diff options
| author | Matt Jankowski <matt@jankowski.online> | 2023-10-17 09:58:42 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-10-17 15:58:42 +0200 |
| commit | 65cd0700e4cbc05372140d4fe33bfc6e2412a161 (patch) | |
| tree | 2d83924782e985f6a642bc64f02e4b5d30d4103d | |
| parent | b34a2b1b334f94cb5491e2472f92f22f4b8a7683 (diff) | |
Refactor domains cli to remove model call from regex (#25878)
| -rw-r--r-- | config/brakeman.ignore | 24 | ||||
| -rw-r--r-- | lib/mastodon/cli/domains.rb | 6 |
2 files changed, 5 insertions, 25 deletions
diff --git a/config/brakeman.ignore b/config/brakeman.ignore index 02ce23a0750..9f85ccb6a4b 100644 --- a/config/brakeman.ignore +++ b/config/brakeman.ignore @@ -34,30 +34,6 @@ "note": "" }, { - "warning_type": "Denial of Service", - "warning_code": 76, - "fingerprint": "7b6abba5699755348e7ee82a4694bfbf574b41c7cce2d0db0f7c11ae3f983c72", - "check_name": "RegexDoS", - "message": "Model attribute used in regular expression", - "file": "lib/mastodon/cli/domains.rb", - "line": 128, - "link": "https://brakemanscanner.org/docs/warning_types/denial_of_service/", - "code": "/\\.?(#{DomainBlock.where(:severity => 1).pluck(:domain).map do\n Regexp.escape(domain)\n end.join(\"|\")})$/", - "render_path": null, - "location": { - "type": "method", - "class": "Mastodon::CLI::Domains", - "method": "crawl" - }, - "user_input": "DomainBlock.where(:severity => 1).pluck(:domain)", - "confidence": "Weak", - "cwe_id": [ - 20, - 185 - ], - "note": "" - }, - { "warning_type": "Cross-Site Scripting", "warning_code": 4, "fingerprint": "cd5cfd7f40037fbfa753e494d7129df16e358bfc43ef0da3febafbf4ee1ed3ac", diff --git a/lib/mastodon/cli/domains.rb b/lib/mastodon/cli/domains.rb index d17b2536818..329f1716725 100644 --- a/lib/mastodon/cli/domains.rb +++ b/lib/mastodon/cli/domains.rb @@ -125,7 +125,7 @@ module Mastodon::CLI failed = Concurrent::AtomicFixnum.new(0) start_at = Time.now.to_f seed = start ? [start] : Instance.pluck(:domain) - blocked_domains = /\.?(#{DomainBlock.where(severity: 1).pluck(:domain).map { |domain| Regexp.escape(domain) }.join('|')})$/ + blocked_domains = /\.?(#{Regexp.union(domain_block_suspended_domains).source})$/ progress = create_progress_bar pool = Concurrent::ThreadPoolExecutor.new(min_threads: 0, max_threads: options[:concurrency], idletime: 10, auto_terminate: true, max_queue: 0) @@ -189,6 +189,10 @@ module Mastodon::CLI private + def domain_block_suspended_domains + DomainBlock.suspend.pluck(:domain) + end + def stats_to_summary(stats, processed, failed, start_at) stats.compact! |