Sha256: 92920a2b92f38659161d6dd328d383d8a489224b8d907ae74bfeac8798d07552

Contents?: true

Size: 1.29 KB

Versions: 17

Compression:

Stored size: 1.29 KB

Contents

require 'brakeman/checks/base_check'

#This check looks for regexes that include user input.
class Brakeman::CheckDynamicFinders < Brakeman::BaseCheck
  Brakeman::Checks.add self

  @description = "Check unsafe usage of find_by_*"

  def run_check
    if tracker.config.has_gem? :mysql and version_between? '2.0.0', '4.1.99'
      tracker.find_call(:method => /^find_by_/).each do |result|
        process_result result
      end
    end
  end

  def process_result result
    return if duplicate? result or result[:call].original_line
    add_result result

    call = result[:call]

    if potentially_dangerous? call.method
      call.each_arg do |arg|
        if params? arg and not safe_call? arg
          warn :result => result,
            :warning_type => "SQL Injection",
            :warning_code => :sql_injection_dynamic_finder,
            :message => "MySQL integer conversion may cause 0 to match any string",
            :confidence => CONFIDENCE[:med],
            :user_input => arg

          break
        end
      end
    end
  end

  def safe_call? arg
    return false unless call? arg

    meth = arg.method
    meth == :to_s or meth == :to_i
  end

  def potentially_dangerous? method_name
    method_name.match /^find_by_.*(token|guid|password|api_key|activation|code|private|reset)/
  end
end

Version data entries

17 entries across 17 versions & 3 rubygems

Version Path
brakeman-3.3.2 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-lib-3.3.2 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-min-3.3.2 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-3.3.1 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-min-3.3.1 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-lib-3.3.1 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-3.3.0 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-min-3.3.0 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-3.2.1 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-min-3.2.1 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-3.2.0 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-min-3.2.0 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-3.2.0.pre1 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-min-3.2.0.pre1 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-min-3.1.5.pre1 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-3.1.5 lib/brakeman/checks/check_dynamic_finders.rb
brakeman-min-3.1.5 lib/brakeman/checks/check_dynamic_finders.rb