class Brakeman::CheckSymbolDoS
Constants
- UNSAFE_METHODS
Public Instance Methods
check_unsafe_symbol_creation(result)
click to toggle source
# File lib/brakeman/checks/check_symbol_dos.rb, line 19 def check_unsafe_symbol_creation result return unless original? result call = result[:call] if result[:method] == :literal_to_sym args = call.select { |e| sexp? e } else args = [call.target] end if input = args.map{ |arg| has_immediate_user_input?(arg) }.compact.first confidence = :high elsif input = args.map{ |arg| include_user_input?(arg) }.compact.first confidence = :medium end if confidence return if safe_parameter? input.match return if symbolizing_attributes? input message = msg("Symbol conversion from unsafe string in ", msg_input(input)) warn :result => result, :warning_type => "Denial of Service", :warning_code => :unsafe_symbol_creation, :message => message, :user_input => input, :confidence => confidence end end
run_check()
click to toggle source
# File lib/brakeman/checks/check_symbol_dos.rb, line 10 def run_check return if rails_version and rails_version >= "5.0.0" return if tracker.config.ruby_version >= "2.2" tracker.find_call(:methods => UNSAFE_METHODS, :nested => true).each do |result| check_unsafe_symbol_creation(result) end end
safe_parameter?(input)
click to toggle source
# File lib/brakeman/checks/check_symbol_dos.rb, line 52 def safe_parameter? input if call? input if node_type? input.target, :params input.method == :[] and symbol? input.first_arg and [:controller, :action].include? input.first_arg.value else safe_parameter? input.target end else false end end
symbolizing_attributes?(input)
click to toggle source
# File lib/brakeman/checks/check_symbol_dos.rb, line 66 def symbolizing_attributes? input input.type == :model and call? input.match and input.match.method == :attributes end