hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-19 10:23:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
c20ee76826e10318f8f39c6fae901b743c2e8254
codeql/ruby/ql/test/query-tests/security/cwe-094/CodeInjection.rb

69 lines
834 B
Ruby
Raw Blame History

class UsersController < ActionController::Base
def create
code = params[:code]
# BAD
eval(code)
# BAD
eval(params)
# GOOD - user input is in second argument, which is not evaluated as Ruby code
send(:sanitize, params[:code])
# GOOD
Foo.new.bar(code)
# BAD
Foo.class_eval(code)
# BAD
Foo.module_eval(code)
# GOOD
Bar.class_eval(code)
# BAD
const_get(code)
# BAD
Foo.const_get(code)
# GOOD
Bar.const_get(code)
# BAD
eval(Regexp.escape(code))
end
def update
# GOOD
eval("foo")
end
private
def sanitize(code)
true
end
end
class Foo
def eval(x)
true
end
def bar(x)
eval(x)
end
end
class Bar
def self.class_eval(x)
true
end
def self.const_get(x)
true
end
end
Reference in New Issue View Git Blame Copy Permalink