Class: TaintedLove::Replacer::ReplaceYAML

Inherits:

Base

• Object
• Base
• TaintedLove::Replacer::ReplaceYAML

Defined in:

lib/tainted_love/replacer/replace_yaml.rb

Instance Method Summary

• #replace! ⇒ Object
• #should_replace? ⇒ Boolean

Methods inherited from Base

replacers

Instance Method Details

#replace! ⇒ Object

# File 'lib/tainted_love/replacer/replace_yaml.rb', line 10

def replace!
  YAML.instance_eval do
    alias :_tainted_love_original_load :load

    def load(source, *args)
      TaintedLove.report(
        :ReplaceYAML,
        source,
        [:rce],
        'YAML.load using tainted input'
      ) if source.tainted?

      _tainted_love_original_load(source, *args)
    end
  end
end

#should_replace? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/tainted_love/replacer/replace_yaml.rb', line 6

def should_replace?
  Object.const_defined?('YAML')
end