Merge pull request #1168 from presidentbeef/scan_jobs_directory

Scan /app/jobs/ as libraries

lib/brakeman/app_tree.rb

@@ -112,7 +112,8 @@ def layout_exists?(name)
     def lib_paths
       @lib_files ||= find_paths("lib").reject { |path| path.include? "/generators/" or path.include? "lib/tasks/" or path.include? "lib/templates/" } +
                      find_additional_lib_paths +
-                     find_helper_paths
+                     find_helper_paths +
+                     find_job_paths
     end
 
   private
@@ -121,6 +122,10 @@ def find_helper_paths
       find_paths "app/helpers"
     end
 
+    def find_job_paths
+      find_paths "app/jobs"
+    end
+
     def find_additional_lib_paths
       @additional_libs_path.collect{ |path| find_paths path }.flatten
     end

test/apps/rails5.2/app/jobs/delete_stuff_job.rb

@@ -0,0 +1,5 @@
+class DeleteStuffJob < ApplicationJob
+  def perform file
+    `rm -rf #{file}`
+  end
+end

test/tests/rails52.rb

@@ -13,7 +13,7 @@ def expected
       :controller => 0,
       :model => 0,
       :template => 0,
-      :generic => 2
+      :generic => 3
     }
   end
 
@@ -53,6 +53,19 @@ def test_command_injection_1
       :user_input => s(:ivar, :@blah)
   end
 
+  def test_command_injection_in_job
+    assert_warning :type => :warning,
+      :warning_code => 14,
+      :fingerprint => "e712e2741ad78f4e947bec84f36a0d703849d3b0facdabd8cc74851d7b702a48",
+      :warning_type => "Command Injection",
+      :line => 3,
+      :message => /^Possible\ command\ injection/,
+      :confidence => 1,
+      :relative_path => "app/jobs/delete_stuff_job.rb",
+      :code => s(:dxstr, "rm -rf ", s(:evstr, s(:lvar, :file))),
+      :user_input => s(:lvar, :file)
+  end
+
   def test_command_injection_shellwords
     assert_no_warning :type => :warning,
       :warning_code => 14,