Class: HardCodedCredentialsRule

Inherits:
Rule
  • Object
show all
Defined in:
lib/rules/hard_coded_credentials_rule.rb

Class Method Summary collapse

Methods inherited from Rule

filter_resources, filter_tokens, filter_variables, filter_whitelist, get_comments, get_string_tokens, get_tokens, inherited

Class Method Details

.AnalyzeTokens(tokens) ⇒ Object 



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
 
# File 'lib/rules/hard_coded_credentials_rule.rb', line 18

def self.AnalyzeTokens(tokens)
  result = []

  ftokens = self.filter_tokens(tokens)
  ftokens.each do |token|
    token_value = token.value.downcase
    token_type = token.type.to_s
    next_token = token.next_code_token
    # accepts <VARIABLE> <EQUALS> secret OR <NAME> <FARROW> secret, checks if <VARIABLE> | <NAME> satisfy SECRETS but not satisfy NON_SECRETS
    if ["VARIABLE", "NAME"].include? token_type and ["EQUALS", "FARROW"].include? next_token.type.to_s and token_value =~ @secrets_conf.value and !(token_value =~ @non_secrets_conf.value)
      right_side_type = next_token.next_code_token.type.to_s
      right_side_value = next_token.next_code_token.value.downcase
      if ["STRING", "SSTRING"].include? right_side_type and right_side_value.length > 1 and !@invalid_values_conf.value.include? right_side_value and !(right_side_value =~ /::|\/|\.|\\/ ) and !@not_considered_creds_conf.value.include? right_side_value
        result.append(Sin.new(SinType::HardCodedCred, token.line, token.column, next_token.next_code_token.line, next_token.next_code_token.column+right_side_value.length))
      end
    end
  end

  return result
end