Sha256: e3c4fa114fa9aa55e6698c423299e0a9b176ffac75d3865921394f7338205223

Contents?: true

Size: 1.37 KB

Versions: 48

Compression:

Stored size: 1.37 KB

Contents

require 'brakeman/checks/base_check'

class Brakeman::CheckDeserialize < Brakeman::BaseCheck
  Brakeman::Checks.add self

  @description = "Checks for unsafe deserialization of objects"

  def run_check
    check_yaml
    check_csv
    check_marshal
  end

  def check_yaml
    check_methods :YAML, :load, :load_documents, :load_stream, :parse_documents, :parse_stream
  end

  def check_csv
    check_methods :CSV, :load
  end

  def check_marshal
    check_methods :Marshal, :load, :restore
  end

  def check_methods target, *methods
    tracker.find_call(:target => target, :methods => methods ).each do |result|
      check_deserialize result, target
    end
  end

  def check_deserialize result, target, arg = nil
    return if duplicate? result
    add_result result

    arg ||= result[:call].first_arg
    method = result[:call].method

    if input = has_immediate_user_input?(arg)
      confidence = CONFIDENCE[:high]
    elsif input = include_user_input?(arg)
      confidence = CONFIDENCE[:med]
    end

    if confidence
      message = "#{target}.#{method} called with #{friendly_type_of input}"

      warn :result => result,
        :warning_type => "Remote Code Execution",
        :warning_code => :unsafe_deserialize,
        :message => message,
        :user_input => input.match,
        :confidence => confidence,
        :link_path => "unsafe_deserialization"
    end
  end
end

Version data entries

48 entries across 48 versions & 2 rubygems

Version Path
brakeman-3.1.1 lib/brakeman/checks/check_deserialize.rb
brakeman-min-3.1.1 lib/brakeman/checks/check_deserialize.rb
brakeman-3.1.0 lib/brakeman/checks/check_deserialize.rb
brakeman-min-3.1.0 lib/brakeman/checks/check_deserialize.rb
brakeman-3.0.5 lib/brakeman/checks/check_deserialize.rb
brakeman-min-3.0.5 lib/brakeman/checks/check_deserialize.rb
brakeman-3.0.4 lib/brakeman/checks/check_deserialize.rb
brakeman-min-3.0.4 lib/brakeman/checks/check_deserialize.rb
brakeman-min-3.0.3 lib/brakeman/checks/check_deserialize.rb
brakeman-3.0.3 lib/brakeman/checks/check_deserialize.rb
brakeman-min-3.0.2 lib/brakeman/checks/check_deserialize.rb
brakeman-3.0.2 lib/brakeman/checks/check_deserialize.rb
brakeman-min-3.0.1 lib/brakeman/checks/check_deserialize.rb
brakeman-3.0.1 lib/brakeman/checks/check_deserialize.rb
brakeman-3.0.0 lib/brakeman/checks/check_deserialize.rb
brakeman-min-3.0.0 lib/brakeman/checks/check_deserialize.rb
brakeman-2.6.3 lib/brakeman/checks/check_deserialize.rb
brakeman-min-2.6.3 lib/brakeman/checks/check_deserialize.rb
brakeman-min-2.6.2 lib/brakeman/checks/check_deserialize.rb
brakeman-2.6.2 lib/brakeman/checks/check_deserialize.rb