veracode 1.0.0.alpha2 → 1.0.0.alpha7
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/bin/veracode +21 -15
- data/lib/veracode.rb +229 -116
- data/lib/veracode/gems.rb +49 -0
- data/lib/veracode/schema.rb +104 -0
- data/lib/veracode/version.rb +2 -1
- metadata +20 -14
checksums.yaml
ADDED
@@ -0,0 +1,7 @@
|
|
1
|
+
---
|
2
|
+
SHA1:
|
3
|
+
metadata.gz: e57a698db0528192fcbd096c38cb4236ef54869f
|
4
|
+
data.tar.gz: f4b1f130125636850f94bddd03356b35ab6678f6
|
5
|
+
SHA512:
|
6
|
+
metadata.gz: cbfc1cfc6c98a2dde96540a8f5c2f05baa01f4076e3204c49edcec5db86db752f641bb923b5f998a85e65fabe45cd1b0e05ac5074acdb71658315b1c8459f02c
|
7
|
+
data.tar.gz: 0935f7c827279516a28e56068e9b00c45c214484316f38e85ab618810dfa29811d368498a0822b8705a92bf22322946645e0bf9873e502db7f032fb294ba3665
|
data/bin/veracode
CHANGED
@@ -16,12 +16,10 @@ require 'veracode'
|
|
16
16
|
require 'veracode/version'
|
17
17
|
|
18
18
|
$options = {
|
19
|
-
:phase1 => false,
|
20
|
-
:phase2 => false,
|
21
|
-
:phase3 => true,
|
22
19
|
:archive_source => true,
|
23
20
|
:include_inherited => false,
|
24
21
|
:jruby => false,
|
22
|
+
:environment => false,
|
25
23
|
}
|
26
24
|
|
27
25
|
subcommand = ARGV.shift
|
@@ -34,22 +32,13 @@ case subcommand
|
|
34
32
|
$options[:verbose] = true
|
35
33
|
end
|
36
34
|
|
37
|
-
opts.on("-a", "--all", "Archive objects at all stages") do
|
38
|
-
$options[:phase1] = true
|
39
|
-
$options[:phase2] = true
|
40
|
-
end
|
41
|
-
|
42
|
-
opts.on("-f", "--file", "Disassemble .rb files") do
|
43
|
-
$options[:disasm] = true
|
44
|
-
end
|
45
|
-
|
46
35
|
opts.on("-j", "--jruby", "Force JRuby mode") do
|
47
36
|
$options[:jruby] = true
|
48
37
|
end
|
49
38
|
|
50
|
-
opts.on("--[no-]source", "[Don't] Include source code in archive") do |s|
|
51
|
-
|
52
|
-
end
|
39
|
+
# opts.on("--[no-]source", "[Don't] Include source code in archive") do |s|
|
40
|
+
# $options[:archive_source] = s
|
41
|
+
# end
|
53
42
|
|
54
43
|
opts.on("-D", "--debug", "Enable debug output") do
|
55
44
|
$DEBUG = true
|
@@ -73,6 +62,23 @@ case subcommand
|
|
73
62
|
" #{opts.program_name} help"
|
74
63
|
end.parse!
|
75
64
|
|
65
|
+
when "environment", "env"
|
66
|
+
$options[:environment] = true
|
67
|
+
|
68
|
+
OptionParser.new do |opts|
|
69
|
+
opts.banner = "Usage: veracode environment [options]"
|
70
|
+
|
71
|
+
opts.on("-v", "--verbose", "Run verbosely") do
|
72
|
+
$options[:verbose] = true
|
73
|
+
end
|
74
|
+
|
75
|
+
opts.on("-D", "--debug", "Enable debug output") do
|
76
|
+
$DEBUG = true
|
77
|
+
end
|
78
|
+
|
79
|
+
end.parse!
|
80
|
+
Veracode.prepare
|
81
|
+
|
76
82
|
else
|
77
83
|
$stderr.puts "#{subcommand.dump} is not a valid subcommand"
|
78
84
|
|
data/lib/veracode.rb
CHANGED
@@ -1,24 +1,35 @@
|
|
1
|
+
require 'pathname'
|
2
|
+
require 'set'
|
1
3
|
require 'zlib'
|
2
|
-
require 'zip
|
3
|
-
require
|
4
|
+
require 'zip'
|
5
|
+
require 'veracode/version'
|
6
|
+
require 'veracode/schema'
|
7
|
+
require 'veracode/gems'
|
4
8
|
|
5
9
|
module Veracode
|
6
10
|
@run_id = nil
|
11
|
+
@required_libs = Set.new
|
7
12
|
|
8
13
|
# Metadata and method disassemblies for all Modules (.txt.gz)
|
9
14
|
@disasmlog = nil
|
10
|
-
@disasmlog_filename =
|
15
|
+
@disasmlog_filename = 'disasm.txt.gz'
|
11
16
|
|
12
17
|
# Error log including capture of STDERR and any errors generated by the gem (.log)
|
13
18
|
@errorlog = nil
|
14
|
-
@errorlog_filename =
|
19
|
+
@errorlog_filename = 'error.log'
|
15
20
|
|
16
21
|
# Index file containing the names of files present in the application directory (.txt)
|
17
|
-
@index_filename =
|
22
|
+
@index_filename = 'index.txt'
|
18
23
|
|
19
24
|
# Manifest file containing original names of all files in archive (.txt)
|
20
25
|
@manifest = []
|
21
|
-
@manifest_filename =
|
26
|
+
@manifest_filename = 'manifest.txt'
|
27
|
+
|
28
|
+
# XML file containing list of gems used by application
|
29
|
+
@gems_filename = 'gems.xml'
|
30
|
+
|
31
|
+
# Archive version file containing archive format version identifier
|
32
|
+
@version_filename = 'version.txt'
|
22
33
|
|
23
34
|
# The final archive that will be uploaded to Veracode for analysis (.zip)
|
24
35
|
@archive = nil
|
@@ -29,6 +40,7 @@ module Veracode
|
|
29
40
|
def self.init
|
30
41
|
@run_id = Time.now.strftime("%Y%m%d%H%M%S")
|
31
42
|
@archive_dirname = File.join("tmp","veracode-#{@run_id}")
|
43
|
+
@required_libs.merge(["pathname", "set", "zlib", "zip/zip", "veracode"])
|
32
44
|
|
33
45
|
if !Dir.exists?("tmp")
|
34
46
|
begin
|
@@ -57,9 +69,11 @@ module Veracode
|
|
57
69
|
@disasmlog_filename = File.join(@archive_dirname, @disasmlog_filename)
|
58
70
|
@index_filename = File.join(@archive_dirname, @index_filename)
|
59
71
|
@manifest_filename = File.join(@archive_dirname, @manifest_filename)
|
72
|
+
@gems_filename = File.join(@archive_dirname, @gems_filename)
|
73
|
+
@version_filename = File.join(@archive_dirname, @version_filename)
|
60
74
|
|
61
75
|
# Try touching each of the files to be written
|
62
|
-
[@disasmlog_filename, @errorlog_filename, @index_filename, @manifest_filename].each {|f|
|
76
|
+
[@disasmlog_filename, @errorlog_filename, @index_filename, @manifest_filename, @gems_filename, @version_filename].each {|f|
|
63
77
|
begin
|
64
78
|
File.open(f, "wb") {}
|
65
79
|
rescue Exception => e
|
@@ -76,6 +90,7 @@ module Veracode
|
|
76
90
|
log_error "RUBY_DESCRIPTION: #{RUBY_DESCRIPTION}"
|
77
91
|
log_error "RAILS_VERSION: " + `rails --version`.chomp
|
78
92
|
log_error "GEM_VERSION: #{Veracode::VERSION}"
|
93
|
+
log_error "ARCHIVE_VERSION: #{Veracode::ARCHIVE_VERSION}"
|
79
94
|
log_error "PWD: #{Dir.pwd.to_s.dump}"
|
80
95
|
log_error "APP_NAME: #{APP_NAME.dump}"
|
81
96
|
log_error "RUNID: #{@run_id}"
|
@@ -86,6 +101,16 @@ module Veracode
|
|
86
101
|
STDERR.reopen(@errorlog)
|
87
102
|
end
|
88
103
|
|
104
|
+
begin
|
105
|
+
File.open(@version_filename, "wb") {|version_file|
|
106
|
+
version_file.puts Veracode::ARCHIVE_VERSION
|
107
|
+
}
|
108
|
+
rescue Exception => e
|
109
|
+
log_error "Unable to write to archive version file #{@version_filename}: #{e.message}"
|
110
|
+
end
|
111
|
+
|
112
|
+
list_gems
|
113
|
+
|
89
114
|
index_application
|
90
115
|
|
91
116
|
@manifest += Dir.glob("*").keep_if {|f| File.file?(f)}
|
@@ -128,28 +153,47 @@ module Veracode
|
|
128
153
|
}
|
129
154
|
}
|
130
155
|
rescue Exception => e
|
131
|
-
log_error e.message
|
132
|
-
|
156
|
+
log_error "Unable to write manifest file #{@manifest_filename}: #{e.message}"
|
157
|
+
puts "Unable to write manifest file #{@manifest_filename}: #{e.message}"
|
133
158
|
end
|
134
159
|
|
135
160
|
@errorlog.flush
|
136
161
|
|
137
162
|
begin
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
|
147
|
-
|
148
|
-
|
163
|
+
if Gem.loaded_specs.keys.include?("zipruby")
|
164
|
+
log_error "zipruby gem detected, using it instead of rubyzip for creating archive"
|
165
|
+
@errorlog.flush
|
166
|
+
Zip::Archive.open(@archive_filename, Zip::CREATE) { |ar|
|
167
|
+
@manifest.each { |file|
|
168
|
+
|
169
|
+
if file.start_with?(@archive_dirname)
|
170
|
+
name_in_archive = file.sub(/^#{@archive_dirname + File::SEPARATOR}/,"")
|
171
|
+
else
|
172
|
+
name_in_archive = File.join(APP_NAME, file)
|
173
|
+
end
|
174
|
+
|
175
|
+
puts "Adding #{file} to archive as #{name_in_archive}" if $options[:verbose]
|
176
|
+
ar.add_file(name_in_archive, file)
|
177
|
+
}
|
149
178
|
}
|
150
|
-
|
179
|
+
else
|
180
|
+
Zip::File.open(@archive_filename, Zip::File::CREATE) { |zf|
|
181
|
+
@manifest.each { |file|
|
182
|
+
|
183
|
+
if file.start_with?(@archive_dirname)
|
184
|
+
name_in_archive = file.sub(/^#{@archive_dirname + File::SEPARATOR}/,"")
|
185
|
+
else
|
186
|
+
name_in_archive = File.join(APP_NAME, file)
|
187
|
+
end
|
188
|
+
|
189
|
+
puts "Adding #{file} to archive as #{name_in_archive}" if $options[:verbose]
|
190
|
+
zf.add(name_in_archive, file)
|
191
|
+
}
|
192
|
+
}
|
193
|
+
end
|
151
194
|
rescue Exception => e
|
152
|
-
|
195
|
+
log_error "Unable to create archive #{@manifest_filename}: #{e.message}"
|
196
|
+
puts "Unable to create archive #{@manifest_filename}: #{e.message}"
|
153
197
|
exit
|
154
198
|
end
|
155
199
|
|
@@ -157,7 +201,7 @@ module Veracode
|
|
157
201
|
end
|
158
202
|
|
159
203
|
def self.cleanup
|
160
|
-
[@disasmlog_filename, @errorlog_filename, @index_filename, @manifest_filename].each {|f|
|
204
|
+
[@disasmlog_filename, @errorlog_filename, @index_filename, @manifest_filename, @gems_filename, @version_filename].each {|f|
|
161
205
|
begin
|
162
206
|
File.delete(f)
|
163
207
|
rescue Exception => e
|
@@ -200,20 +244,33 @@ module Veracode
|
|
200
244
|
|
201
245
|
##############################################################################
|
202
246
|
# Helpers
|
247
|
+
def self.cond_require(lib)
|
248
|
+
if @required_libs.add?(lib)
|
249
|
+
return require lib
|
250
|
+
end
|
251
|
+
return false
|
252
|
+
end
|
253
|
+
|
203
254
|
def self.glob_require(files)
|
255
|
+
any_new = false
|
256
|
+
total, count = 0, 0
|
204
257
|
Dir.glob(files) do |f|
|
205
258
|
print "Requiring #{f.to_s} " if $options[:verbose]
|
206
259
|
|
207
260
|
begin
|
208
|
-
require File.expand_path(f)
|
261
|
+
required = require File.expand_path(f)
|
209
262
|
rescue Exception => e
|
210
263
|
puts "(failed: #{e.message})" if $options[:verbose]
|
211
264
|
log_error "Unable to require #{File.expand_path(f).to_s.dump} (#{e.message})"
|
212
265
|
else
|
213
|
-
puts "(OK)" if $options[:verbose]
|
266
|
+
puts "(OK: #{(required ? "required" : "already required")})" if $options[:verbose]
|
214
267
|
end
|
215
|
-
|
268
|
+
any_new |= required
|
269
|
+
total += 1
|
270
|
+
count += 1 if required
|
216
271
|
end
|
272
|
+
puts "#{count}/#{total} files were required" if $options[:verbose]
|
273
|
+
any_new
|
217
274
|
end
|
218
275
|
|
219
276
|
def self.safe_name(o)
|
@@ -221,7 +278,11 @@ module Veracode
|
|
221
278
|
when o == ActiveSupport::TimeWithZone
|
222
279
|
"ActiveSupport::TimeWithZone"
|
223
280
|
when o.is_a?(Module)
|
224
|
-
|
281
|
+
begin
|
282
|
+
( o.name.nil? ? o.to_s : o.name.to_s )
|
283
|
+
rescue
|
284
|
+
o.to_s
|
285
|
+
end
|
225
286
|
when o.is_a?(Method), o.is_a?(UnboundMethod)
|
226
287
|
o.name.to_s
|
227
288
|
else
|
@@ -286,7 +347,13 @@ module Veracode
|
|
286
347
|
def self.prepare_archive
|
287
348
|
@disasmlog = Zlib::GzipWriter.new(File.open(@disasmlog_filename, "wb"), nil, nil)
|
288
349
|
@disasmlog.puts "#{RUBY_ENGINE}-#{RUBY_VERSION}-p#{RUBY_PATCHLEVEL}"
|
289
|
-
|
350
|
+
if $options[:environment]
|
351
|
+
@disasmlog.puts "# EnvironmentDef %s-%s_rails-%s" % [RUBY_ENGINE, RUBY_VERSION, Rails.version]
|
352
|
+
else
|
353
|
+
@disasmlog.puts "# Environment %s-%s_rails-%s" % [RUBY_ENGINE, RUBY_VERSION, Rails.version]
|
354
|
+
end
|
355
|
+
@disasmlog.puts "# Ruby #{RUBY_ENGINE}-#{RUBY_VERSION}"
|
356
|
+
@disasmlog.puts "# Rails #{Rails.version}"
|
290
357
|
@disasmlog.puts
|
291
358
|
end
|
292
359
|
|
@@ -363,7 +430,7 @@ module Veracode
|
|
363
430
|
m.included_modules.map {|m| "include #{m.inspect.dump}\n" }.join :
|
364
431
|
""
|
365
432
|
) +
|
366
|
-
( m.singleton_class.included_modules.count > 0 ?
|
433
|
+
( m.respond_to?(:singleton_class) && m.singleton_class.included_modules.count > 0 ?
|
367
434
|
m.singleton_class.included_modules.map {|m| "extend #{m.inspect.dump}\n" }.join :
|
368
435
|
""
|
369
436
|
)
|
@@ -399,23 +466,26 @@ module Veracode
|
|
399
466
|
end
|
400
467
|
end
|
401
468
|
|
402
|
-
|
403
|
-
m
|
404
|
-
|
405
|
-
|
406
|
-
|
407
|
-
|
408
|
-
|
409
|
-
|
410
|
-
|
411
|
-
|
469
|
+
begin
|
470
|
+
if m == Kernel
|
471
|
+
m.global_variables.each do |v_symbol|
|
472
|
+
begin
|
473
|
+
v = eval(v_symbol.to_s)
|
474
|
+
formatted_contents += format_variable(v_symbol, v, "global")
|
475
|
+
rescue Exception => e
|
476
|
+
log_error "Error archiving global variable #{v_symbol.to_s.dump}: #{e.message}"
|
477
|
+
formatted_contents += format_variable(v_symbol, :veracode_nil, "global")
|
478
|
+
end
|
479
|
+
end
|
412
480
|
end
|
481
|
+
rescue Exception => e
|
482
|
+
# m.respond_to?(:global_variables) was throwing exceptions
|
413
483
|
end
|
414
484
|
|
415
485
|
%w[ public protected private ].each {|p|
|
416
486
|
get_methods = (p + "_instance_methods").to_sym
|
417
|
-
if m.respond_to?(get_methods) && m.
|
418
|
-
m.
|
487
|
+
if m.respond_to?(get_methods) && m.__send__(get_methods, $options[:include_inherited]).count > 0
|
488
|
+
m.__send__(get_methods, $options[:include_inherited]).each do |m_symbol|
|
419
489
|
begin
|
420
490
|
method = m.instance_method(m_symbol)
|
421
491
|
formatted_contents += format_method(method, "#{p.to_s}_instance", with_disasm)
|
@@ -467,7 +537,12 @@ module Veracode
|
|
467
537
|
# Archiving Objects
|
468
538
|
def self.archive(objects, with_disasm=true)
|
469
539
|
|
470
|
-
objects = objects - [
|
540
|
+
objects = objects - [
|
541
|
+
Veracode,
|
542
|
+
Veracode::ActiveRecord,
|
543
|
+
Veracode::ActiveRecord::Model,
|
544
|
+
Veracode::ActiveRecord::Schema,
|
545
|
+
]
|
471
546
|
|
472
547
|
if $options[:verbose]
|
473
548
|
puts "Archiving #{objects.count.to_s} objects" + (with_disasm ? " with disassembly" : "")
|
@@ -493,27 +568,11 @@ module Veracode
|
|
493
568
|
end
|
494
569
|
|
495
570
|
|
496
|
-
def self.archive_schema
|
497
|
-
puts "Archiving schema information" if $options[:verbose]
|
498
|
-
schema_file = File.join("db", "schema.rb")
|
499
|
-
begin
|
500
|
-
add_to_archive %Q|module "Veracode::Schema"\n| +
|
501
|
-
%Q|singleton_method "main" []\n| +
|
502
|
-
RubyVM::InstructionSequence.compile_file(schema_file).disasm +
|
503
|
-
%Q|== end disasm\n| +
|
504
|
-
%Q|endmodule\n\n|
|
505
|
-
rescue Exception => e
|
506
|
-
puts "Unable to retrieve schema information from 'db/schema.rb'. Are your migrations up to date?"
|
507
|
-
log_error "Unable to archive 'db/schema.rb' (#{e.message})"
|
508
|
-
end
|
509
|
-
end
|
510
|
-
|
511
|
-
|
512
571
|
def self.compile_templates
|
513
572
|
|
514
573
|
begin
|
515
|
-
|
516
|
-
|
574
|
+
cond_require 'action_view' unless defined? ActionView
|
575
|
+
cond_require 'action_controller' unless defined? ActionController
|
517
576
|
rescue Exception => e
|
518
577
|
log_error "Unable to satisfy haml dependencies (#{e.message})"
|
519
578
|
return
|
@@ -536,12 +595,13 @@ module Veracode
|
|
536
595
|
return unless templates.count > 0
|
537
596
|
|
538
597
|
puts "Found #{templates.count} templates" if $options[:verbose]
|
598
|
+
log_error "Found #{templates.count} templates"
|
539
599
|
|
540
600
|
haml_templates = templates.grep(/\.haml$/)
|
541
601
|
if haml_templates.any?
|
542
602
|
begin
|
543
|
-
|
544
|
-
|
603
|
+
cond_require 'haml' unless defined? Haml
|
604
|
+
cond_require 'haml/template/plugin' unless defined? Haml::Plugin
|
545
605
|
rescue Exception => e
|
546
606
|
puts "Unable to satisfy haml dependencies"
|
547
607
|
log_error "Unable to satisfy haml dependencies (#{e.message})"
|
@@ -558,13 +618,16 @@ module Veracode
|
|
558
618
|
puts "Compiling template #{template}" if $options[:verbose]
|
559
619
|
|
560
620
|
begin
|
621
|
+
# This render will fail, but will trigger compilation of template
|
561
622
|
view.render(:file => template)
|
562
623
|
rescue Exception => e
|
563
624
|
log_error "Compiled template #{template} #{e.message}"
|
564
625
|
end
|
565
626
|
}
|
566
627
|
|
567
|
-
puts "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates
|
628
|
+
puts "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates" if $options[:verbose]
|
629
|
+
log_error "Compiled #{ActionView::CompiledTemplates.instance_methods.count.to_s} templates"
|
630
|
+
log_error "Not all templates were compiled" if ActionView::CompiledTemplates.instance_methods.count < templates.count
|
568
631
|
end
|
569
632
|
|
570
633
|
def self.compile_erb_templates
|
@@ -639,9 +702,9 @@ module Veracode
|
|
639
702
|
return unless templates.count > 0
|
640
703
|
|
641
704
|
begin
|
642
|
-
|
643
|
-
|
644
|
-
|
705
|
+
cond_require 'action_view'
|
706
|
+
cond_require 'haml'
|
707
|
+
cond_require 'haml/template/plugin'
|
645
708
|
rescue Exception => e
|
646
709
|
log_error "Unable to satisfy haml dependencies (#{e.message})"
|
647
710
|
return
|
@@ -680,6 +743,59 @@ module Veracode
|
|
680
743
|
|
681
744
|
end
|
682
745
|
|
746
|
+
def self.require_libs(lib_paths)
|
747
|
+
for lib_path in lib_paths
|
748
|
+
dirsToProcess = [Pathname(lib_path)]
|
749
|
+
until dirsToProcess.count == 0 || !Dir.exists?(dirsToProcess[0])
|
750
|
+
currentDir = dirsToProcess.delete_at(0)
|
751
|
+
for child in currentDir.children
|
752
|
+
if child.directory?
|
753
|
+
dirsToProcess[dirsToProcess.count] = child
|
754
|
+
base = child.to_s.partition("#{lib_path}/")[2]
|
755
|
+
lib = ""
|
756
|
+
for part in base.split('/').reverse
|
757
|
+
lib = "#{part}/#{lib}"
|
758
|
+
lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
|
759
|
+
begin
|
760
|
+
if cond_require lib
|
761
|
+
puts "requiring #{lib}" if $options[:verbose]
|
762
|
+
end
|
763
|
+
rescue Exception => e
|
764
|
+
end
|
765
|
+
end
|
766
|
+
end
|
767
|
+
end
|
768
|
+
end
|
769
|
+
end
|
770
|
+
end
|
771
|
+
|
772
|
+
def self.require_rails(gemdir)
|
773
|
+
dirsToProcess = [Pathname(gemdir)]
|
774
|
+
until dirsToProcess.count == 0
|
775
|
+
currentDir = dirsToProcess.delete_at(0)
|
776
|
+
for child in currentDir.children
|
777
|
+
if child.directory?
|
778
|
+
dirsToProcess[dirsToProcess.count] = child
|
779
|
+
end
|
780
|
+
base = child.to_s.partition("#{gemdir}/")[2]
|
781
|
+
if base.index("action_controller") != nil || base.index("action_view") != nil || base.index("active_record") != nil
|
782
|
+
lib = ""
|
783
|
+
for part in base.split('/').reverse
|
784
|
+
lib = "#{part}/#{lib}"
|
785
|
+
lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
|
786
|
+
lib.chomp!(File.extname(lib))
|
787
|
+
begin
|
788
|
+
if cond_require lib
|
789
|
+
puts "requiring #{lib}" if $options[:verbose]
|
790
|
+
end
|
791
|
+
rescue Exception => e
|
792
|
+
end
|
793
|
+
end
|
794
|
+
end
|
795
|
+
end
|
796
|
+
end
|
797
|
+
end
|
798
|
+
|
683
799
|
|
684
800
|
|
685
801
|
|
@@ -697,16 +813,6 @@ module Veracode
|
|
697
813
|
puts
|
698
814
|
end
|
699
815
|
|
700
|
-
if $options[:disasm]
|
701
|
-
rbfiles = File.join("**", "*.rb")
|
702
|
-
Dir[rbfiles].each do |f|
|
703
|
-
puts RubyVM::InstructionSequence.compile_file(f).disasm
|
704
|
-
puts
|
705
|
-
end
|
706
|
-
exit
|
707
|
-
end
|
708
|
-
|
709
|
-
prepare_archive
|
710
816
|
|
711
817
|
################################################################
|
712
818
|
## phase 1 - Create baseline
|
@@ -715,10 +821,6 @@ module Veracode
|
|
715
821
|
puts "Phase 1 - Initial State" if $options[:verbose]
|
716
822
|
self.stats if $options[:verbose]
|
717
823
|
|
718
|
-
if $options[:phase1]
|
719
|
-
puts "Processing and disassembling Ruby standard classes and modules"
|
720
|
-
archive(@modules)
|
721
|
-
end
|
722
824
|
## /phase 1 - Create baseline
|
723
825
|
################################################################
|
724
826
|
|
@@ -729,10 +831,7 @@ module Veracode
|
|
729
831
|
|
730
832
|
puts "Phase 2 - Load Rails" if $options[:verbose]
|
731
833
|
begin
|
732
|
-
require "rails"
|
733
|
-
require 'action_controller'
|
734
|
-
require 'action_view'
|
735
|
-
require 'active_record'
|
834
|
+
require "rails/all"
|
736
835
|
rescue Exception => e
|
737
836
|
puts "Unable to require rails: #{e.message}"
|
738
837
|
log_error "Unable to require rails: #{e.message}"
|
@@ -741,26 +840,6 @@ module Veracode
|
|
741
840
|
puts "Required rails" if $options[:verbose]
|
742
841
|
end
|
743
842
|
|
744
|
-
self.update
|
745
|
-
|
746
|
-
self.stats if $options[:verbose]
|
747
|
-
|
748
|
-
if $options[:phase2]
|
749
|
-
puts "Processing and disassembling Rails classes and modules"
|
750
|
-
archive(@modules)
|
751
|
-
end
|
752
|
-
|
753
|
-
self.rebaseline
|
754
|
-
## /phase 2 - Require rails
|
755
|
-
################################################################
|
756
|
-
|
757
|
-
|
758
|
-
|
759
|
-
################################################################
|
760
|
-
# phase 3 - require app
|
761
|
-
|
762
|
-
puts "Phase 3 - Imitate Rails" if $options[:verbose]
|
763
|
-
|
764
843
|
## Imitate script/rails
|
765
844
|
# APP_PATH = File.expand_path('config/application')
|
766
845
|
# APP_PATH is already set in bin/veracode
|
@@ -774,7 +853,7 @@ module Veracode
|
|
774
853
|
# require 'rails/commands'
|
775
854
|
|
776
855
|
## Imitate rails/commands when console
|
777
|
-
|
856
|
+
cond_require 'rails/commands/console.rb'
|
778
857
|
# require APP_PATH # => config/application.rb
|
779
858
|
|
780
859
|
glob_require "config/application.rb"
|
@@ -785,32 +864,66 @@ module Veracode
|
|
785
864
|
|
786
865
|
# Imitate Rails::Console.initialize_console
|
787
866
|
# require "pp"
|
788
|
-
|
789
|
-
|
867
|
+
cond_require "rails/console/app.rb"
|
868
|
+
cond_require "rails/console/helpers.rb"
|
790
869
|
|
791
|
-
|
792
|
-
|
793
|
-
|
794
|
-
|
870
|
+
if $options[:environment]
|
871
|
+
@stdlib = $:
|
872
|
+
@gemdir = Gem.dir
|
873
|
+
|
874
|
+
require_libs(@stdlib)
|
875
|
+
require_rails(@gemdir)
|
876
|
+
end
|
877
|
+
|
878
|
+
self.rebaseline
|
879
|
+
|
880
|
+
self.stats if $options[:verbose]
|
881
|
+
|
882
|
+
## /phase 2 - Require rails
|
883
|
+
################################################################
|
884
|
+
|
885
|
+
|
886
|
+
|
887
|
+
################################################################
|
888
|
+
# phase 3 - require app
|
889
|
+
|
890
|
+
puts "Phase 3 - Imitate Rails" if $options[:verbose]
|
891
|
+
|
892
|
+
any_new = true
|
893
|
+
while any_new
|
894
|
+
any_new = false
|
895
|
+
any_new |= glob_require "lib/**/*.rb"
|
896
|
+
any_new |= glob_require "app/**/*.rb"
|
897
|
+
puts "new successful requires? #{any_new.to_s}" if $options[:verbose]
|
898
|
+
end
|
795
899
|
|
796
900
|
compile_templates
|
797
901
|
|
798
902
|
self.update
|
799
903
|
self.stats if $options[:verbose]
|
800
904
|
|
801
|
-
|
802
|
-
|
905
|
+
# Ensure compiled templates are fully disassembled in archive
|
906
|
+
@baseline_modules.delete(ActionView::CompiledTemplates)
|
907
|
+
|
908
|
+
if $options[:environment]
|
909
|
+
puts "Processing and disassembling environment"
|
910
|
+
archive(@modules.reject {|o| safe_name(o) =~ /^#<(Class|Module):0x[0-9a-f]+>/i }
|
911
|
+
.reject {|o| safe_name(o) =~ /^Veracode/ }
|
912
|
+
.reject {|o| safe_name(o) =~ /^EmptyRails/ }
|
913
|
+
.reject {|o| safe_name(o) =~ /^ActionView::CompiledTemplates$/ }, false)
|
914
|
+
else
|
915
|
+
puts "Processing Ruby and Rails classes and modules"
|
803
916
|
archive(@baseline_modules, false)
|
917
|
+
add_to_archive "\n# Phase 3 - App disassembly\n"
|
918
|
+
puts "Processing and disassembling #{APP_NAME} classes and modules"
|
804
919
|
archive(@modules - @baseline_modules, true)
|
920
|
+
archive_schema
|
805
921
|
end
|
806
922
|
|
807
|
-
archive_schema
|
808
|
-
|
809
923
|
## /phase 3 - require app
|
810
924
|
################################################################
|
811
925
|
|
812
926
|
finalize_archive
|
813
|
-
|
814
927
|
pack_manifest
|
815
928
|
cleanup
|
816
929
|
|
@@ -0,0 +1,49 @@
|
|
1
|
+
module Veracode
|
2
|
+
SupportedGems = %w{
|
3
|
+
actionmailer
|
4
|
+
actionpack
|
5
|
+
activemodel
|
6
|
+
activerecord
|
7
|
+
activeresource
|
8
|
+
activesupport
|
9
|
+
arel
|
10
|
+
builder
|
11
|
+
erubis
|
12
|
+
haml
|
13
|
+
haml-rails
|
14
|
+
rails
|
15
|
+
railties
|
16
|
+
veracode
|
17
|
+
}
|
18
|
+
|
19
|
+
def self.list_gems
|
20
|
+
|
21
|
+
gems = `bundle list`.each_line
|
22
|
+
.reject {|line| line !~ /^ \* /}
|
23
|
+
.map {|line| line[4..-1]}
|
24
|
+
.map {|line| line.split.first}
|
25
|
+
|
26
|
+
begin
|
27
|
+
File.open(@gems_filename, "wb") {|gems_file|
|
28
|
+
gems_file.puts '<messages>'
|
29
|
+
gems.each {|gem|
|
30
|
+
gems_file << <<GEMS_XML
|
31
|
+
<message>
|
32
|
+
<platform>ruby</platform>
|
33
|
+
<name>#{gem}</name>
|
34
|
+
<detailed_message>#{gem}</detailed_message>
|
35
|
+
<token>#{gem}</token>
|
36
|
+
<package>rubygem.#{gem}</package>
|
37
|
+
<errorlevel>#{(SupportedGems.include?(gem) ? "info" : "warn" )}</errorlevel>
|
38
|
+
<type>framework_unsupported</type>
|
39
|
+
</message>
|
40
|
+
GEMS_XML
|
41
|
+
}
|
42
|
+
gems_file.puts '</messages>'
|
43
|
+
}
|
44
|
+
rescue Exception => e
|
45
|
+
log_error "Unable to write to gem list to file #{@gems_filename}: #{e.message}"
|
46
|
+
end
|
47
|
+
|
48
|
+
end
|
49
|
+
end
|
@@ -0,0 +1,104 @@
|
|
1
|
+
module Veracode
|
2
|
+
module ActiveRecord
|
3
|
+
class Model
|
4
|
+
|
5
|
+
attr_reader :name, :attributes
|
6
|
+
|
7
|
+
def initialize(name)
|
8
|
+
@name = name
|
9
|
+
@attributes = Array.new
|
10
|
+
end
|
11
|
+
|
12
|
+
%w(
|
13
|
+
binary boolean date datetime decimal float integer primary_key string text time timestamp
|
14
|
+
).map(&:to_sym).each do |meth|
|
15
|
+
define_method(meth) do |name, *rest|
|
16
|
+
@attributes << [name, meth]
|
17
|
+
end
|
18
|
+
end
|
19
|
+
|
20
|
+
end
|
21
|
+
|
22
|
+
class Schema
|
23
|
+
|
24
|
+
def self.define(info={}, &block)
|
25
|
+
Schema.new.instance_eval(&block)
|
26
|
+
end
|
27
|
+
|
28
|
+
def create_table(name, options={})
|
29
|
+
td = Model.new(name)
|
30
|
+
td.integer('id')
|
31
|
+
yield td if block_given?
|
32
|
+
Veracode.add_to_archive Veracode.format_variable("@@#{td.name}", td.attributes, 'class')
|
33
|
+
end
|
34
|
+
|
35
|
+
# ActiveRecord::ConnectionAdapters::SchemaStatements
|
36
|
+
# http://api.rubyonrails.org/classes/ActiveRecord/ConnectionAdapters/SchemaStatements.html
|
37
|
+
def add_column(table_name, column_name, type, options = {}) ; end
|
38
|
+
def add_index(table_name, column_name, options = {}) ; end
|
39
|
+
def add_index_options(table_name, column_name, options = {}) ; end
|
40
|
+
def add_index_sort_order(option_strings, column_names, options = {}) ; end
|
41
|
+
def add_timestamps(table_name) ; end
|
42
|
+
|
43
|
+
# ActiveRecord::ConnectionAdapters::OracleEnhancedSchemaStatementsExt
|
44
|
+
# http://rubydoc.info/gems/activerecord-oracle_enhanced-adapter/ActiveRecord/ConnectionAdapters/OracleEnhancedSchemaStatementsExt
|
45
|
+
def add_foreign_key(from_table, to_table, options = {})
|
46
|
+
Veracode::log_error "schema.rb: ActiveRecord::ConnectionAdapters::OracleEnhancedSchemaStatementsExt#add_foreign_key called"
|
47
|
+
end
|
48
|
+
def add_primary_key_trigger(table_name, options = {})
|
49
|
+
Veracode::log_error "schema.rb: ActiveRecord::ConnectionAdapters::OracleEnhancedSchemaStatementsExt#add_primary_key_trigger called"
|
50
|
+
end
|
51
|
+
def add_synonym(name, table_name, options = {})
|
52
|
+
Veracode::log_error "schema.rb: ActiveRecord::ConnectionAdapters::OracleEnhancedSchemaStatementsExt#add_synonym called"
|
53
|
+
end
|
54
|
+
# def disable_referential_integrity(&block) ; end
|
55
|
+
# def foreign_key_definition(to_table, options = {}) ; end
|
56
|
+
# def foreign_keys(table_name) ; end
|
57
|
+
# def remove_foreign_key(from_table, options) ; end
|
58
|
+
# def remove_synonym(name) ; end
|
59
|
+
# def supports_foreign_keys? ; end
|
60
|
+
# def synonyms ; end
|
61
|
+
|
62
|
+
# TODO: Return only if real receiver would respond to method
|
63
|
+
# def method_missing(meth, *args, &block)
|
64
|
+
# if ActiveRecord::ConnectionAdapters::AbstractAdapter.instance_methods.include?(meth)
|
65
|
+
# log_error "Unhandled method: #{meth} args: #{args.to_s}"
|
66
|
+
# nil
|
67
|
+
# else
|
68
|
+
# super
|
69
|
+
# end
|
70
|
+
# end
|
71
|
+
# def respond_to_everything(meth)
|
72
|
+
# log_error "Unhandled respond_to? for: #{meth}" unless really_respond_to?(meth)
|
73
|
+
# true
|
74
|
+
# end
|
75
|
+
# alias_method :really_respond_to?, :respond_to?
|
76
|
+
# alias_method :respond_to?, :respond_to_everything
|
77
|
+
end
|
78
|
+
end
|
79
|
+
|
80
|
+
def self.archive_schema
|
81
|
+
puts "Evaluating and archiving schema information"
|
82
|
+
schema_file = File.join("db", "schema.rb")
|
83
|
+
|
84
|
+
begin
|
85
|
+
schema = 'Veracode::' + File.read(schema_file).each_line.reject {|l| l =~ /^\s*#/}.join
|
86
|
+
rescue Exception => e
|
87
|
+
puts "Unable to retrieve schema information from 'db/schema.rb'. Are your migrations up to date?"
|
88
|
+
log_error "Unable to retrieve schema from 'db/schema.rb' (#{e.message})"
|
89
|
+
add_to_archive %Q|module "Veracode::Schema"\n|
|
90
|
+
add_to_archive %Q|endmodule\n\n|
|
91
|
+
return
|
92
|
+
end
|
93
|
+
|
94
|
+
add_to_archive %Q|module "Veracode::Schema"\n|
|
95
|
+
begin
|
96
|
+
eval(schema)
|
97
|
+
rescue Exception => e
|
98
|
+
puts "Unable to evaluate schema information from 'db/schema.rb'. (#{e.message})"
|
99
|
+
log_error "Unable to evaluate 'db/schema.rb' (#{e.message})"
|
100
|
+
end
|
101
|
+
add_to_archive %Q|endmodule\n\n|
|
102
|
+
end
|
103
|
+
|
104
|
+
end
|
data/lib/veracode/version.rb
CHANGED
metadata
CHANGED
@@ -1,27 +1,29 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: veracode
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 1.0.0.
|
5
|
-
prerelease: 6
|
4
|
+
version: 1.0.0.alpha7
|
6
5
|
platform: ruby
|
7
6
|
authors:
|
8
7
|
- Veracode
|
9
8
|
autorequire:
|
10
9
|
bindir: bin
|
11
10
|
cert_chain: []
|
12
|
-
date:
|
11
|
+
date: 2015-12-10 00:00:00.000000000 Z
|
13
12
|
dependencies:
|
14
13
|
- !ruby/object:Gem::Dependency
|
15
14
|
name: rubyzip
|
16
|
-
requirement:
|
17
|
-
none: false
|
15
|
+
requirement: !ruby/object:Gem::Requirement
|
18
16
|
requirements:
|
19
|
-
- -
|
17
|
+
- - '>='
|
20
18
|
- !ruby/object:Gem::Version
|
21
|
-
version: '0'
|
19
|
+
version: '1.0'
|
22
20
|
type: :runtime
|
23
21
|
prerelease: false
|
24
|
-
version_requirements:
|
22
|
+
version_requirements: !ruby/object:Gem::Requirement
|
23
|
+
requirements:
|
24
|
+
- - '>='
|
25
|
+
- !ruby/object:Gem::Version
|
26
|
+
version: '1.0'
|
25
27
|
description: Prepares your Ruby on Rails app for submission to Veracode.
|
26
28
|
email: devcontact@veracode.com
|
27
29
|
executables:
|
@@ -31,30 +33,34 @@ extra_rdoc_files: []
|
|
31
33
|
files:
|
32
34
|
- bin/veracode
|
33
35
|
- lib/veracode.rb
|
36
|
+
- lib/veracode/gems.rb
|
37
|
+
- lib/veracode/schema.rb
|
34
38
|
- lib/veracode/version.rb
|
35
39
|
homepage: http://veracode.com/
|
36
40
|
licenses: []
|
41
|
+
metadata: {}
|
37
42
|
post_install_message:
|
38
43
|
rdoc_options: []
|
39
44
|
require_paths:
|
40
45
|
- lib
|
41
46
|
required_ruby_version: !ruby/object:Gem::Requirement
|
42
|
-
none: false
|
43
47
|
requirements:
|
44
|
-
- -
|
48
|
+
- - '>='
|
45
49
|
- !ruby/object:Gem::Version
|
46
50
|
version: 1.9.3.0
|
51
|
+
- - <
|
52
|
+
- !ruby/object:Gem::Version
|
53
|
+
version: 2.2.0
|
47
54
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
48
|
-
none: false
|
49
55
|
requirements:
|
50
|
-
- -
|
56
|
+
- - '>'
|
51
57
|
- !ruby/object:Gem::Version
|
52
58
|
version: 1.3.1
|
53
59
|
requirements: []
|
54
60
|
rubyforge_project:
|
55
|
-
rubygems_version:
|
61
|
+
rubygems_version: 2.0.14
|
56
62
|
signing_key:
|
57
|
-
specification_version:
|
63
|
+
specification_version: 4
|
58
64
|
summary: Command line tool for preparing your Ruby on Rails app for submission to
|
59
65
|
Veracode
|
60
66
|
test_files: []
|