veracode 1.0.0.alpha4 → 1.0.0.alpha5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (5) hide show
  1. checksums.yaml +7 -0
  2. data/bin/veracode +15 -21
  3. data/lib/veracode.rb +118 -121
  4. data/lib/veracode/version.rb +1 -1
  5. metadata +18 -14
checksums.yaml ADDED
@@ -0,0 +1,7 @@
1
+ ---
2
+ SHA1:
3
+ metadata.gz: d91e291f1416313582f7940e2ea550556669a4dc
4
+ data.tar.gz: c2c9d0fe5c9671bbcedb2056f341ce3c267e4c13
5
+ SHA512:
6
+ metadata.gz: 4d6676d8f9202fa910494d4b9a25883363ff648af5640ff0205ee4b4bb531a94d776195c79d36ae05740676c5a1a0df048257904fe772da460b2657b01733810
7
+ data.tar.gz: 408f07407d266ed5b6f859c9d46b4a01944a3aa6797934ed4b42b7c25c9cff6f7c09103057d4f3b0bad3c03fa7d58d1210da1ce210ac535fbd9baa932fedc576
data/bin/veracode CHANGED
@@ -16,10 +16,12 @@ require 'veracode'
16
16
  require 'veracode/version'
17
17
 
18
18
  $options = {
19
+ :phase1 => false,
20
+ :phase2 => false,
21
+ :phase3 => true,
19
22
  :archive_source => true,
20
23
  :include_inherited => false,
21
24
  :jruby => false,
22
- :environment => false,
23
25
  }
24
26
 
25
27
  subcommand = ARGV.shift
@@ -32,13 +34,22 @@ case subcommand
32
34
  $options[:verbose] = true
33
35
  end
34
36
 
37
+ opts.on("-a", "--all", "Archive objects at all stages") do
38
+ $options[:phase1] = true
39
+ $options[:phase2] = true
40
+ end
41
+
42
+ opts.on("-f", "--file", "Disassemble .rb files") do
43
+ $options[:disasm] = true
44
+ end
45
+
35
46
  opts.on("-j", "--jruby", "Force JRuby mode") do
36
47
  $options[:jruby] = true
37
48
  end
38
49
 
39
- # opts.on("--[no-]source", "[Don't] Include source code in archive") do |s|
40
- # $options[:archive_source] = s
41
- # end
50
+ opts.on("--[no-]source", "[Don't] Include source code in archive") do |s|
51
+ $options[:archive_source] = s
52
+ end
42
53
 
43
54
  opts.on("-D", "--debug", "Enable debug output") do
44
55
  $DEBUG = true
@@ -62,23 +73,6 @@ case subcommand
62
73
  " #{opts.program_name} help"
63
74
  end.parse!
64
75
 
65
- when "environment", "env"
66
- $options[:environment] = true
67
-
68
- OptionParser.new do |opts|
69
- opts.banner = "Usage: veracode environment [options]"
70
-
71
- opts.on("-v", "--verbose", "Run verbosely") do
72
- $options[:verbose] = true
73
- end
74
-
75
- opts.on("-D", "--debug", "Enable debug output") do
76
- $DEBUG = true
77
- end
78
-
79
- end.parse!
80
- Veracode.prepare
81
-
82
76
  else
83
77
  $stderr.puts "#{subcommand.dump} is not a valid subcommand"
84
78
 
data/lib/veracode.rb CHANGED
@@ -1,7 +1,7 @@
1
1
  require 'pathname'
2
2
  require 'set'
3
3
  require 'zlib'
4
- require 'zip/zip'
4
+ require 'zip'
5
5
  require 'veracode/version'
6
6
  require 'veracode/schema'
7
7
  require 'veracode/gems'
@@ -36,7 +36,6 @@ module Veracode
36
36
  @archive_filename = nil
37
37
  @archive_dirname = nil
38
38
 
39
-
40
39
  def self.init
41
40
  @run_id = Time.now.strftime("%Y%m%d%H%M%S")
42
41
  @archive_dirname = File.join("tmp","veracode-#{@run_id}")
@@ -160,7 +159,7 @@ module Veracode
160
159
  @errorlog.flush
161
160
 
162
161
  begin
163
- Zip::ZipFile.open(@archive_filename, Zip::ZipFile::CREATE) { |zf|
162
+ Zip::File.open(@archive_filename, Zip::File::CREATE) { |zf|
164
163
  @manifest.each {|file|
165
164
 
166
165
  if file.start_with?(@archive_dirname)
@@ -234,24 +233,20 @@ module Veracode
234
233
 
235
234
  def self.glob_require(files)
236
235
  any_new = false
237
- total, count = 0, 0
238
236
  Dir.glob(files) do |f|
239
237
  print "Requiring #{f.to_s} " if $options[:verbose]
240
238
 
241
239
  begin
242
- required = require File.expand_path(f)
240
+ any_new |= cond_require File.expand_path(f)
243
241
  rescue Exception => e
244
242
  puts "(failed: #{e.message})" if $options[:verbose]
245
243
  log_error "Unable to require #{File.expand_path(f).to_s.dump} (#{e.message})"
246
244
  else
247
- puts "(OK: #{(required ? "required" : "already required")})" if $options[:verbose]
245
+ puts "(OK)" if $options[:verbose]
248
246
  end
249
- any_new |= required
250
- total += 1
251
- count += 1 if required
247
+
252
248
  end
253
- puts "#{count}/#{total} files were required" if $options[:verbose]
254
- any_new
249
+ return any_new
255
250
  end
256
251
 
257
252
  def self.safe_name(o)
@@ -259,11 +254,7 @@ module Veracode
259
254
  when o == ActiveSupport::TimeWithZone
260
255
  "ActiveSupport::TimeWithZone"
261
256
  when o.is_a?(Module)
262
- begin
263
- ( o.name.nil? ? o.to_s : o.name.to_s )
264
- rescue
265
- o.to_s
266
- end
257
+ ( o.name.nil? ? o.to_s : o.name )
267
258
  when o.is_a?(Method), o.is_a?(UnboundMethod)
268
259
  o.name.to_s
269
260
  else
@@ -328,13 +319,7 @@ module Veracode
328
319
  def self.prepare_archive
329
320
  @disasmlog = Zlib::GzipWriter.new(File.open(@disasmlog_filename, "wb"), nil, nil)
330
321
  @disasmlog.puts "#{RUBY_ENGINE}-#{RUBY_VERSION}-p#{RUBY_PATCHLEVEL}"
331
- if $options[:environment]
332
- @disasmlog.puts "# EnvironmentDef %s-%s_rails-%s" % [RUBY_ENGINE, RUBY_VERSION, Rails.version]
333
- else
334
- @disasmlog.puts "# Environment %s-%s_rails-%s" % [RUBY_ENGINE, RUBY_VERSION, Rails.version]
335
- end
336
- @disasmlog.puts "# Ruby #{RUBY_ENGINE}-#{RUBY_VERSION}"
337
- @disasmlog.puts "# Rails #{Rails.version}"
322
+ @disasmlog.puts "# " + `rails --version`.chomp
338
323
  @disasmlog.puts
339
324
  end
340
325
 
@@ -411,7 +396,7 @@ module Veracode
411
396
  m.included_modules.map {|m| "include #{m.inspect.dump}\n" }.join :
412
397
  ""
413
398
  ) +
414
- ( m.respond_to?(:singleton_class) && m.singleton_class.included_modules.count > 0 ?
399
+ ( m.singleton_class.included_modules.count > 0 ?
415
400
  m.singleton_class.included_modules.map {|m| "extend #{m.inspect.dump}\n" }.join :
416
401
  ""
417
402
  )
@@ -447,20 +432,17 @@ module Veracode
447
432
  end
448
433
  end
449
434
 
450
- begin
451
- if m == Kernel
452
- m.global_variables.each do |v_symbol|
453
- begin
454
- v = eval(v_symbol.to_s)
455
- formatted_contents += format_variable(v_symbol, v, "global")
456
- rescue Exception => e
457
- log_error "Error archiving global variable #{v_symbol.to_s.dump}: #{e.message}"
458
- formatted_contents += format_variable(v_symbol, :veracode_nil, "global")
459
- end
460
- end
435
+ if m.respond_to?(:global_variables)
436
+ m.global_variables.each do |v_symbol|
437
+ begin
438
+ v = eval(v_symbol.to_s)
439
+ formatted_contents += format_variable(v_symbol, v, "global")
440
+ rescue Exception => e
441
+ log_error "Error archiving global variable #{v_symbol.to_s.dump}: #{e.message}"
442
+ formatted_contents += format_variable(v_symbol, :veracode_nil, "global")
443
+ end
444
+
461
445
  end
462
- rescue Exception => e
463
- # m.respond_to?(:global_variables) was throwing exceptions
464
446
  end
465
447
 
466
448
  %w[ public protected private ].each {|p|
@@ -724,7 +706,7 @@ module Veracode
724
706
 
725
707
  end
726
708
 
727
- def self.require_libs(lib_paths)
709
+ def self.require_libs(lib_paths)
728
710
  for lib_path in lib_paths
729
711
  dirsToProcess = [Pathname(lib_path)]
730
712
  until dirsToProcess.count == 0 || !Dir.exists?(dirsToProcess[0])
@@ -732,52 +714,50 @@ module Veracode
732
714
  for child in currentDir.children
733
715
  if child.directory?
734
716
  dirsToProcess[dirsToProcess.count] = child
735
- base = child.to_s.partition("#{lib_path}/")[2]
717
+ base = child.to_s.partition("#{lib_path}/")[2]
736
718
  lib = ""
737
719
  for part in base.split('/').reverse
738
720
  lib = "#{part}/#{lib}"
739
721
  lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
740
- begin
741
- if cond_require lib
742
- puts "requiring #{lib}" if $options[:verbose]
722
+ begin
723
+ if cond_require lib
724
+ puts "requiring #{lib}" if $options[:verbose]
725
+ end
726
+ rescue Exception => e
743
727
  end
744
- rescue Exception => e
745
- end
728
+ end
746
729
  end
747
730
  end
748
731
  end
749
732
  end
750
733
  end
751
- end
752
-
753
- def self.require_rails(gemdir)
754
- dirsToProcess = [Pathname(gemdir)]
755
- until dirsToProcess.count == 0
756
- currentDir = dirsToProcess.delete_at(0)
757
- for child in currentDir.children
758
- if child.directory?
759
- dirsToProcess[dirsToProcess.count] = child
760
- end
761
- base = child.to_s.partition("#{gemdir}/")[2]
762
- if base.index("action_controller") != nil || base.index("action_view") != nil || base.index("active_record") != nil
763
- lib = ""
764
- for part in base.split('/').reverse
765
- lib = "#{part}/#{lib}"
766
- lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
767
- lib.chomp!(File.extname(lib))
768
- begin
769
- if cond_require lib
770
- puts "requiring #{lib}" if $options[:verbose]
771
- end
772
- rescue Exception => e
773
- end
734
+
735
+ def self.require_rails(gemdir)
736
+ dirsToProcess = [Pathname(gemdir)]
737
+ until dirsToProcess.count == 0
738
+ currentDir = dirsToProcess.delete_at(0)
739
+ for child in currentDir.children
740
+ if child.directory?
741
+ dirsToProcess[dirsToProcess.count] = child
742
+ end
743
+ base = child.to_s.partition("#{gemdir}/")[2]
744
+ if base.index("action_controller") != nil || base.index("action_view") != nil || base.index("active_record") != nil
745
+ lib = ""
746
+ for part in base.split('/').reverse
747
+ lib = "#{part}/#{lib}"
748
+ lib = lib[0..lib.length-2] if lib[lib.length-1] == '/'
749
+ lib.chomp!(File.extname(lib))
750
+ begin
751
+ if cond_require lib
752
+ puts "requiring #{lib}" if $options[:verbose]
753
+ end
754
+ rescue Exception => e
755
+ end
756
+ end
774
757
  end
775
758
  end
776
759
  end
777
760
  end
778
- end
779
-
780
-
781
761
 
782
762
 
783
763
  ################################################################################
@@ -794,6 +774,16 @@ end
794
774
  puts
795
775
  end
796
776
 
777
+ if $options[:disasm]
778
+ rbfiles = File.join("**", "*.rb")
779
+ Dir[rbfiles].each do |f|
780
+ puts RubyVM::InstructionSequence.compile_file(f).disasm
781
+ puts
782
+ end
783
+ exit
784
+ end
785
+
786
+ prepare_archive
797
787
 
798
788
  ################################################################
799
789
  ## phase 1 - Create baseline
@@ -802,6 +792,10 @@ end
802
792
  puts "Phase 1 - Initial State" if $options[:verbose]
803
793
  self.stats if $options[:verbose]
804
794
 
795
+ if $options[:phase1]
796
+ puts "Processing and disassembling Ruby standard classes and modules"
797
+ archive(@modules)
798
+ end
805
799
  ## /phase 1 - Create baseline
806
800
  ################################################################
807
801
 
@@ -812,54 +806,59 @@ end
812
806
 
813
807
  puts "Phase 2 - Load Rails" if $options[:verbose]
814
808
  begin
815
- require "rails/all"
809
+ cond_require "rails"
810
+ cond_require 'action_controller'
811
+ cond_require 'action_view'
812
+ cond_require 'active_record'
816
813
  rescue Exception => e
817
814
  puts "Unable to require rails: #{e.message}"
818
815
  log_error "Unable to require rails: #{e.message}"
819
816
  exit
820
817
  else
821
- puts "Required rails" if $options[:verbose]
822
- end
823
-
824
- ## Imitate script/rails
825
- # APP_PATH = File.expand_path('config/application')
826
- # APP_PATH is already set in bin/veracode
827
- #require File.expand_path('../../config/boot', __FILE__)
828
- glob_require "config/boot.rb"
829
- #require 'rails/commands'
830
- # this will trigger the console to be launched
831
- # ARGV.clear
832
- # ARGV << 'console'
833
- # ARGV << '--sandbox'
834
- # require 'rails/commands'
835
-
836
- ## Imitate rails/commands when console
837
- cond_require 'rails/commands/console.rb'
838
- # require APP_PATH # => config/application.rb
839
-
840
- glob_require "config/application.rb"
841
-
842
- Rails.application.require_environment! unless $options[:jruby]
843
- # Following line will actually kick off IRB
844
- # Rails::Console.start(Rails.application)
845
-
846
- # Imitate Rails::Console.initialize_console
847
- # require "pp"
848
- cond_require "rails/console/app.rb"
849
- cond_require "rails/console/helpers.rb"
850
-
851
- if $options[:environment]
852
818
  @stdlib = $:
853
819
  @gemdir = Gem.dir
854
820
 
821
+ ## Imitate script/rails
822
+ # APP_PATH = File.expand_path('config/application')
823
+ # APP_PATH is already set in bin/veracode
824
+ #require File.expand_path('../../config/boot', __FILE__)
825
+ glob_require "config/boot.rb"
826
+ #require 'rails/commands'
827
+ # this will trigger the console to be launched
828
+ # ARGV.clear
829
+ # ARGV << 'console'
830
+ # ARGV << '--sandbox'
831
+ # require 'rails/commands'
832
+
833
+ ## Imitate rails/commands when console
834
+ glob_require 'rails/commands/console'
835
+ # require APP_PATH # => config/application.rb
836
+
837
+ glob_require "config/application.rb"
838
+
839
+ Rails.application.require_environment! unless $options[:jruby]
840
+ begin
841
+ cond_require 'sass'
842
+ cond_require 'sass/rails/importer'
843
+ cond_require 'multi_json/adapters/json_gem'
844
+ rescue Exception => e
845
+ end
846
+
855
847
  require_libs(@stdlib)
856
848
  require_rails(@gemdir)
849
+ puts "Required rails" if $options[:verbose]
857
850
  end
858
851
 
859
- self.rebaseline
852
+ self.update
860
853
 
861
854
  self.stats if $options[:verbose]
862
855
 
856
+ if $options[:phase2]
857
+ puts "Processing and disassembling Rails classes and modules"
858
+ archive(@modules)
859
+ end
860
+
861
+ self.rebaseline
863
862
  ## /phase 2 - Require rails
864
863
  ################################################################
865
864
 
@@ -869,14 +868,19 @@ end
869
868
  # phase 3 - require app
870
869
 
871
870
  puts "Phase 3 - Imitate Rails" if $options[:verbose]
871
+ # Following line will actually kick off IRB
872
+ # Rails::Console.start(Rails.application)
873
+
874
+ # Imitate Rails::Console.initialize_console
875
+ # require "pp"
876
+ glob_require "rails/console/app"
877
+ glob_require "rails/console/helpers"
872
878
 
873
- any_new = true
874
- while any_new
875
- any_new = false
876
- any_new |= glob_require "lib/**/*.rb"
877
- any_new |= glob_require "app/**/*.rb"
878
- puts "new successful requires? #{any_new.to_s}" if $options[:verbose]
879
- end
879
+ glob_require "lib/**/*.rb"
880
+ glob_require "app/models/**/*.rb"
881
+ glob_require "app/helpers/**/*.rb"
882
+ glob_require "app/controllers/application_controller.rb"
883
+ glob_require "app/controllers/**/*.rb"
880
884
 
881
885
  compile_templates
882
886
 
@@ -886,21 +890,14 @@ end
886
890
  # Ensure compiled templates are fully disassembled in archive
887
891
  @baseline_modules.delete(ActionView::CompiledTemplates)
888
892
 
889
- if $options[:environment]
890
- puts "Processing and disassembling environment"
891
- archive(@modules.reject {|o| safe_name(o) =~ /^#<(Class|Module):0x[0-9a-f]+>/i }
892
- .reject {|o| safe_name(o) =~ /^Veracode/ }
893
- .reject {|o| safe_name(o) =~ /^EmptyRails/ }
894
- .reject {|o| safe_name(o) =~ /^ActionView::CompiledTemplates$/ }, false)
895
- else
896
- puts "Processing Ruby and Rails classes and modules"
897
- archive(@baseline_modules, false)
898
- add_to_archive "\n# Phase 3 - App disassembly\n"
893
+ if $options[:phase3]
899
894
  puts "Processing and disassembling #{APP_NAME} classes and modules"
895
+ archive(@baseline_modules, false)
900
896
  archive(@modules - @baseline_modules, true)
901
- archive_schema
902
897
  end
903
898
 
899
+ archive_schema
900
+
904
901
  ## /phase 3 - require app
905
902
  ################################################################
906
903
 
data/lib/veracode/version.rb CHANGED
@@ -1,4 +1,4 @@
1
1
  module Veracode
2
- VERSION = '1.0.0.alpha4'
2
+ VERSION = '1.0.0.alpha5'
3
3
  ARCHIVE_VERSION = '2012-07-04'
4
4
  end
metadata CHANGED
@@ -1,27 +1,29 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: veracode
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.0.0.alpha4
5
- prerelease: 6
4
+ version: 1.0.0.alpha5
6
5
  platform: ruby
7
6
  authors:
8
7
  - Veracode
9
8
  autorequire:
10
9
  bindir: bin
11
10
  cert_chain: []
12
- date: 2012-10-11 00:00:00.000000000 Z
11
+ date: 2015-05-11 00:00:00.000000000 Z
13
12
  dependencies:
14
13
  - !ruby/object:Gem::Dependency
15
14
  name: rubyzip
16
- requirement: &70110652152040 !ruby/object:Gem::Requirement
17
- none: false
15
+ requirement: !ruby/object:Gem::Requirement
18
16
  requirements:
19
- - - ! '>='
17
+ - - '>='
20
18
  - !ruby/object:Gem::Version
21
- version: '0'
19
+ version: '1.0'
22
20
  type: :runtime
23
21
  prerelease: false
24
- version_requirements: *70110652152040
22
+ version_requirements: !ruby/object:Gem::Requirement
23
+ requirements:
24
+ - - '>='
25
+ - !ruby/object:Gem::Version
26
+ version: '1.0'
25
27
  description: Prepares your Ruby on Rails app for submission to Veracode.
26
28
  email: devcontact@veracode.com
27
29
  executables:
@@ -36,27 +38,29 @@ files:
36
38
  - lib/veracode/version.rb
37
39
  homepage: http://veracode.com/
38
40
  licenses: []
41
+ metadata: {}
39
42
  post_install_message:
40
43
  rdoc_options: []
41
44
  require_paths:
42
45
  - lib
43
46
  required_ruby_version: !ruby/object:Gem::Requirement
44
- none: false
45
47
  requirements:
46
- - - ~>
48
+ - - '>='
47
49
  - !ruby/object:Gem::Version
48
50
  version: 1.9.3.0
51
+ - - <
52
+ - !ruby/object:Gem::Version
53
+ version: 2.2.0
49
54
  required_rubygems_version: !ruby/object:Gem::Requirement
50
- none: false
51
55
  requirements:
52
- - - ! '>'
56
+ - - '>'
53
57
  - !ruby/object:Gem::Version
54
58
  version: 1.3.1
55
59
  requirements: []
56
60
  rubyforge_project:
57
- rubygems_version: 1.8.10
61
+ rubygems_version: 2.4.3
58
62
  signing_key:
59
- specification_version: 3
63
+ specification_version: 4
60
64
  summary: Command line tool for preparing your Ruby on Rails app for submission to
61
65
  Veracode
62
66
  test_files: []