veracode 1.0.0.alpha11 → 1.0.0.alpha18
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +5 -5
- data/bin/veracode +10 -1
- data/lib/veracode.rb +157 -94
- data/lib/veracode/version.rb +1 -1
- metadata +3 -4
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
|
-
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
2
|
+
SHA256:
|
3
|
+
metadata.gz: e42ef047b5e2b3f33eba714c33d5c13aa393679e704633ac93df478b6697c811
|
4
|
+
data.tar.gz: 5adf88dcca009894d9f1631061750d108e9ec3ab77de5ac6083c95aeda5db4e6
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: afcf1ebbc31dfb94ade508fdf858f6815a088d66d40982f82e2f7c439929b3eb2c803b5d238cea1825f7ed5f60cb0d483caa4d85032542d60e91be970c9d2db2
|
7
|
+
data.tar.gz: 8dd0fa92c21625c40df171a9ee8d4f5a8dc4f37f53f8a1dd223f5fbd8e5aefc1d0279915ff368d24b228eef690b0cafb5407a85c1cbb743e17e5127b34830c15
|
data/bin/veracode
CHANGED
@@ -23,8 +23,13 @@ require 'veracode/version'
|
|
23
23
|
$options = {
|
24
24
|
:archive_source => true,
|
25
25
|
:include_inherited => false,
|
26
|
-
:jruby => false,
|
27
26
|
:environment => false,
|
27
|
+
:verbose => false,
|
28
|
+
:jruby => false,
|
29
|
+
:skipactiverecord => false,
|
30
|
+
:skipactionview => false,
|
31
|
+
:skipsprockets => false,
|
32
|
+
:snapshot => false
|
28
33
|
}
|
29
34
|
|
30
35
|
subcommand = ARGV.shift
|
@@ -61,6 +66,10 @@ case subcommand
|
|
61
66
|
$DEBUG = true
|
62
67
|
end
|
63
68
|
|
69
|
+
opts.on("--debug-snapshot", "Generate a snapshot of the prepare state for Veracode debugging.") do
|
70
|
+
$options[:snapshot] = true
|
71
|
+
end
|
72
|
+
|
64
73
|
end.parse!
|
65
74
|
|
66
75
|
Veracode.prepare
|
data/lib/veracode.rb
CHANGED
@@ -202,7 +202,11 @@ module Veracode
|
|
202
202
|
exit
|
203
203
|
end
|
204
204
|
|
205
|
-
|
205
|
+
if $options[:snapshot]
|
206
|
+
puts "Please provide #{@archive_filename} to veracode for further investigation."
|
207
|
+
else
|
208
|
+
puts "Please upload #{@archive_filename}"
|
209
|
+
end
|
206
210
|
end
|
207
211
|
|
208
212
|
def self.cleanup
|
@@ -294,7 +298,8 @@ module Veracode
|
|
294
298
|
begin
|
295
299
|
( o.nil? ? "nil" : o.to_s )
|
296
300
|
rescue
|
297
|
-
"nil"
|
301
|
+
log_error "Error testing #{o} with nil?. Probable monkey patching. #{e.message}"
|
302
|
+
( o == nil ? "nil" : o.to_s ) # in case of monkey patched nil?
|
298
303
|
end
|
299
304
|
end
|
300
305
|
when o.is_a?(Method), o.is_a?(UnboundMethod)
|
@@ -419,20 +424,25 @@ module Veracode
|
|
419
424
|
##############################################################################
|
420
425
|
# Archiving Headers
|
421
426
|
def self.class_header(c)
|
422
|
-
|
427
|
+
begin
|
428
|
+
return "" unless c.is_a? Class
|
423
429
|
|
424
|
-
|
430
|
+
puts " class header" if $options[:verbose]
|
425
431
|
|
426
|
-
|
427
|
-
|
432
|
+
case
|
433
|
+
when c.superclass.nil? # this should only happen for BasicObject
|
434
|
+
return ""
|
435
|
+
when c.superclass.name.nil? # in case the parent is anonymous
|
436
|
+
name = c.superclass.to_s.dump
|
437
|
+
else
|
438
|
+
name = c.superclass.name.dump
|
439
|
+
end
|
440
|
+
|
441
|
+
"superclass #{name}\n"
|
442
|
+
rescue Exception => e
|
443
|
+
log_error e.message
|
428
444
|
return ""
|
429
|
-
when c.superclass.name.nil? # in case the parent is anonymous
|
430
|
-
name = c.superclass.to_s.dump
|
431
|
-
else
|
432
|
-
name = c.superclass.name.dump
|
433
445
|
end
|
434
|
-
|
435
|
-
"superclass #{name}\n"
|
436
446
|
end
|
437
447
|
|
438
448
|
def self.module_header(m)
|
@@ -440,14 +450,27 @@ module Veracode
|
|
440
450
|
|
441
451
|
puts " module header" if $options[:verbose]
|
442
452
|
|
443
|
-
|
444
|
-
|
445
|
-
|
446
|
-
|
447
|
-
|
448
|
-
|
449
|
-
|
450
|
-
|
453
|
+
formatted_contents = ""
|
454
|
+
|
455
|
+
begin
|
456
|
+
formatted_contents += ( m.included_modules.count > 0 ?
|
457
|
+
m.included_modules.map {|m| "include #{m.inspect.dump}\n" }.join :
|
458
|
+
""
|
459
|
+
)
|
460
|
+
rescue Exception => e
|
461
|
+
log_error "Error archiving module header #{m.inspect.dump}: #{e.message}"
|
462
|
+
end
|
463
|
+
|
464
|
+
begin
|
465
|
+
formatted_contents += ( m.respond_to?(:singleton_class) && m.singleton_class.included_modules.count > 0 ?
|
466
|
+
m.singleton_class.included_modules.map {|m| "extend #{m.inspect.dump}\n" }.join :
|
467
|
+
""
|
468
|
+
)
|
469
|
+
rescue Exception => e
|
470
|
+
log_error "Error archiving module header #{m.inspect.dump}: #{e.message}"
|
471
|
+
end
|
472
|
+
|
473
|
+
return formatted_contents
|
451
474
|
end
|
452
475
|
|
453
476
|
|
@@ -496,51 +519,70 @@ module Veracode
|
|
496
519
|
# m.respond_to?(:global_variables) was throwing exceptions
|
497
520
|
end
|
498
521
|
|
499
|
-
|
500
|
-
|
501
|
-
|
502
|
-
m.__send__(get_methods, $options[:include_inherited]).
|
503
|
-
|
504
|
-
|
505
|
-
|
506
|
-
|
507
|
-
|
522
|
+
begin
|
523
|
+
%w[ public protected private ].each {|p|
|
524
|
+
get_methods = (p + "_instance_methods").to_sym
|
525
|
+
if m.respond_to?(get_methods) && m.__send__(get_methods, $options[:include_inherited]).count > 0
|
526
|
+
m.__send__(get_methods, $options[:include_inherited]).each do |m_symbol|
|
527
|
+
begin
|
528
|
+
method = m.instance_method(m_symbol)
|
529
|
+
formatted_contents += format_method(method, "#{p.to_s}_instance", with_disasm)
|
530
|
+
rescue Exception => e
|
531
|
+
log_error "Error archiving #{p.to_s} instance method #{m_symbol.to_s.dump}: #{e.message}"
|
532
|
+
end
|
508
533
|
end
|
509
534
|
end
|
510
|
-
|
511
|
-
|
535
|
+
}
|
536
|
+
rescue Exception => e
|
537
|
+
# m.respond_to?(get_methods)
|
538
|
+
end
|
512
539
|
|
513
540
|
formatted_contents
|
514
541
|
end
|
515
542
|
|
516
543
|
def self.object_contents(o, with_disasm=true)
|
517
|
-
|
544
|
+
begin
|
545
|
+
return "" unless !o.nil?
|
546
|
+
rescue Exception => e
|
547
|
+
log_error "Error testing #{o} with nil?. Probable monkey patching. #{e.message}"
|
548
|
+
return "" if o == nil
|
549
|
+
end
|
550
|
+
|
551
|
+
return "" unless o.is_a?(Object)
|
518
552
|
|
519
553
|
puts " object contents" if $options[:verbose]
|
520
554
|
|
521
555
|
formatted_contents = ""
|
522
|
-
|
523
|
-
|
524
|
-
o.instance_variables.
|
525
|
-
|
526
|
-
|
527
|
-
|
528
|
-
|
529
|
-
|
530
|
-
|
556
|
+
|
557
|
+
begin
|
558
|
+
if o.respond_to?(:instance_variables) && o.instance_variables.count > 0
|
559
|
+
o.instance_variables.each do |v_symbol|
|
560
|
+
begin
|
561
|
+
v = o.instance_variable_get(v_symbol)
|
562
|
+
formatted_contents += format_variable(v_symbol, v, "instance")
|
563
|
+
rescue Exception => e
|
564
|
+
log_error "Error archiving instance variable #{v_symbol.to_s.dump}: #{e.message}"
|
565
|
+
formatted_contents += format_variable(v_symbol, :veracode_nil, "instance")
|
566
|
+
end
|
531
567
|
end
|
532
568
|
end
|
569
|
+
rescue Exception => e
|
570
|
+
log_error "Error getting :instance_variables for object #{o}: #{e.message}"
|
533
571
|
end
|
534
572
|
|
535
|
-
|
536
|
-
o.singleton_methods($options[:include_inherited]).
|
537
|
-
|
538
|
-
|
539
|
-
|
540
|
-
|
541
|
-
|
573
|
+
begin
|
574
|
+
if o.respond_to?(:singleton_methods) && o.singleton_methods($options[:include_inherited]).count > 0
|
575
|
+
o.singleton_methods($options[:include_inherited]).each do |m_symbol|
|
576
|
+
begin
|
577
|
+
m = o.method(m_symbol)
|
578
|
+
formatted_contents += format_method(m, "singleton", with_disasm)
|
579
|
+
rescue Exception => e
|
580
|
+
log_error "Error archiving singleton method #{m_symbol.to_s.dump}: #{e.message}"
|
581
|
+
end
|
542
582
|
end
|
543
583
|
end
|
584
|
+
rescue Exception => e
|
585
|
+
log_error "Error getting :singleton_methods for object #{o}: #{e.message}"
|
544
586
|
end
|
545
587
|
|
546
588
|
formatted_contents
|
@@ -550,13 +592,13 @@ module Veracode
|
|
550
592
|
##############################################################################
|
551
593
|
# Archiving Objects
|
552
594
|
def self.archive(objects, with_disasm=true)
|
553
|
-
|
554
|
-
|
555
|
-
|
556
|
-
|
557
|
-
|
558
|
-
|
559
|
-
|
595
|
+
veracode_artifacts = Set[
|
596
|
+
safe_name(Veracode),
|
597
|
+
safe_name(Veracode::ActiveRecord),
|
598
|
+
safe_name(Veracode::ActiveRecord::Model),
|
599
|
+
safe_name(Veracode::ActiveRecord::Schema)
|
600
|
+
]
|
601
|
+
objects = objects.reject { |o| veracode_artifacts.include?(safe_name(o)) }
|
560
602
|
|
561
603
|
if $options[:verbose]
|
562
604
|
puts "Archiving #{objects.count.to_s} objects" + (with_disasm ? " with disassembly" : "")
|
@@ -568,17 +610,13 @@ module Veracode
|
|
568
610
|
puts "archiving #{o.class.to_s.downcase} #{quote(safe_name(o))}" if $options[:verbose]
|
569
611
|
|
570
612
|
add_to_archive "#{o.class.to_s.downcase} #{quote(safe_name(o))}\n" +
|
571
|
-
|
572
|
-
|
573
|
-
|
574
|
-
|
575
|
-
|
576
|
-
|
577
|
-
|
578
|
-
"end#{o.class.to_s.downcase}\n" +
|
579
|
-
"\n"
|
613
|
+
( o.is_a?(Class) ? class_header(o) : "") + # superclass
|
614
|
+
( o.is_a?(Module) ? module_header(o) : "") + # included modules
|
615
|
+
( o.is_a?(Object) ? object_contents(o, with_disasm) : "") +
|
616
|
+
( o.is_a?(Module) ? module_contents(o, with_disasm) : "") +
|
617
|
+
"end#{o.class.to_s.downcase}\n" +
|
618
|
+
"\n"
|
580
619
|
end
|
581
|
-
|
582
620
|
end
|
583
621
|
|
584
622
|
|
@@ -626,7 +664,11 @@ module Veracode
|
|
626
664
|
|
627
665
|
assigns = {}
|
628
666
|
view = ActionView::Base.new(view_paths, assigns)
|
629
|
-
|
667
|
+
begin
|
668
|
+
|
669
|
+
rescue Exception => e
|
670
|
+
log_error "Unable to get controller view context (#{e.message})"
|
671
|
+
end
|
630
672
|
|
631
673
|
templates.each { |template|
|
632
674
|
puts "Compiling template #{template}" if $options[:verbose]
|
@@ -866,9 +908,9 @@ end
|
|
866
908
|
|
867
909
|
## Imitate script/rails
|
868
910
|
# APP_PATH = File.expand_path('config/application')
|
869
|
-
|
911
|
+
# APP_PATH is already set in bin/veracode
|
870
912
|
#require File.expand_path('../../config/boot', __FILE__)
|
871
|
-
|
913
|
+
glob_require "config/boot.rb"
|
872
914
|
#require 'rails/commands'
|
873
915
|
# this will trigger the console to be launched
|
874
916
|
# ARGV.clear
|
@@ -877,7 +919,16 @@ end
|
|
877
919
|
# require 'rails/commands'
|
878
920
|
|
879
921
|
## Imitate rails/commands when console
|
880
|
-
|
922
|
+
if Gem::Version.new(Rails.version) >= Gem::Version.new("5.1.0")
|
923
|
+
cond_require 'rails/command.rb'
|
924
|
+
cond_require 'rails/command/actions.rb'
|
925
|
+
cond_require 'rails/command/base.rb'
|
926
|
+
cond_require 'rails/command/behavior.rb'
|
927
|
+
cond_require 'rails/command/environment_argument.rb'
|
928
|
+
cond_require 'rails/commands/console/console_command.rb'
|
929
|
+
else
|
930
|
+
cond_require 'rails/commands/console.rb'
|
931
|
+
end
|
881
932
|
# require APP_PATH # => config/application.rb
|
882
933
|
|
883
934
|
glob_require "config/application.rb"
|
@@ -913,35 +964,47 @@ end
|
|
913
964
|
|
914
965
|
puts "Phase 3 - Imitate Rails" if $options[:verbose]
|
915
966
|
|
916
|
-
|
917
|
-
|
918
|
-
any_new
|
919
|
-
|
920
|
-
|
921
|
-
|
922
|
-
|
967
|
+
begin
|
968
|
+
any_new = true
|
969
|
+
while any_new
|
970
|
+
any_new = false
|
971
|
+
any_new |= glob_require "lib/**/*.rb"
|
972
|
+
any_new |= glob_require "app/**/*.rb"
|
973
|
+
puts "new successful requires? #{any_new.to_s}" if $options[:verbose]
|
974
|
+
end
|
923
975
|
|
924
|
-
|
976
|
+
compile_templates
|
925
977
|
|
926
|
-
|
927
|
-
|
978
|
+
self.update
|
979
|
+
self.stats if $options[:verbose]
|
928
980
|
|
929
|
-
|
930
|
-
|
981
|
+
# Ensure compiled templates are fully disassembled in archive
|
982
|
+
@baseline_modules.delete(ActionView::CompiledTemplates)
|
931
983
|
|
932
|
-
|
933
|
-
|
934
|
-
|
935
|
-
|
936
|
-
|
937
|
-
|
938
|
-
|
939
|
-
|
940
|
-
|
941
|
-
|
942
|
-
|
943
|
-
|
944
|
-
|
984
|
+
if $options[:environment]
|
985
|
+
puts "Processing and disassembling environment"
|
986
|
+
archive(@modules.reject {|o| safe_name(o) =~ /^#<(Class|Module):0x[0-9a-f]+>/i }
|
987
|
+
.reject {|o| safe_name(o) =~ /^Veracode/ }
|
988
|
+
.reject {|o| safe_name(o) =~ /^EmptyRails/ }
|
989
|
+
.reject {|o| safe_name(o) =~ /^ActionView::CompiledTemplates$/ }, false)
|
990
|
+
else
|
991
|
+
puts "Processing Ruby and Rails classes and modules"
|
992
|
+
archive(@baseline_modules, false)
|
993
|
+
add_to_archive "\n# Phase 3 - App disassembly\n"
|
994
|
+
puts "Processing and disassembling #{APP_NAME} classes and modules"
|
995
|
+
safe_baseline_modules = @baseline_modules.each_with_object(Set.new) { |o, s| s << safe_name(o) }
|
996
|
+
archive(@modules.reject {|o| safe_baseline_modules.include?(safe_name(o))}, true)
|
997
|
+
archive_schema
|
998
|
+
|
999
|
+
end
|
1000
|
+
|
1001
|
+
rescue Exception => e
|
1002
|
+
if $options[:snapshot]
|
1003
|
+
log_error e.message
|
1004
|
+
log_error e.backtrace.join("\n")
|
1005
|
+
else
|
1006
|
+
raise
|
1007
|
+
end
|
945
1008
|
end
|
946
1009
|
|
947
1010
|
## /phase 3 - require app
|
data/lib/veracode/version.rb
CHANGED
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: veracode
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.0.
|
4
|
+
version: 1.0.0.alpha18
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Veracode
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date:
|
11
|
+
date: 2019-06-10 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: rubyzip
|
@@ -55,10 +55,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
55
55
|
version: 1.3.1
|
56
56
|
requirements: []
|
57
57
|
rubyforge_project:
|
58
|
-
rubygems_version: 2.
|
58
|
+
rubygems_version: 2.7.8
|
59
59
|
signing_key:
|
60
60
|
specification_version: 4
|
61
61
|
summary: Command line tool for preparing your Ruby on Rails app for submission to
|
62
62
|
Veracode
|
63
63
|
test_files: []
|
64
|
-
has_rdoc:
|