Sha256: daeaa27bf6a2c48c34fa66a38702c0f3c84cf0272661bf87ad353ae6d6ff5cc4

Contents?: true

Size: 1.68 KB

Versions: 40

Compression:

Stored size: 1.68 KB

Contents

require 'brakeman/checks/base_check'

class Brakeman::CheckUnsafeReflectionMethods < Brakeman::BaseCheck
  Brakeman::Checks.add self

  @description = "Checks for unsafe reflection to access methods"

  def run_check
    check_method
    check_tap
    check_to_proc
  end

  def check_method
    tracker.find_call(method: :method, nested: true).each do |result|
      argument = result[:call].first_arg

      if user_input = include_user_input?(argument)
        warn_unsafe_reflection(result, user_input)
      end
    end
  end

  def check_tap
    tracker.find_call(method: :tap, nested: true).each do |result|
      argument = result[:call].first_arg

      # Argument is passed like a.tap(&argument)
      if node_type? argument, :block_pass
        argument = argument.value
      end

      if user_input = include_user_input?(argument)
        warn_unsafe_reflection(result, user_input)
      end
    end
  end

  def check_to_proc
    tracker.find_call(method: :to_proc, nested: true).each do |result|
      target = result[:call].target

      if user_input = include_user_input?(target)
        warn_unsafe_reflection(result, user_input)
      end
    end
  end

  def warn_unsafe_reflection result, input
    return unless original? result
    method = result[:call].method

    confidence = if input.type == :params
      :high
    else
      :medium
    end

    message = msg("Unsafe reflection method ", msg_code(method), " called with ", msg_input(input))

    warn :result => result,
      :warning_type => "Remote Code Execution",
      :warning_code => :unsafe_method_reflection,
      :message => message,
      :user_input => input,
      :confidence => confidence,
      :cwe_id => [470]
  end
end

Version data entries

40 entries across 40 versions & 3 rubygems

Version Path
brakeman-7.0.0 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-lib-7.0.0 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-min-7.0.0 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-6.2.2 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-lib-6.2.2 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-min-6.2.2 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-6.2.2.rc1 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-min-6.2.1 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-lib-6.2.1 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-6.2.1 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-6.2.0 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-lib-6.2.0 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-min-6.2.0 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-6.1.2 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-lib-6.1.2 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-min-6.1.2 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-min-6.1.1 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-lib-6.1.1 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-6.1.1 lib/brakeman/checks/check_unsafe_reflection_methods.rb
brakeman-6.1.0 lib/brakeman/checks/check_unsafe_reflection_methods.rb