Class: Security::CheckForVulnerableCode

Inherits:
RuboCop::Cop::Base
  • Object
show all
Defined in:
lib/simplycop/security/check_for_vulnerable_code.rb

Constant Summary collapse

RESULT = 
{}
VULNERABILITY_LIST = 
read_file

Class Method Summary collapse

Instance Method Summary collapse

Class Method Details

.read_fileObject 



5
6
7
8
9
10
11
 
# File 'lib/simplycop/security/check_for_vulnerable_code.rb', line 5

def self.read_file
  gem_path = File.expand_path("#{File.dirname(__FILE__)}../../../../")

  file = File.read("#{gem_path}/vuln_db.json").strip
  json = JSON.parse(file)
  json["vulnerabilities"]["rails"]
end

Instance Method Details

#on_send(node) ⇒ Object 



23
24
25
26
27
28
29
30
31
32
 
# File 'lib/simplycop/security/check_for_vulnerable_code.rb', line 23

def on_send(node)
  _, method = *node
  return unless method

  if (info = RESULT[method])
    message = "Rails: Possible vulnerability found, CVE Details - #{info} "

    add_offense(node.loc.selector, message: message)
  end
end