Class: TaintedLove::Replacer::ReplaceKernel
- Inherits:
-
Base
- Object
- Base
- TaintedLove::Replacer::ReplaceKernel
show all
- Defined in:
- lib/tainted_love/replacer/replace_kernel.rb
Instance Method Summary
collapse
Methods inherited from Base
replacers, #should_replace?
Instance Method Details
#replace! ⇒ Object
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
# File 'lib/tainted_love/replacer/replace_kernel.rb', line 6
def replace!
i[eval system `].each do |method|
TaintedLove.proxy_method(Kernel, method) do |_, *args|
TaintedLove.report(
:ReplaceKernel,
args.first,
[:rce],
"Kernel##{method} execution using tainted input"
) if args.first&.tainted?
end
end
Kernel.class_eval do
alias_method :_tainted_love_original_open, :open
def open(*args, &block)
first = args.first
return_value = _tainted_love_original_open(*args, &block)
if first.tainted?
return_value.taint
TaintedLove.report(
:ReplaceKernel,
first,
[:rce],
'Kernel#open begins with "|" and uses tainted input'
) if first.is_a?(String) && first[0] == '|'
else
return_value.untaint
end
return_value
end
end
end
|