Basis of vulnerability checks.
Initialize Check with Checks.
# File lib/brakeman/checks/base_check.rb, line 17 def initialize(app_tree, tracker) super() @app_tree = app_tree @results = [] #only to check for duplicates @warnings = [] @tracker = tracker @string_interp = false @current_set = nil @current_template = @current_module = @current_class = @current_method = nil @mass_assign_disabled = nil @safe_input_attributes = Set[:to_i, :to_f, :arel_table] end
Add result to result list, which is used to check for duplicates
# File lib/brakeman/checks/base_check.rb, line 31 def add_result result, location = nil location ||= (@current_template && @current_template[:name]) || @current_class || @current_module || @current_set || result[:location][1] location = location[:name] if location.is_a? Hash location = location.to_sym if result.is_a? Hash line = result[:call].original_line || result[:call].line elsif sexp? result line = result.original_line || result.line else raise ArgumentError end @results << [line, location, result] end
Process calls and check if they include user input
# File lib/brakeman/checks/base_check.rb, line 62 def process_call exp process exp.target if sexp? exp.target process_call_args exp target = exp.target unless @safe_input_attributes.include? exp.method if params? target @has_user_input = Match.new(:params, exp) elsif cookies? target @has_user_input = Match.new(:cookies, exp) elsif request_env? target @has_user_input = Match.new(:request, exp) elsif sexp? target and model_name? target[1] #TODO: Can this be target.target? @has_user_input = Match.new(:model, exp) end end exp end
# File lib/brakeman/checks/base_check.rb, line 83 def process_if exp #This is to ignore user input in condition current_user_input = @has_user_input process exp.condition @has_user_input = current_user_input process exp.then_clause if sexp? exp.then_clause process exp.else_clause if sexp? exp.else_clause exp end
Generated with the Darkfish Rdoc Generator 2.