class Brakeman::CheckTemplateInjection

Public Instance Methods

process_result(result) click to toggle source

Warns if eval includes user input

# File lib/brakeman/checks/check_template_injection.rb, line 20
def process_result result
  return unless original? result

  if input = include_user_input?(result[:call].arglist)
    warn :result => result,
      :warning_type => "Template Injection",
      :warning_code => :erb_template_injection,
      :message => msg(msg_input(input), " used directly in ", msg_code("ERB"), " template, which might enable remote code execution"),
      :user_input => input,
      :confidence => :high,
      :cwe_id => [1336]
  end
end
run_check() click to toggle source

Process calls

# File lib/brakeman/checks/check_template_injection.rb, line 9
def run_check
  Brakeman.debug "Finding ERB.new calls"
  erb_calls = tracker.find_call :target => :ERB, :method => :new, :nested => true

  Brakeman.debug "Processing ERB.new calls"
  erb_calls.each do |call|
    process_result call
  end
end