class RuboCop::Cop::Security::MarshalLoad
Marshal.load(Marshal.dump({}))
# okish - deep copy hack
Marshal.dump(“{}”)
# good
Marshal.restore(“{}”)
Marshal.load(“{}”)
# bad
@example
loading from an untrusted source.
potential security issues leading to remote code execution when
Checks for the use of Marshal class methods which have
def on_send(node)
def on_send(node) marshal_load(node) do |method| add_offense(node.loc.selector, message: format(MSG, method: method)) end end