Unsanitized user input in code generation

• Rule ID: ruby_lang_reflection_using_user_input
• Languages: ruby
• Source: reflection_using_user_input.yml

Description

Using unsanitized user input in code generation can lead to code injection vulnerabilities. This issue arises when an application dynamically generates or manipulates code based on user-supplied data without proper validation or sanitization.

Remediations

• Do not directly use user input for code generation or reflection. This can lead to malicious code execution.

  method(params[:method]) # unsafe

• Do validate or sanitize user input before using it in code generation. Use a controlled approach to map user inputs to specific, predefined actions or methods.

  method_name =
    case params[:action]
    when "option1"
      "method1"
    when "option2"
      "method2"
    end
  
  method(method_name)

References

• OWASP Code injection explained

Associated CWE

• CWE-94: Improper Control of Generation of Code ('Code Injection')

OWASP Top 10

• A03:2021 - Injection

Configuration

To skip this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --skip-rule=ruby_lang_reflection_using_user_input

To run only this rule during a scan, use the following flag

bearer scan /path/to/your-project/ --only-rule=ruby_lang_reflection_using_user_input