Sha256: a9f8ee07e469c2f6c82e9d3a7d0daaf1d050788d3f883a7caccd9a6f9c7a6e8a

Contents?: true

Size: 1.31 KB

Versions: 18

Compression:

Stored size: 1.31 KB

Contents

require_relative '../configurations/list_configuration'

class InvalidIPAddrBindingRule < Rule
  @name = "Invalid IP Address Binding"

  @ip_addr_bin_regex = /^((http(s)?:\/\/)?0.0.0.0(:\d{1,5})?)$/

  @ip_addr_bin_regex_conf = RegexConfiguration.new("Regular expression of an invalid IP address", @ip_addr_bin_regex, "Regular expression of an IP address considered invalid or insecure to use.")

  @configurations+=[@ip_addr_bin_regex_conf]

  def self.AnalyzeTokens(tokens)
    result = []

    ftokens = get_tokens(tokens,"0.0.0.0")
    ftokens.each do |token|
      token_value = token.value.downcase
      token_type = token.type.to_s
      if ["EQUALS", "FARROW"].include? token.prev_code_token.type.to_s
        prev_token = token.prev_code_token
        left_side = prev_token.prev_code_token
        if token_value =~ @ip_addr_bin_regex_conf.value and ["VARIABLE", "NAME"].include? left_side.type.to_s
          result.append(Sin.new(SinType::InvalidIPAddrBinding, left_side.line, left_side.column, token.line, token.column+token_value.length))
        end
      end
    end

    return result
  end

  def self.filter_tokens_per_value(tokens, token)
    ftokens=tokens.find_all do |hash|
      (hash.type.to_s == 'SSTRING' || hash.type.to_s == 'STRING') and hash.value.downcase.include? token
    end
    return ftokens
  end
end

Version data entries

18 entries across 18 versions & 1 rubygems

Version Path
puppet-sec-lint-1.0.0 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.17 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.16 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.15 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.14 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.13 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.11 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.10 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.9 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.8 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.7 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.6 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.5 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.4 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.3 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.2 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.1 lib/rules/invalid_ip_addr_binding_rule.rb
puppet-sec-lint-0.5.0 lib/rules/invalid_ip_addr_binding_rule.rb