Sha256: 3da3451ab26010a951489d4d5bbd222f598040c43820d452993724ff38e51f1a

Contents?: true

Size: 857 Bytes

Versions: 5

Compression:

Stored size: 857 Bytes

Contents

# frozen_string_literal: true

module TaintedLove
  module Replacer
    class ReplaceFile < Base
      def replace!
        File.instance_eval do
          alias :_tainted_love_original_read :read
          alias :_tainted_love_original_write :write

          def read(*args)
            if args.first.tainted?
              TaintedLove.report(:ReplaceFile, args.first, [:lfi], 'File read using tainted file name')

              _tainted_love_original_read(*args)
            else
              _tainted_love_original_read(*args).untaint
            end
          end

          def write(*args)
            if args.first.tainted?
              TaintedLove.report(:ReplaceFile, args.first, [:lfi], 'File write using tainted file name')
            end

            _tainted_love_original_write(*args)
          end
        end
      end
    end
  end
end

Version data entries

5 entries across 5 versions & 1 rubygems

Version Path
tainted_love-0.4.1 lib/tainted_love/replacer/replace_file.rb
tainted_love-0.4.0 lib/tainted_love/replacer/replace_file.rb
tainted_love-0.1.5 lib/tainted_love/replacer/replace_file.rb
tainted_love-0.1.4 lib/tainted_love/replacer/replace_file.rb
tainted_love-0.1.3 lib/tainted_love/replacer/replace_file.rb