Last active
August 29, 2015 14:04
-
-
Save aetherknight/3cd2d4ec51ab440320b7 to your computer and use it in GitHub Desktop.
Sample errors from brakeman run in wwtd without bundle exec
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
START rvm: 2.0.0 | |
bundle install --quiet | |
ruby test/test.rb | |
---------------------------------------- | |
Processing Rails 3.2 application... | |
---------------------------------------- | |
Loading scanner... | |
Processing application in /Users/bjorvis/src/ruby/brakeman/test/apps/rails3.2 | |
Processing gems... | |
[Notice] Detected Rails 3 application | |
Processing configuration... | |
[Notice] Escaping HTML by default | |
Parsing files... | |
Processing initializers... | |
Processing libs... | |
Processing routes... | |
Processing templates... | |
Processing data flow in templates... | |
Processing models... | |
Processing controllers... | |
Processing data flow in controllers... | |
Indexing call sites... | |
Running checks in parallel... | |
- CheckBasicAuth | |
- CheckCrossSiteScripting | |
- CheckContentTag | |
- CheckDefaultRoutes | |
- CheckDeserialize | |
- CheckDetailedExceptions | |
- CheckDigestDoS | |
- CheckEscapeFunction | |
- CheckEvaluation | |
- CheckExecute | |
- CheckFileAccess | |
- CheckFilterSkipping | |
- CheckForgerySetting | |
- CheckHeaderDoS | |
- CheckI18nXSS | |
- CheckJRubyXML | |
- CheckJSONParsing | |
- CheckLinkTo | |
- CheckLinkToHref | |
- CheckMailTo | |
- CheckMassAssignment | |
- CheckModelAttrAccessible | |
- CheckModelAttributes | |
- CheckModelSerialize | |
- CheckNestedAttributes | |
- CheckNumberToCurrency | |
- CheckQuoteTableName | |
- CheckRedirect | |
- CheckRegexDoS | |
- CheckRender | |
- CheckRenderDoS | |
- CheckResponseSplitting | |
- CheckSafeBufferManipulation | |
- CheckSanitizeMethods | |
- CheckSelectTag | |
- CheckSelectVulnerability | |
- CheckSend | |
- CheckSendFile | |
- CheckSessionSettings | |
- CheckSimpleFormat | |
- CheckSingleQuotes | |
- CheckSkipBeforeFilter | |
- CheckSQL | |
- CheckSQLCVEs | |
- CheckSSLVerify | |
- CheckStripTags | |
- CheckSymbolDoS | |
- CheckTranslateBug | |
- CheckUnsafeReflection | |
- CheckValidationRegex | |
- CheckWithoutProtection | |
- CheckYAMLParsing | |
Checks finished, collecting results... | |
---------------------------------------- | |
Processing Rails 2 application... | |
---------------------------------------- | |
Loading scanner... | |
Processing application in /Users/bjorvis/src/ruby/brakeman/test/apps/rails2 | |
Processing gems... | |
Processing configuration... | |
Parsing files... | |
Processing initializers... | |
Processing libs...ed | |
Processing routes... | |
Processing templates... | |
Processing data flow in templates... | |
Processing models... | |
Processing controllers... | |
Processing data flow in controllers... | |
Indexing call sites... | |
Running checks in parallel... | |
- CheckBasicAuth | |
- CheckCrossSiteScripting | |
- CheckContentTag | |
- CheckDefaultRoutes | |
- CheckDeserialize | |
- CheckDetailedExceptions | |
- CheckDigestDoS | |
- CheckEscapeFunction | |
- CheckEvaluation | |
- CheckExecute | |
- CheckFileAccess | |
- CheckFilterSkipping | |
- CheckForgerySetting | |
- CheckHeaderDoS | |
- CheckI18nXSS | |
- CheckJRubyXML | |
- CheckJSONParsing | |
- CheckLinkTo | |
- CheckLinkToHref | |
- CheckMailTo | |
- CheckMassAssignment | |
- CheckModelAttrAccessible | |
- CheckModelAttributes | |
- CheckModelSerialize | |
- CheckNestedAttributes | |
- CheckNumberToCurrency | |
- CheckQuoteTableName | |
- CheckRedirect | |
- CheckRegexDoS | |
- CheckRender | |
- CheckRenderDoS | |
- CheckResponseSplitting | |
- CheckSafeBufferManipulation | |
- CheckSanitizeMethods | |
- CheckSelectTag | |
- CheckSelectVulnerability | |
- CheckSend | |
- CheckSendFile | |
- CheckSessionSettings | |
- CheckSimpleFormat | |
- CheckSingleQuotes | |
- CheckSkipBeforeFilter | |
- CheckSQL | |
- CheckSQLCVEs | |
- CheckSSLVerify | |
- CheckStripTags | |
- CheckSymbolDoS | |
- CheckTranslateBug | |
- CheckUnsafeReflection | |
- CheckValidationRegex | |
- CheckWithoutProtection | |
- CheckYAMLParsing | |
Checks finished, collecting results... | |
Filtering warnings... | |
[Notice] Using '/Users/bjorvis/src/ruby/brakeman/test/apps/rails2/config/brakeman.ignore' to filter warnings | |
---------------------------------------- | |
Processing Rails 2 application... | |
---------------------------------------- | |
Loading scanner... | |
Processing application in /Users/bjorvis/src/ruby/brakeman/test/apps/rails2 | |
Processing gems... | |
Processing configuration... | |
Parsing files... | |
Processing initializers... | |
Processing libs...ed | |
Processing routes... | |
Processing templates... | |
Processing data flow in templates... | |
Processing models... | |
Processing controllers... | |
Processing data flow in controllers... | |
Indexing call sites... | |
Running checks in parallel... | |
- CheckBasicAuth | |
- CheckCrossSiteScripting | |
- CheckContentTag | |
- CheckDefaultRoutes | |
- CheckDeserialize | |
- CheckDetailedExceptions | |
- CheckDigestDoS | |
- CheckEscapeFunction | |
- CheckEvaluation | |
- CheckExecute | |
- CheckFileAccess | |
- CheckFilterSkipping | |
- CheckForgerySetting | |
- CheckHeaderDoS | |
- CheckI18nXSS | |
- CheckJRubyXML | |
- CheckJSONParsing | |
- CheckLinkTo | |
- CheckLinkToHref | |
- CheckMailTo | |
- CheckMassAssignment | |
- CheckModelAttrAccessible | |
- CheckModelAttributes | |
- CheckModelSerialize | |
- CheckNestedAttributes | |
- CheckNumberToCurrency | |
- CheckQuoteTableName | |
- CheckRedirect | |
- CheckRegexDoS | |
- CheckRender | |
- CheckRenderDoS | |
- CheckResponseSplitting | |
- CheckSafeBufferManipulation | |
- CheckSanitizeMethods | |
- CheckSelectTag | |
- CheckSelectVulnerability | |
- CheckSend | |
- CheckSendFile | |
- CheckSessionSettings | |
- CheckSimpleFormat | |
- CheckSingleQuotes | |
- CheckSkipBeforeFilter | |
- CheckSQL | |
- CheckSQLCVEs | |
- CheckSSLVerify | |
- CheckStripTags | |
- CheckSymbolDoS | |
- CheckTranslateBug | |
- CheckUnsafeReflection | |
- CheckValidationRegex | |
- CheckWithoutProtection | |
- CheckYAMLParsing | |
Checks finished, collecting results... | |
Filtering warnings... | |
[Notice] Using '/Users/bjorvis/src/ruby/brakeman/test/apps/rails2/config/brakeman.ignore' to filter warnings | |
---------------------------------------- | |
Processing Rails 3 application... | |
---------------------------------------- | |
[Notice] Empty configuration file: /Users/bjorvis/src/ruby/brakeman/test/apps/rails3/config/brakeman.yml | |
Loading scanner... | |
Processing application in /Users/bjorvis/src/ruby/brakeman/test/apps/rails3 | |
Processing gems... | |
Processing configuration... | |
[Notice] Escaping HTML by default | |
Parsing files... | |
Processing initializers... | |
Processing libs...ed | |
Processing routes... | |
Processing templates... | |
Processing data flow in templates... | |
Processing models... | |
Processing controllers... | |
Processing data flow in controllers... | |
Indexing call sites... | |
Running checks in parallel... | |
- CheckBasicAuth | |
- CheckCrossSiteScripting | |
- CheckContentTag | |
- CheckDefaultRoutes | |
- CheckDeserialize | |
- CheckDetailedExceptions | |
- CheckDigestDoS | |
- CheckEscapeFunction | |
- CheckEvaluation | |
- CheckExecute | |
- CheckFileAccess | |
- CheckFilterSkipping | |
- CheckForgerySetting | |
- CheckHeaderDoS | |
- CheckI18nXSS | |
- CheckJRubyXML | |
- CheckJSONParsing | |
- CheckLinkTo | |
- CheckLinkToHref | |
- CheckMailTo | |
- CheckMassAssignment | |
- CheckModelAttrAccessible | |
- CheckModelAttributes | |
- CheckModelSerialize | |
- CheckNestedAttributes | |
- CheckNumberToCurrency | |
- CheckQuoteTableName | |
- CheckRedirect | |
- CheckRegexDoS | |
- CheckRender | |
- CheckRenderDoS | |
- CheckResponseSplitting | |
- CheckSafeBufferManipulation | |
- CheckSanitizeMethods | |
- CheckSelectTag | |
- CheckSelectVulnerability | |
- CheckSend | |
- CheckSendFile | |
- CheckSessionSettings | |
- CheckSimpleFormat | |
- CheckSingleQuotes | |
- CheckSkipBeforeFilter | |
- CheckSQL | |
- CheckSQLCVEs | |
- CheckSSLVerify | |
- CheckStripTags | |
- CheckSymbolDoS | |
- CheckTranslateBug | |
- CheckUnsafeReflection | |
- CheckValidationRegex | |
- CheckWithoutProtection | |
- CheckYAMLParsing | |
Checks finished, collecting results... | |
---------------------------------------- | |
Processing Rails 3.1 application... | |
---------------------------------------- | |
Loading scanner... | |
Processing application in /Users/bjorvis/src/ruby/brakeman/test/apps/rails3.1 | |
Processing gems... | |
Processing configuration... | |
[Notice] Escaping HTML by default | |
Parsing files... | |
Processing initializers... | |
Processing libs...ed | |
Processing routes... | |
Processing templates... | |
Processing data flow in templates... | |
Processing models... | |
Processing controllers... | |
Processing data flow in controllers... | |
Indexing call sites... | |
Runnning checks... | |
- CheckBasicAuth | |
- CheckCrossSiteScripting | |
- CheckContentTag | |
- CheckDefaultRoutes | |
- CheckDeserialize | |
- CheckDetailedExceptions | |
- CheckDigestDoS | |
- CheckEscapeFunction | |
- CheckEvaluation | |
- CheckExecute | |
- CheckFileAccess | |
- CheckFilterSkipping | |
- CheckForgerySetting | |
- CheckHeaderDoS | |
- CheckI18nXSS | |
- CheckJRubyXML | |
- CheckJSONParsing | |
- CheckLinkTo | |
- CheckLinkToHref | |
- CheckMailTo | |
- CheckMassAssignment | |
- CheckModelAttrAccessible | |
- CheckModelAttributes | |
- CheckModelSerialize | |
- CheckNestedAttributes | |
- CheckNumberToCurrency | |
- CheckQuoteTableName | |
- CheckRedirect | |
- CheckRegexDoS | |
- CheckRender | |
- CheckRenderDoS | |
- CheckResponseSplitting | |
- CheckSafeBufferManipulation | |
- CheckSanitizeMethods | |
- CheckSelectTag | |
- CheckSelectVulnerability | |
- CheckSend | |
- CheckSendFile | |
- CheckSessionSettings | |
- CheckSimpleFormat | |
- CheckSingleQuotes | |
- CheckSkipBeforeFilter | |
- CheckSQL | |
- CheckSQLCVEs | |
- CheckSSLVerify | |
- CheckStripTags | |
- CheckSymbolDoS | |
- CheckTranslateBug | |
- CheckUnsafeReflection | |
- CheckValidationRegex | |
- CheckWithoutProtection | |
- CheckYAMLParsing | |
---------------------------------------- | |
Processing Rails 3.2 application... | |
---------------------------------------- | |
Loading scanner... | |
Processing application in /Users/bjorvis/src/ruby/brakeman/test/apps/rails3.2 | |
Processing gems... | |
[Notice] Detected Rails 3 application | |
Processing configuration... | |
[Notice] Escaping HTML by default | |
Parsing files... | |
Processing initializers... | |
Processing libs...ed | |
Processing routes... | |
Processing templates... | |
Processing data flow in templates... | |
Processing models... | |
Processing controllers... | |
Processing data flow in controllers... | |
Indexing call sites... | |
Running checks in parallel... | |
- CheckBasicAuth | |
- CheckCrossSiteScripting | |
- CheckContentTag | |
- CheckDefaultRoutes | |
- CheckDeserialize | |
- CheckDetailedExceptions | |
- CheckDigestDoS | |
- CheckEscapeFunction | |
- CheckEvaluation | |
- CheckExecute | |
- CheckFileAccess | |
- CheckFilterSkipping | |
- CheckForgerySetting | |
- CheckHeaderDoS | |
- CheckI18nXSS | |
- CheckJRubyXML | |
- CheckJSONParsing | |
- CheckLinkTo | |
- CheckLinkToHref | |
- CheckMailTo | |
- CheckMassAssignment | |
- CheckModelAttrAccessible | |
- CheckModelAttributes | |
- CheckModelSerialize | |
- CheckNestedAttributes | |
- CheckNumberToCurrency | |
- CheckQuoteTableName | |
- CheckRedirect | |
- CheckRegexDoS | |
- CheckRender | |
- CheckRenderDoS | |
- CheckResponseSplitting | |
- CheckSafeBufferManipulation | |
- CheckSanitizeMethods | |
- CheckSelectTag | |
- CheckSelectVulnerability | |
- CheckSend | |
- CheckSendFile | |
- CheckSessionSettings | |
- CheckSimpleFormat | |
- CheckSingleQuotes | |
- CheckSkipBeforeFilter | |
- CheckSQL | |
- CheckSQLCVEs | |
- CheckSSLVerify | |
- CheckStripTags | |
- CheckSymbolDoS | |
- CheckTranslateBug | |
- CheckUnsafeReflection | |
- CheckValidationRegex | |
- CheckWithoutProtection | |
- CheckYAMLParsing | |
Checks finished, collecting results... | |
---------------------------------------- | |
Processing Rails 4 application... | |
---------------------------------------- | |
Loading scanner... | |
Processing application in /Users/bjorvis/src/ruby/brakeman/test/apps/rails4 | |
Processing gems... | |
[Notice] Detected Rails 4 application | |
Processing configuration... | |
[Notice] Escaping HTML by default | |
Parsing files... | |
Processing initializers... | |
Processing libs...ed | |
Processing routes... | |
Processing templates... | |
Processing data flow in templates... | |
Processing models... | |
Processing controllers... | |
Processing data flow in controllers... | |
Indexing call sites... | |
Running checks in parallel... | |
- CheckBasicAuth | |
- CheckCrossSiteScripting | |
- CheckContentTag | |
- CheckDefaultRoutes | |
- CheckDeserialize | |
- CheckDetailedExceptions | |
- CheckDigestDoS | |
- CheckEscapeFunction | |
- CheckEvaluation | |
- CheckExecute | |
- CheckFileAccess | |
- CheckFilterSkipping | |
- CheckForgerySetting | |
- CheckHeaderDoS | |
- CheckI18nXSS | |
- CheckJRubyXML | |
- CheckJSONParsing | |
- CheckLinkTo | |
- CheckLinkToHref | |
- CheckMailTo | |
- CheckMassAssignment | |
- CheckModelAttrAccessible | |
- CheckModelAttributes | |
- CheckModelSerialize | |
- CheckNestedAttributes | |
- CheckNumberToCurrency | |
- CheckQuoteTableName | |
- CheckRedirect | |
- CheckRegexDoS | |
- CheckRender | |
- CheckRenderDoS | |
- CheckResponseSplitting | |
- CheckSafeBufferManipulation | |
- CheckSanitizeMethods | |
- CheckSelectTag | |
- CheckSelectVulnerability | |
- CheckSend | |
- CheckSendFile | |
- CheckSessionSettings | |
- CheckSimpleFormat | |
- CheckSingleQuotes | |
- CheckSkipBeforeFilter | |
- CheckSQL | |
- CheckSQLCVEs | |
- CheckSSLVerify | |
- CheckStripTags | |
- CheckSymbolDoS | |
- CheckTranslateBug | |
- CheckUnsafeReflection | |
- CheckValidationRegex | |
- CheckWithoutProtection | |
- CheckYAMLParsing | |
Checks finished, collecting results... | |
Filtering warnings... | |
[Notice] Using '/Users/bjorvis/src/ruby/brakeman/test/apps/rails4/config/brakeman.ignore' to filter warnings | |
---------------------------------------- | |
Processing Rails4WithEngines application... | |
---------------------------------------- | |
Loading scanner... | |
Processing application in /Users/bjorvis/src/ruby/brakeman/test/apps/rails4_with_engines | |
Processing gems... | |
[Notice] Detected Rails 4 application | |
Processing configuration... | |
[Notice] Escaping HTML by default | |
Parsing files... | |
Processing initializers... | |
Processing libs...ed | |
Processing routes... | |
Processing templates... | |
Processing data flow in templates... | |
Processing models... | |
Processing controllers... | |
Processing data flow in controllers... | |
Indexing call sites... | |
Running checks in parallel... | |
- CheckBasicAuth | |
- CheckCrossSiteScripting | |
- CheckContentTag | |
- CheckDefaultRoutes | |
- CheckDeserialize | |
- CheckDetailedExceptions | |
- CheckDigestDoS | |
- CheckEscapeFunction | |
- CheckEvaluation | |
- CheckExecute | |
- CheckFileAccess | |
- CheckFilterSkipping | |
- CheckForgerySetting | |
- CheckHeaderDoS | |
- CheckI18nXSS | |
- CheckJRubyXML | |
- CheckJSONParsing | |
- CheckLinkTo | |
- CheckLinkToHref | |
- CheckMailTo | |
- CheckMassAssignment | |
- CheckModelAttrAccessible | |
- CheckModelAttributes | |
- CheckModelSerialize | |
- CheckNestedAttributes | |
- CheckNumberToCurrency | |
- CheckQuoteTableName | |
- CheckRedirect | |
- CheckRegexDoS | |
- CheckRender | |
- CheckRenderDoS | |
- CheckResponseSplitting | |
- CheckSafeBufferManipulation | |
- CheckSanitizeMethods | |
- CheckSelectTag | |
- CheckSelectVulnerability | |
- CheckSend | |
- CheckSendFile | |
- CheckSessionSettings | |
- CheckSimpleFormat | |
- CheckSingleQuotes | |
- CheckSkipBeforeFilter | |
- CheckSQL | |
- CheckSQLCVEs | |
- CheckSSLVerify | |
- CheckStripTags | |
- CheckSymbolDoS | |
- CheckTranslateBug | |
- CheckUnsafeReflection | |
- CheckValidationRegex | |
- CheckWithoutProtection | |
- CheckYAMLParsing | |
Checks finished, collecting results... | |
---------------------------------------- | |
Processing RailsWithXssPlugin application... | |
---------------------------------------- | |
Loading scanner... | |
Processing application in /Users/bjorvis/src/ruby/brakeman/test/apps/rails_with_xss_plugin | |
Processing gems... | |
Processing configuration... | |
[Notice] Escaping HTML by default | |
Parsing files... | |
Processing initializers... | |
Processing libs...ed | |
Processing routes... | |
Processing templates... | |
Processing data flow in templates... | |
Processing models... | |
Processing controllers... | |
Processing data flow in controllers... | |
Indexing call sites... | |
Running checks in parallel... | |
- CheckBasicAuth | |
- CheckCrossSiteScripting | |
- CheckContentTag | |
- CheckDefaultRoutes | |
- CheckDeserialize | |
- CheckDetailedExceptions | |
- CheckDigestDoS | |
- CheckEscapeFunction | |
- CheckEvaluation | |
- CheckExecute | |
- CheckFileAccess | |
- CheckFilterSkipping | |
- CheckForgerySetting | |
- CheckHeaderDoS | |
- CheckI18nXSS | |
- CheckJRubyXML | |
- CheckJSONParsing | |
- CheckLinkTo | |
- CheckLinkToHref | |
- CheckMailTo | |
- CheckMassAssignment | |
- CheckModelAttrAccessible | |
- CheckModelAttributes | |
- CheckModelSerialize | |
- CheckNestedAttributes | |
- CheckNumberToCurrency | |
- CheckQuoteTableName | |
- CheckRedirect | |
- CheckRegexDoS | |
- CheckRender | |
- CheckRenderDoS | |
- CheckResponseSplitting | |
- CheckSafeBufferManipulation | |
- CheckSanitizeMethods | |
- CheckSelectTag | |
- CheckSelectVulnerability | |
- CheckSend | |
- CheckSendFile | |
- CheckSessionSettings | |
- CheckSimpleFormat | |
- CheckSingleQuotes | |
- CheckSkipBeforeFilter | |
- CheckSQL | |
- CheckSQLCVEs | |
- CheckSSLVerify | |
- CheckStripTags | |
- CheckSymbolDoS | |
- CheckTranslateBug | |
- CheckUnsafeReflection | |
- CheckValidationRegex | |
- CheckWithoutProtection | |
- CheckYAMLParsing | |
Checks finished, collecting results... | |
Loaded suite test/test | |
Started | |
...........................................................................[Notice] Detected Rails 3 application | |
.... | |
...............................E | |
=============================================================================== | |
Error: test_create_rake_task(RakeTaskTests) | |
NameError: undefined local variable or method `old_stderr' for #<RakeTaskTests:0x007fcff2a3c040> | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rake_task.rb:12:in `cleanup' | |
=============================================================================== | |
E | |
=============================================================================== | |
Error: test_rake_no_Rakefile(RakeTaskTests) | |
NameError: undefined local variable or method `old_stderr' for #<RakeTaskTests:0x007fcff2a44588> | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rake_task.rb:12:in `cleanup' | |
=============================================================================== | |
E | |
=============================================================================== | |
Error: test_rake_task_exists(RakeTaskTests) | |
NameError: undefined local variable or method `old_stderr' for #<RakeTaskTests:0x007fcff2a4edd0> | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rake_task.rb:12:in `cleanup' | |
=============================================================================== | |
............................................................................... | |
................................F | |
=============================================================================== | |
Failure: | |
No warning found. | |
<0> expected to be != to | |
<0>. | |
test_cross_site_scripting_in_haml(Rails2Tests) | |
test/test.rb:49:in `assert_warning' | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rails2.rb:1142:in `test_cross_site_scripting_in_haml' | |
1139: end | |
1140: | |
1141: def test_cross_site_scripting_in_haml | |
=> 1142: assert_warning :type => :template, | |
1143: :warning_code => 2, | |
1144: :fingerprint => "702f9bae476402bb2614794276083849342540bd8b5e8f2fc35b15b40e9f34fc", | |
1145: :warning_type => "Cross Site Scripting", | |
=============================================================================== | |
F | |
=============================================================================== | |
Failure: | |
No warning found. | |
<0> expected to be != to | |
<0>. | |
test_cross_site_scripting_in_haml2(Rails2Tests) | |
test/test.rb:49:in `assert_warning' | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rails2.rb:1154:in `test_cross_site_scripting_in_haml2' | |
1151: end | |
1152: | |
1153: def test_cross_site_scripting_in_haml2 | |
=> 1154: assert_warning :type => :template, | |
1155: :warning_code => 2, | |
1156: :fingerprint => "79cbc87a06ad9247362be97ba4b6cc12b9619fd0f68d468b81cbed376bfbcc5c", | |
1157: :warning_type => "Cross Site Scripting", | |
=============================================================================== | |
................................................................F | |
=============================================================================== | |
Failure: | |
No warning found. | |
<0> expected to be != to | |
<0>. | |
test_sql_injection_active_record_base_connection(Rails2Tests) | |
test/test.rb:49:in `assert_warning' | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rails2.rb:645:in `test_sql_injection_active_record_base_connection' | |
642: end | |
643: | |
644: def test_sql_injection_active_record_base_connection | |
=> 645: assert_warning :type => :warning, | |
646: :warning_code => 0, | |
647: :fingerprint => "37885d589fc5c41553dcc38b36b506c2e508d1f37ce040eb6dca92a958f858fb", | |
648: :warning_type => "SQL Injection", | |
=============================================================================== | |
............................................................................... | |
...............................F | |
=============================================================================== | |
Failure: | |
No warning found. | |
<0> expected to be != to | |
<0>. | |
test_right_model_attribute_in_haml(Rails31Tests) | |
test/test.rb:49:in `assert_warning' | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rails31.rb:1154:in `test_right_model_attribute_in_haml' | |
1151: end | |
1152: | |
1153: def test_right_model_attribute_in_haml | |
=> 1154: assert_warning :type => :template, | |
1155: :warning_code => 2, | |
1156: :fingerprint => "3310ef4a4bde8b120fd5d421565ee416af815404e7c116a8069052e8732589d0", | |
1157: :warning_type => "Cross Site Scripting", | |
=============================================================================== | |
............................................................................... | |
............................................................................... | |
............................................................................... | |
.........................F | |
=============================================================================== | |
Failure: | |
No warning found. | |
<0> expected to be != to | |
<0>. | |
test_nested_send(Rails4Tests) | |
test/test.rb:49:in `assert_warning' | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rails4.rb:180:in `test_nested_send' | |
177: end | |
178: | |
179: def test_nested_send | |
=> 180: assert_warning :type => :warning, | |
181: :warning_code => 23, | |
182: :fingerprint => "8034183b1b7e4b3d7ad4d60c59e2de9252f277c8ab5dfb408f628b15f03645c3", | |
183: :warning_type => "Dangerous Send", | |
=============================================================================== | |
......F | |
=============================================================================== | |
Failure: | |
No warning found. | |
<0> expected to be != to | |
<0>. | |
test_redirects_with_explicit_host_do_not_warn(Rails4Tests) | |
test/test.rb:49:in `assert_warning' | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rails4.rb:65:in `test_redirects_with_explicit_host_do_not_warn' | |
62: :relative_path => "app/controllers/friendly_controller.rb", | |
63: :user_input => s(:params, s(:lit, :host), s(:call, s(:const, :User), :canonical_url)) | |
64: | |
=> 65: assert_warning :type => :warning, | |
66: :warning_code => 18, | |
67: :fingerprint => "25846ea0cd5178f2af4423a9fc1d7212983ee7f7ba4ca9f35f890e7ef00d9bf9", | |
68: :warning_type => "Redirect", | |
=============================================================================== | |
..............F | |
=============================================================================== | |
Failure: | |
No warning found. | |
<0> expected to be != to | |
<0>. | |
test_sql_injection_in_select_args(Rails4Tests) | |
test/test.rb:49:in `assert_warning' | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rails4.rb:252:in `test_sql_injection_in_select_args' | |
249: end | |
250: | |
251: def test_sql_injection_in_select_args | |
=> 252: assert_warning :type => :warning, | |
253: :warning_code => 0, | |
254: :fingerprint => "bd8c539a645aa417d538cbe7b658cc1c9743f61d1e90c948afacc7e023b30a62", | |
255: :warning_type => "SQL Injection", | |
=============================================================================== | |
.F | |
=============================================================================== | |
Failure: | |
No warning found. | |
<0> expected to be != to | |
<0>. | |
test_sql_injection_select_rows(Rails4Tests) | |
test/test.rb:49:in `assert_warning' | |
/Users/bjorvis/src/ruby/brakeman/test/tests/rails4.rb:204:in `test_sql_injection_select_rows' | |
201: end | |
202: | |
203: def test_sql_injection_select_rows | |
=> 204: assert_warning :type => :warning, | |
205: :warning_code => 0, | |
206: :fingerprint => "2e3c08dfb1e17f7d2e6ee5d142223477b85d27e6aa88d2d06cf0a00d04ed2d5c", | |
207: :warning_type => "SQL Injection", | |
=============================================================================== | |
....................................................................... | |
Finished in 27.602386 seconds. | |
760 tests, 1625 assertions, 8 failures, 3 errors, 0 pendings, 0 omissions, 0 notifications | |
98.5526% passed | |
27.53 tests/s, 58.87 assertions/s | |
Coverage report generated for Unit Tests to /Users/bjorvis/src/ruby/brakeman/coverage. 8447 / 9213 LOC (91.69%) covered. | |
FAILURE rvm: 2.0.0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment