Contents

module Security
  class CheckForVulnerableCode < RuboCop::Cop::Base
    RESULT = {}

    def self.read_file
      gem_path = File.expand_path("#{File.dirname(__FILE__)}../../../../")

      file = File.read("#{gem_path}/vuln_db.json").strip
      json = JSON.parse(file)
      json["vulnerabilities"]["rails"]
    end

    VULNERABILITY_LIST = read_file

    VULNERABILITY_LIST.each do |string|
      search = string["search_string"]
      info = string["info"]

      RESULT[search.to_sym] = info
      def_node_matcher search.to_sym, "(send _ :#{search} _)"
    end

    def on_send(node)
      _, method = *node
      return unless method

      if (info = RESULT[method])
        message = "Rails: Possible vulnerability found, CVE Details - #{info} "

        add_offense(node.loc.selector, message: message)
      end
    end
  end
end

Version data entries

14 entries across 14 versions & 1 rubygems

Version	Path
simplycop-2.13.2	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.13.1	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.13.0	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.12.1	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.12.0	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.11.1	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.11.0	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.10.0	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.9.1	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.9.0	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.8.0	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.7.2	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.7.1	lib/simplycop/security/check_for_vulnerable_code.rb
simplycop-2.7.0	lib/simplycop/security/check_for_vulnerable_code.rb