Sha256: a63ed9cf0783fe4a0ec0d777ed41b66bea5d78b58d0b310152953e30f31fb737
Contents?: true
Size: 1.85 KB
Versions: 25
Compression:
Stored size: 1.85 KB
Contents
require 'brakeman/checks/base_check' class Brakeman::CheckCreateWith < Brakeman::BaseCheck Brakeman::Checks.add self @description = "Checks for strong params bypass in CVE-2014-3514" def run_check @warned = false if version_between? "4.0.0", "4.0.8" suggested_version = "4.0.9" elsif version_between? "4.1.0", "4.1.4" suggested_version = "4.1.5" else return end @message = "create_with is vulnerable to strong params bypass. Upgrade to Rails #{suggested_version} or patch" tracker.find_call(:method => :create_with, :nested => true).each do |result| process_result result end generic_warning unless @warned end def process_result result return unless original? result arg = result[:call].first_arg confidence = danger_level arg if confidence @warned = true warn :warning_type => "Mass Assignment", :warning_code => :CVE_2014_3514_call, :result => result, :message => @message, :confidence => confidence, :link_path => "https://groups.google.com/d/msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ" end end #For a given create_with call, set confidence level. #Ignore calls that use permit() def danger_level exp return unless sexp? exp if call? exp and exp.method == :permit nil elsif request_value? exp :high elsif hash? exp nil elsif has_immediate_user_input?(exp) :high elsif include_user_input? exp :medium else :weak end end def generic_warning warn :warning_type => "Mass Assignment", :warning_code => :CVE_2014_3514, :message => @message, :gem_info => gemfile_or_environment, :confidence => :medium, :link_path => "https://groups.google.com/d/msg/rubyonrails-security/M4chq5Sb540/CC1Fh0Y_NWwJ" end end
Version data entries
25 entries across 25 versions & 3 rubygems