Class Brakeman::CheckExecute
In: lib/brakeman/checks/check_execute.rb
Parent: Brakeman::BaseCheck

Checks for string interpolation and parameters in calls to Kernel#system, Kernel#exec, Kernel#syscall, and inside backticks.

Examples of command injection vulnerabilities: 

 system("rf -rf #{params[:file]}")
 exec(params[:command])
 `unlink #{params[:something}`

Methods

check_for_backticks   check_open_calls   dangerous?   dangerous_interp?   dangerous_open_arg?   process_backticks   process_result   run_check   shell_escape?  

Constants

SAFE_VALUES = [s(:const, :RAILS_ROOT), s(:call, s(:const, :Rails), :root), s(:call, s(:const, :Rails), :env), s(:call, s(:const, :Process), :pid)]
SHELL_ESCAPE_MODULE_METHODS = Set[:escape, :join, :shellescape, :shelljoin]
SHELL_ESCAPE_MIXIN_METHODS = Set[:shellescape, :shelljoin]
SHELLWORDS = s(:const, :Shellwords)

Public Instance methods

check_for_backticks(tracker)

Looks for calls using backticks such as 

 `rm -rf #{params[:file]}`
dangerous?(exp)

This method expects a :dstr or :evstr node

process_backticks(result)

Processes backticks.

run_check()

Check models, controllers, and views for command injection.

[Validate]