Class: TaintedLove::Replacer::ReplaceFile

Inherits:
Base
  • Object
show all
Defined in:
lib/tainted_love/replacer/replace_file.rb

Instance Method Summary collapse

Methods inherited from Base

replacers, #should_replace?

Instance Method Details

#replace!Object 



6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
 
# File 'lib/tainted_love/replacer/replace_file.rb', line 6

def replace!
  File.instance_eval do
    alias :_tainted_love_original_read :read
    alias :_tainted_love_original_write :write

    def read(*args)
      if args.first.tainted?
        TaintedLove.report(:ReplaceFile, args.first, [:lfi], 'File read using tainted file name')

        _tainted_love_original_read(*args)
      else
        _tainted_love_original_read(*args).untaint
      end
    end

    def write(*args)
      if args.first.tainted?
        TaintedLove.report(:ReplaceFile, args.first, [:lfi], 'File write using tainted file name')
      end

      _tainted_love_original_write(*args)
    end
  end
end