class Brakeman::CheckSend
Checks if user supplied data is passed to send
def get_send exp
def get_send exp if call? exp if @send_methods.include? exp.method return exp else get_send exp.target end end end
def process_result result
def process_result result return unless original? result send_call = get_send result[:call] process_call_args send_call process send_call.target if input = has_immediate_user_input?(send_call.first_arg) warn :result => result, :warning_type => "Dangerous Send", :warning_code => :dangerous_send, :message => "User controlled method execution", :user_input => input, :confidence => :high, :cwe_id => [77] end end
def run_check
def run_check @send_methods = [:send, :try, :__send__, :public_send] Brakeman.debug("Finding instances of #send") calls = tracker.find_call :methods => @send_methods, :nested => true calls.each do |call| process_result call end end