class RuboCop::Cop::Security::Open
Checks for the use of ‘Kernel#open` and `URI.open` with dynamic data.
‘Kernel#open` and `URI.open` enable not only file access but also process invocation by prefixing a pipe symbol (e.g., `open(“| ls”)`). So, it may lead to a serious security risk by using variable input to the argument of `Kernel#open` and `URI.open`. It would be better to use `File.open`, `IO.popen` or `URI.parse#open` explicitly.
NOTE: ‘open` and `URI.open` with literal strings are not flagged by this cop.
@safety
This cop could register false positives if `open` is redefined in a class and then used without a receiver in that class.
@example
# bad open(something) open("| #{something}") open("| foo") URI.open(something) # good File.open(something) IO.popen(something) URI.parse(something).open # good (literal strings) open("foo.text") URI.open("http://example.com")
Constants
- MSG
- RESTRICT_ON_SEND
Public Instance Methods
on_send(node)
click to toggle source
# File lib/rubocop/cop/security/open.rb, line 46 def on_send(node) open?(node) do |receiver, code| return if safe?(code) message = format(MSG, receiver: receiver ? "#{receiver.source}." : 'Kernel#') add_offense(node.loc.selector, message: message) end end
Private Instance Methods
composite_string?(node)
click to toggle source
# File lib/rubocop/cop/security/open.rb, line 75 def composite_string?(node) interpolated_string?(node) || concatenated_string?(node) end
concatenated_string?(node)
click to toggle source
# File lib/rubocop/cop/security/open.rb, line 83 def concatenated_string?(node) node.send_type? && node.method?(:+) && node.receiver.str_type? end
interpolated_string?(node)
click to toggle source
# File lib/rubocop/cop/security/open.rb, line 79 def interpolated_string?(node) node.dstr_type? end
safe?(node)
click to toggle source
# File lib/rubocop/cop/security/open.rb, line 57 def safe?(node) if simple_string?(node) safe_argument?(node.str_content) elsif composite_string?(node) safe?(node.children.first) else false end end
safe_argument?(argument)
click to toggle source
# File lib/rubocop/cop/security/open.rb, line 67 def safe_argument?(argument) !argument.empty? && !argument.start_with?('|') end
simple_string?(node)
click to toggle source
# File lib/rubocop/cop/security/open.rb, line 71 def simple_string?(node) node.str_type? end