def run_check
if version_between? "3.0.0", "3.0.16"
suggested_version = "3.0.17"
elsif version_between? "3.1.0", "3.1.7"
suggested_version = "3.1.8"
elsif version_between? "3.2.0", "3.2.7"
suggested_version = "3.2.8"
else
return
end
@ignore_methods = Set[:escapeHTML, :escape_once, :h].merge tracker.options[:safe_methods]
@message = msg("Upgrade to ", msg_version(suggested_version), ". In ", msg_version(rails_version), " ", msg_code("select_tag"), " is vulnerable ", msg_cve("CVE-2012-3463"))
calls = tracker.find_call(:target => nil, :method => :select_tag).select do |result|
result[:location][:type] == :template
end
calls.each do |result|
process_result result
end
end