Brakeman scan on next reported several High confidence UnsafeReflection warnings (potential RCE) due to constantize called on/derived from request parameters.
Scan details:
- Brakeman v8.0.4
- Command:
RBENV_VERSION=3.2.7 rbenv exec brakeman -A -w3 --force
Findings (High confidence):
admin/app/controllers/workarea/admin/bulk_actions_controller.rb:7
params[:type].constantize
admin/app/controllers/workarea/admin/create_segments_controller.rb:66
"Workarea::Segment::Rules::#{params[:rule_type].to_s.camelize}".constantize
admin/app/controllers/workarea/admin/segment_rules_controller.rb:59
"Workarea::Segment::Rules::#{params[:rule_type].to_s.camelize}".constantize
core/app/queries/workarea/admin_search_query_wrapper.rb:27
params[:model_type].constantize
Suggested next steps:
- Confirm each param is strictly validated/whitelisted against known classes.
- Prefer mapping param values to classes via explicit hash/lookup instead of
constantize.
- Add tests to ensure unexpected values are rejected.
Opened from #798 (verification scan).
Brakeman scan on
nextreported several High confidence UnsafeReflection warnings (potential RCE) due toconstantizecalled on/derived from request parameters.Scan details:
RBENV_VERSION=3.2.7 rbenv exec brakeman -A -w3 --forceFindings (High confidence):
admin/app/controllers/workarea/admin/bulk_actions_controller.rb:7params[:type].constantizeadmin/app/controllers/workarea/admin/create_segments_controller.rb:66"Workarea::Segment::Rules::#{params[:rule_type].to_s.camelize}".constantizeadmin/app/controllers/workarea/admin/segment_rules_controller.rb:59"Workarea::Segment::Rules::#{params[:rule_type].to_s.camelize}".constantizecore/app/queries/workarea/admin_search_query_wrapper.rb:27params[:model_type].constantizeSuggested next steps:
constantize.Opened from #798 (verification scan).