Contents

require 'railroader/checks/base_check'

class Railroader::CheckMimeTypeDoS < Railroader::BaseCheck
  Railroader::Checks.add self

  @description = "Checks for mime type denial of service (CVE-2016-0751)"

  def run_check
    fix_version = case
               when version_between?("3.0.0", "3.2.22")
                 "3.2.22.1"
               when version_between?("4.0.0", "4.1.14")
                 "4.1.14.1"
               when version_between?("4.2.0", "4.2.5")
                 "4.2.5.1"
               else
                 return
               end

    return if has_workaround?

    message = "Rails #{rails_version} is vulnerable to denial of service via mime type caching (CVE-2016-0751). Upgrade to Rails version #{fix_version}"

    warn :warning_type => "Denial of Service",
      :warning_code => :CVE_2016_0751,
      :message => message,
      :confidence => :medium,
      :gem_info => gemfile_or_environment,
      :link_path => "https://groups.google.com/d/msg/rubyonrails-security/9oLY_FCzvoc/w9oI9XxbFQAJ"
  end

  def has_workaround?
    tracker.check_initializers(:Mime, :const_set).any? do |match|
      arg = match.call.first_arg

      symbol? arg and arg.value == :LOOKUP
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version	Path
railroader-4.3.8	lib/railroader/checks/check_mime_type_dos.rb
railroader-4.3.7	lib/railroader/checks/check_mime_type_dos.rb
railroader-4.3.5	lib/railroader/checks/check_mime_type_dos.rb
railroader-4.3.4	lib/railroader/checks/check_mime_type_dos.rb