Class: RuboCop::Cop::Security::Open
Relationships & Source Files | |
Super Chains via Extension / Inclusion / Inheritance | |
Class Chain:
self,
::RuboCop::Cop::Base ,
::RuboCop::ExcludeLimit ,
NodePattern::Macros,
RuboCop::AST::Sexp
|
|
Instance Chain:
self,
::RuboCop::Cop::Base ,
::RuboCop::Cop::AutocorrectLogic ,
::RuboCop::Cop::IgnoredNode ,
::RuboCop::Util ,
RuboCop::AST::Sexp
|
|
Inherits: |
RuboCop::Cop::Base
|
Defined in: | lib/rubocop/cop/security/open.rb |
Overview
Checks for the use of Kernel#open
and URI.open
with dynamic
data.
Kernel#open
and URI.open
enable not only file access but also process
invocation by prefixing a pipe symbol (e.g., open("| ls")
).
So, it may lead to a serious security risk by using variable input to
the argument of Kernel#open
and URI.open
. It would be better to use
File.open
, IO.popen
or URI.parse#open
explicitly.
Note
|
open and URI.open with literal strings are not flagged by this
cop.
|
Constant Summary
-
MSG =
# File 'lib/rubocop/cop/security/open.rb', line 38'The use of `%<receiver>sopen` is a serious security risk.'
-
RESTRICT_ON_SEND =
# File 'lib/rubocop/cop/security/open.rb', line 39%i[open].freeze
::RuboCop::Cop::Base
- Inherited
Class Attribute Summary
::RuboCop::Cop::Base
- Inherited
.gem_requirements, .lint?, | |
.support_autocorrect? | Returns if class supports autocorrect. |
.support_multiple_source? | Override if your cop should be called repeatedly for multiple investigations Between calls to |
Class Method Summary
::RuboCop::Cop::Base
- Inherited
.autocorrect_incompatible_with | List of cops that should not try to autocorrect at the same time as this cop. |
.badge | Naming. |
.callbacks_needed, .cop_name, .department, | |
.documentation_url | Returns a url to view this cops documentation online. |
.exclude_from_registry | Call for abstract Cop classes. |
.inherited, | |
.joining_forces | Override and return the Force class(es) you need to join. |
.match? | Returns true if the cop name or the cop namespace matches any of the given names. |
.new, | |
.requires_gem | Register a version requirement for the given gem name. |
.restrict_on_send |
::RuboCop::ExcludeLimit
- Extended
exclude_limit | Sets up a configuration option to have an exclude limit tracked. |
transform |
Instance Attribute Summary
::RuboCop::Cop::Base
- Inherited
::RuboCop::Cop::AutocorrectLogic
- Included
Instance Method Summary
- #on_send(node)
- #open?(node)
- #composite_string?(node) ⇒ Boolean private
- #concatenated_string?(node) ⇒ Boolean private
- #interpolated_string?(node) ⇒ Boolean private
- #safe?(node) ⇒ Boolean private
- #safe_argument?(argument) ⇒ Boolean private
- #simple_string?(node) ⇒ Boolean private
::RuboCop::Cop::Base
- Inherited
#add_global_offense | Adds an offense that has no particular location. |
#add_offense | Adds an offense on the specified range (or node with an expression) Unless that offense is disabled for this range, a corrector will be yielded to provide the cop the opportunity to autocorrect the offense. |
#begin_investigation | Called before any investigation. |
#callbacks_needed, | |
#cop_config | Configuration Helpers. |
#cop_name, #excluded_file?, | |
#external_dependency_checksum | This method should be overridden when a cop’s behavior depends on state that lives outside of these locations: |
#inspect, | |
#message | Gets called if no message is specified when calling |
#name | Alias for Base#cop_name. |
#offenses, | |
#on_investigation_end | Called after all on_… |
#on_new_investigation | Called before all on_… |
#on_other_file | Called instead of all on_… |
#parse | There should be very limited reasons for a Cop to do it’s own parsing. |
#parser_engine, | |
#ready | Called between investigations. |
#relevant_file?, | |
#target_gem_version | Returns a gems locked versions (i.e. |
#target_rails_version, #target_ruby_version, #annotate, #apply_correction, #attempt_correction, | |
#callback_argument | Reserved for Cop::Cop. |
#complete_investigation | Called to complete an investigation. |
#correct, #current_corrector, | |
#current_offense_locations | Reserved for Commissioner: |
#current_offenses, #currently_disabled_lines, #custom_severity, #default_severity, #disable_uncorrectable, #enabled_line?, #file_name_matches_any?, #find_message, #find_severity, #range_for_original, #range_from_node_or_range, | |
#reset_investigation | Actually private methods. |
#use_corrector |
::RuboCop::Cop::AutocorrectLogic
- Included
#disable_offense, #disable_offense_at_end_of_line, #disable_offense_before_and_after, #disable_offense_with_eol_or_surround_comment, #heredoc_range, #max_line_length, #multiline_ranges, #multiline_string?, | |
#range_by_lines | Expand the given range to include all of any lines it covers. |
#range_of_first_line, #range_overlaps_offense?, #string_continuation?, #surrounding_heredoc?, #surrounding_percent_array? |
::RuboCop::Cop::IgnoredNode
- Included
Constructor Details
This class inherits a constructor from RuboCop::Cop::Base
Instance Method Details
#composite_string?(node) ⇒ Boolean
(private)
# File 'lib/rubocop/cop/security/open.rb', line 75
def composite_string?(node) interpolated_string?(node) || concatenated_string?(node) end
#concatenated_string?(node) ⇒ Boolean
(private)
# File 'lib/rubocop/cop/security/open.rb', line 83
def concatenated_string?(node) node.send_type? && node.method?(:+) && node.receiver.str_type? end
#interpolated_string?(node) ⇒ Boolean
(private)
# File 'lib/rubocop/cop/security/open.rb', line 79
def interpolated_string?(node) node.dstr_type? end
#on_send(node)
[ GitHub ]#open?(node)
[ GitHub ]# File 'lib/rubocop/cop/security/open.rb', line 42
def_node_matcher :open?, <<~PATTERN (send ${nil? (const {nil? cbase} :URI)} :open $_ ...) PATTERN
#safe?(node) ⇒ Boolean
(private)
# File 'lib/rubocop/cop/security/open.rb', line 57
def safe?(node) if simple_string?(node) safe_argument?(node.str_content) elsif composite_string?(node) safe?(node.children.first) else false end end
#safe_argument?(argument) ⇒ Boolean
(private)
# File 'lib/rubocop/cop/security/open.rb', line 67
def safe_argument?(argument) !argument.empty? && !argument.start_with?('|') end
#simple_string?(node) ⇒ Boolean
(private)
# File 'lib/rubocop/cop/security/open.rb', line 71
def simple_string?(node) node.str_type? end