Automated Patch Generation

Get your vulnerable code fixed by RIPS and focus on development

HTML htmlentities() Encoding In Attribute Context Confidence: very high (95%)

symfony-app/src/Controller/UserController.php
19-
$image = "<img title='" . $name . "' src='1.png'/>";
19+
$image = "<img title='" . htmlentities($name, ENT_QUOTES) . "' src='1.png'/>';

Accurate Issue Detection

RIPS scans your application's source code for security vulnerabilities with language-specific analysis engines. Each analysis engine simulates all language-specific features, pitfalls and frameworks for the most accurate static analysis possible. As a result, RIPS is able to detect even complex security bugs in modern code bases with million lines of code and saves days of manual review time. But as a next time-intensive step, all detected security issues require a patch.

About our approach

symfony-app/src/Controller/UserController.php
10
class UserController extends AbstractController
11
{
12
public function show(Request $request): Response
13
{
14
$name = $request->get('name');
19
$image = "<img title='" . $name . "' src='1.png'/>";
26
return new Response($image);
27
}
28
}

Issue Context Evaluation

In order to generate an accurate patch, RIPS evaluates the exact context of the detected security issue. Patches always must be applied context-sensitive to ensure that all malicious characters are sanitized or validated that would otherwise be exploited by attackers. RIPS considers all typing behaviours of the programming language as well as built-in sanitizers and validators, analyzes the markup context (e.g. HTML or SQL), and evaluates the combination of user input with the vulnerable statement. Within this process, RIPS is also able to identify patches that are insufficient or incorrectly applied.

Cross-Site Scripting Vulnerability (single-quoted attribute)
<img title=' $_REQUEST['name'] ' src='1.png'/>

First Patch Generation

As a result of this unique analysis approach, RIPS is the first SAST solution that is able to automatically generate a customized patch. Each patch is specifically tailored to your vulnerable code and fixes the detected issue for you securely. You can easily copy-paste the fixed line into your code for remediation and save additional hours or days of research and rework. Finding and fixing security bugs was never that easy!

symfony-app/src/Controller/UserController.php
19-
$image = "<img title='" . $name . "' src='1.png'/>";
19+
$image = "<img title='" . htmlentities($name, ENT_QUOTES) . "' src='1.png'/>';