-
Notifications
You must be signed in to change notification settings - Fork 0
/
TaintedObjectDataFlow.js
124 lines (101 loc) · 3.69 KB
/
TaintedObjectDataFlow.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
//IASTIGNORE
/*
* ****************************************************
* Licensed Materials - Property of HCL.
* (c) Copyright HCL Technologies Ltd. 2017, 2024.
* Note to U.S. Government Users *Restricted Rights.
* ****************************************************
*/
'use strict'
const Entity = require('./Entity')
const TaskType = require('./Tasks/TaskType')
const Utils = require('./Utils/Utils')
class TaintedObjectDataFlow {
constructor(requestInfo, entityName, entityValue, entityType) {
this.requestInfo = requestInfo
this.sanitized = []
this.entity = new Entity.Entity(entityName, entityValue, entityType)
this.stackInfoList = []
this.taskList = []
this.hasSanitationTask = false
this.hasValidationTask = false
this.reported = new Set()
this.hashValue = null
this.stackArray = null
this.stackString = null
this.sinkStackString = null
}
isTaintedForVulnerability(vulnerability) {
return !this.sanitized.origArrayIncludes(vulnerability)
}
getCopy() {
const copy = new TaintedObjectDataFlow(this.requestInfo, this.entity.name,
this.entity.value, this.entity.type)
copy.sanitized = [...this.sanitized]
copy.stackInfoList = [...this.stackInfoList]
copy.taskList = [...this.taskList]
copy.hasSanitationTask = this.hasSanitationTask
copy.hasValidationTask = this.hasValidationTask
return copy
}
addToTaskList(task) {
if (task.type === TaskType.VALIDATION) {
this.hasValidationTask = true
} else if (task.type === TaskType.SANITIZATION) {
this.hasSanitationTask = true
}
this.taskList.push(task)
}
addToStackInfoList(stackInfo) {
this.stackInfoList.push(stackInfo)
}
sanitize(vulnerability) {
this.sanitized.push(vulnerability)
}
isReported(vulnerability) { return this.reported.has(vulnerability) }
addToReported(vulnerability) { this.reported.add(vulnerability) }
getHashValue() { return this.hashValue }
getStackArray() { return this.stackArray }
getStackString() {
if (this.stackString == null) {
this.stackString = JSON.origStringify(this.stackArray)
}
return this.stackString
}
updateStackAndHashForReporting(vulnerability) {
let hash = Utils.createHashObject()
const jsonOutput = []
if (this.requestInfo.routePath !== undefined)
hash.update(this.requestInfo.routePath)
else if (this.requestInfo.uri !== undefined)
hash.update(this.requestInfo.uri)
if (this.requestInfo.method !== undefined) { hash.update(this.requestInfo.method) }
if (vulnerability != null) { hash.update(vulnerability) }
if (this.entity.type !== undefined) { hash.update(this.entity.type) }
if (this.entity.name !== undefined) { hash.update(this.entity.name) }
for (const item of this.stackInfoList) {
// must update stack before its hash:
item.updateStack()
jsonOutput.push(item)
hash.update(item.updateHash(vulnerability))
}
// update values in flow
this.stackArray = jsonOutput
this.hashValue = hash.produce() // The Hash object can not be used again after hash.digest() method has been called. Multiple calls will cause an error to be thrown
}
getSinkStackString() {
return this.sinkStackString
}
setSinkStackString(sinkStackString) {
this.sinkStackString = sinkStackString
}
// const fieldsToPrint = ['request', 'entity', 'call-trace']
// function replacer(key, value) {
// // Filtering out properties
// if (fieldsToPrint.includes(key)) {
// return value
// }
// return undefined
// }
}
module.exports = TaintedObjectDataFlow