'
|
868
911
|
|
869
912
|
## Imitate rails/commands when console
|
870
|
-
|
913
|
+
if Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
|
914
|
+
cond_require 'rails/command.rb'
|
915
|
+
cond_require 'rails/command/actions.rb'
|
916
|
+
cond_require 'rails/command/base.rb'
|
917
|
+
cond_require 'rails/command/behavior.rb'
|
918
|
+
cond_require 'rails/command/environment_argument.rb'
|
919
|
+
cond_require 'rails/commands/console/console_command.rb'
|
920
|
+
else
|
921
|
+
cond_require 'rails/commands/console.rb'
|
922
|
+
end
|
871
923
|
# require APP_PATH # => config/application.rb
|
872
924
|
|
873
925
|
glob_require "config/application.rb"
|
@@ -903,35 +955,46 @@ end
|
|
903
955
|
|
904
956
|
puts "Phase 3 - Imitate Rails" if $options[:verbose]
|
905
957
|
|
906
|
-
|
907
|
-
|
908
|
-
any_new
|
909
|
-
|
910
|
-
|
911
|
-
|
912
|
-
|
958
|
+
begin
|
959
|
+
any_new = true
|
960
|
+
while any_new
|
961
|
+
any_new = false
|
962
|
+
any_new |= glob_require "lib/**/*.rb"
|
963
|
+
any_new |= glob_require "app/**/*.rb"
|
964
|
+
puts "new successful requires? #{any_new.to_s}" if $options[:verbose]
|
965
|
+
end
|
913
966
|
|
914
|
-
|
967
|
+
compile_templates
|
915
968
|
|
916
|
-
|
917
|
-
|
969
|
+
self.update
|
970
|
+
self.stats if $options[:verbose]
|
918
971
|
|
919
|
-
|
920
|
-
|
972
|
+
# Ensure compiled templates are fully disassembled in archive
|
973
|
+
@baseline_modules.delete(ActionView::CompiledTemplates)
|
921
974
|
|
922
|
-
|
923
|
-
|
924
|
-
|
925
|
-
|
926
|
-
|
927
|
-
|
928
|
-
|
929
|
-
|
930
|
-
|
931
|
-
|
932
|
-
|
933
|
-
|
934
|
-
|
975
|
+
if $options[:environment]
|
976
|
+
puts "Processing and disassembling environment"
|
977
|
+
archive(@modules.reject {|o| safe_name(o) =~ /^#<(Class|Module):0x[0-9a-f]+>/i }
|
978
|
+
.reject {|o| safe_name(o) =~ /^Veracode/ }
|
979
|
+
.reject {|o| safe_name(o) =~ /^EmptyRails/ }
|
980
|
+
.reject {|o| safe_name(o) =~ /^ActionView::CompiledTemplates$/ }, false)
|
981
|
+
else
|
982
|
+
puts "Processing Ruby and Rails classes and modules"
|
983
|
+
archive(@baseline_modules, false)
|
984
|
+
add_to_archive "\n# Phase 3 - App disassembly\n"
|
985
|
+
puts "Processing and disassembling #{APP_NAME} classes and modules"
|
986
|
+
archive(@modules - @baseline_modules, true)
|
987
|
+
archive_schema
|
988
|
+
|
989
|
+
end
|
990
|
+
|
991
|
+
rescue Exception => e
|
992
|
+
if $options[:snapshot]
|
993
|
+
log_error e.message
|
994
|
+
log_error e.backtrace.join("\n")
|
995
|
+
else
|
996
|
+
raise
|
997
|
+
end
|
935
998
|
end
|
936
999
|
|
937
1000
|
## /phase 3 - require app
|
data/lib/veracode/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: veracode
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.0.
|
4
|
+
version: 1.0.0.alpha17
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Veracode
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-05-07 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rubyzip
|
@@ -55,10 +55,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
55
55
|
version: 1.3.1
|
56
56
|
requirements: []
|
57
57
|
rubyforge_project:
|
58
|
-
rubygems_version: 2.
|
58
|
+
rubygems_version: 2.7.8
|
59
59
|
signing_key:
|
60
60
|
specification_version: 4
|
61
61
|
summary: Command line tool for preparing your Ruby on Rails app for submission to
|
62
62
|
Veracode
|
63
63
|
test_files: []
|
64
|
-
has_rdoc:
|