From 87fed3a305171772078eaa25b4d02bcc83b0cda1 Mon Sep 17 00:00:00 2001 From: Al Snow Date: Tue, 28 Oct 2014 13:45:12 -0400 Subject: [PATCH] Rebuilt Gemfile.lock file; Fixed Time.now issue --- Gemfile.lock | 119 +++++++++++++++++- app/models/benefits.rb | 4 +- .../injection/_injection_command.html.erb | 6 +- report.html | 6 +- 4 files changed, 125 insertions(+), 10 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 5ad895c..351feaf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -108,7 +108,7 @@ GEM trollop (~> 2.0) gherkin (2.12.2) multi_json (~> 1.3) - guard (2.6.1) + guard (2.7.0) formatador (>= 0.2.4) listen (~> 2.7) lumberjack (~> 1.0) @@ -265,7 +265,7 @@ GEM rack (~> 1.0) tilt (~> 1.1, != 1.3.0) sqlite3 (1.3.9) - temple (0.6.9) + temple (0.6.10) terminal-table (1.4.5) therubyracer (0.12.1) libv8 (~> 3.16.14.0) @@ -282,6 +282,121 @@ GEM json treetop (1.4.15) polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) + polyglot (>= 0.3.1) polyglot (>= 0.3.1) trollop (2.0) tzinfo (0.3.42) diff --git a/app/models/benefits.rb b/app/models/benefits.rb index 4a1cb9d..144a2f4 100644 --- a/app/models/benefits.rb +++ b/app/models/benefits.rb @@ -12,13 +12,13 @@ class Benefits < ActiveRecord::Base def self.make_backup(file, data_path, full_file_name) if File.exists?(full_file_name) - silence_streams(STDERR) { system("cp #{full_file_name} #{data_path}/bak#{Time.now.to_i}_#{file.original_filename}") } + silence_streams(STDERR) { system("cp #{full_file_name} #{data_path}/bak#{Time.zone.now.to_i}_#{file.original_filename}") } end end =begin def self.make_backup(file, data_path, full_file_name) - FileUtils.cp "#{full_file_name}", "#{data_path}/bak#{Time.now.to_i}_#{file.original_filename}" + FileUtils.cp "#{full_file_name}", "#{data_path}/bak#{Time.zone.now.to_i}_#{file.original_filename}" end =end diff --git a/app/views/layouts/tutorial/injection/_injection_command.html.erb b/app/views/layouts/tutorial/injection/_injection_command.html.erb index 59debec..f0c871f 100644 --- a/app/views/layouts/tutorial/injection/_injection_command.html.erb +++ b/app/views/layouts/tutorial/injection/_injection_command.html.erb @@ -67,7 +67,7 @@ end def self.make_backup(file, data_path, full_file_name) - system("cp #{full_file_name} #{data_path}/bak#{Time.now.to_i}_#{file.original_filename}") + system("cp #{full_file_name} #{data_path}/bak#{Time.zone.now.to_i}_#{file.original_filename}") end end @@ -131,7 +131,7 @@ 

           def self.make_backup(file, data_path, full_file_name)
-             FileUtils.cp "#{full_file_name}", "#{data_path}/bak#{Time.now.to_i}_#{file.original_filename}"
+             FileUtils.cp "#{full_file_name}", "#{data_path}/bak#{Time.zone.now.to_i}_#{file.original_filename}"
            end
@@ -153,4 +153,4 @@ - \ No newline at end of file + diff --git a/report.html b/report.html index d0b0aeb..c8c5512 100644 --- a/report.html +++ b/report.html @@ -807,7 +807,7 @@ p { Benefits Benefits.make_backup Command Injection -
Possible command injection near line 15: system("cp #{(local full_file_name)} #{(local data_path)}/ba... +