@nahisaho/musubix-security 2.0.1 → 2.1.1

package/dist/rules/cwe/cwe-352-csrf.js

@@ -0,0 +1,51 @@
+/**
+ * @fileoverview CWE-352: Cross-Site Request Forgery (CSRF)
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-352-csrf
+ * @trace TSK-RULE-005
+ */
+export const cwe352CSRF = {
+    id: 'cwe-352-csrf',
+    name: 'CWE-352: Cross-Site Request Forgery',
+    description: 'Detects missing CSRF protection patterns',
+    defaultSeverity: 'high',
+    category: 'session',
+    tags: ['cwe', 'csrf', 'session', 'security'],
+    cwe: ['352'],
+    references: [
+        { title: 'CWE-352: CSRF', url: 'https://cwe.mitre.org/data/definitions/352.html' },
+    ],
+    async analyze(context) {
+        const findings = [];
+        const lines = context.sourceCode.split('\n');
+        const patterns = [
+            { pattern: /app\.post\s*\(/gi, type: 'POST without CSRF', severity: 'medium' },
+            { pattern: /app\.put\s*\(/gi, type: 'PUT without CSRF', severity: 'medium' },
+            { pattern: /app\.delete\s*\(/gi, type: 'DELETE without CSRF', severity: 'medium' },
+            { pattern: /SameSite\s*:\s*['"`]None['"`]/gi, type: 'SameSite=None cookie', severity: 'high' },
+            { pattern: /credentials\s*:\s*['"`]include['"`]/gi, type: 'Fetch with credentials', severity: 'low' },
+        ];
+        for (let i = 0; i < lines.length; i++) {
+            for (const { pattern, type, severity } of patterns) {
+                pattern.lastIndex = 0;
+                if (pattern.test(lines[i])) {
+                    findings.push({
+                        id: `cwe-352-${findings.length + 1}`,
+                        ruleId: 'cwe-352-csrf',
+                        severity,
+                        message: `CSRF - ${type}: Ensure CSRF token validation`,
+                        location: { file: context.filePath, startLine: i + 1, endLine: i + 1 },
+                        cwe: ['352'],
+                        suggestion: {
+                            description: 'Use CSRF middleware',
+                            example: `const csrf = require('csurf');
+app.use(csrf({ cookie: true }));`,
+                        },
+                    });
+                }
+            }
+        }
+        return findings;
+    },
+};
+export default cwe352CSRF;
+//# sourceMappingURL=cwe-352-csrf.js.map

package/dist/rules/cwe/cwe-352-csrf.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-352-csrf.js","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-352-csrf.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,CAAC,MAAM,UAAU,GAAiB;IACtC,EAAE,EAAE,cAAc;IAClB,IAAI,EAAE,qCAAqC;IAC3C,WAAW,EAAE,0CAA0C;IACvD,eAAe,EAAE,MAAM;IACvB,QAAQ,EAAE,SAAS;IACnB,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,CAAC;IAC5C,GAAG,EAAE,CAAC,KAAK,CAAC;IACZ,UAAU,EAAE;QACV,EAAE,KAAK,EAAE,eAAe,EAAE,GAAG,EAAE,iDAAiD,EAAE;KACnF;IAED,KAAK,CAAC,OAAO,CAAC,OAAoB;QAChC,MAAM,QAAQ,GAAkB,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE7C,MAAM,QAAQ,GAAG;YACf,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,QAAiB,EAAE;YACvF,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,QAAiB,EAAE;YACrF,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,qBAAqB,EAAE,QAAQ,EAAE,QAAiB,EAAE;YAC3F,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAe,EAAE;YACvG,EAAE,OAAO,EAAE,uCAAuC,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,KAAc,EAAE;SAC/G,CAAC;QAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,QAAQ,EAAE,CAAC;gBACnD,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;gBACtB,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC3B,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,WAAW,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;wBACpC,MAAM,EAAE,cAAc;wBACtB,QAAQ;wBACR,OAAO,EAAE,UAAU,IAAI,gCAAgC;wBACvD,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,QAAQ,EAAE,SAAS,EAAE,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE;wBACtE,GAAG,EAAE,CAAC,KAAK,CAAC;wBACZ,UAAU,EAAE;4BACV,WAAW,EAAE,qBAAqB;4BAClC,OAAO,EAAE;iCACU;yBACpB;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,UAAU,CAAC"}

package/dist/rules/cwe/cwe-362-race-condition.d.ts

@@ -0,0 +1,9 @@
+/**
+ * @fileoverview CWE-362: Concurrent Execution Using Shared Resource (Race Condition)
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-362-race-condition
+ * @trace TSK-RULE-006
+ */
+import type { SecurityRule } from '../types.js';
+export declare const cwe362RaceCondition: SecurityRule;
+export default cwe362RaceCondition;
+//# sourceMappingURL=cwe-362-race-condition.d.ts.map

package/dist/rules/cwe/cwe-362-race-condition.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-362-race-condition.d.ts","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-362-race-condition.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAA4B,MAAM,aAAa,CAAC;AAE1E,eAAO,MAAM,mBAAmB,EAAE,YAkDjC,CAAC;AAEF,eAAe,mBAAmB,CAAC"}

package/dist/rules/cwe/cwe-362-race-condition.js

@@ -0,0 +1,55 @@
+/**
+ * @fileoverview CWE-362: Concurrent Execution Using Shared Resource (Race Condition)
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-362-race-condition
+ * @trace TSK-RULE-006
+ */
+export const cwe362RaceCondition = {
+    id: 'cwe-362-race-condition',
+    name: 'CWE-362: Race Condition',
+    description: 'Detects potential race condition vulnerabilities',
+    defaultSeverity: 'medium',
+    category: 'concurrency',
+    tags: ['cwe', 'race-condition', 'concurrency', 'security'],
+    cwe: ['362'],
+    references: [
+        { title: 'CWE-362', url: 'https://cwe.mitre.org/data/definitions/362.html' },
+    ],
+    async analyze(context) {
+        const findings = [];
+        const lines = context.sourceCode.split('\n');
+        const patterns = [
+            { pattern: /if\s*\(.*exists.*\).*\{[^}]*(?:write|create|delete)/gis, type: 'Check-then-act pattern', severity: 'high' },
+            { pattern: /fs\.existsSync.*fs\.(?:write|unlink|mkdir)/gi, type: 'File TOCTOU', severity: 'high' },
+            { pattern: /\.findOne\s*\([^)]+\).*\.save\s*\(\)/gi, type: 'Read-modify-write pattern', severity: 'medium' },
+            { pattern: /let\s+\w+\s*=.*;\s*(?:setTimeout|setInterval)/gi, type: 'Shared state with timer', severity: 'medium' },
+            { pattern: /global\.\w+\s*=|globalThis\.\w+\s*=/gi, type: 'Global state modification', severity: 'medium' },
+            { pattern: /Promise\.all.*(?:update|write|delete)/gi, type: 'Concurrent mutations', severity: 'medium' },
+        ];
+        for (let i = 0; i < lines.length; i++) {
+            for (const { pattern, type, severity } of patterns) {
+                pattern.lastIndex = 0;
+                if (pattern.test(lines[i])) {
+                    findings.push({
+                        id: `cwe-362-${findings.length + 1}`,
+                        ruleId: 'cwe-362-race-condition',
+                        severity,
+                        message: `Race Condition - ${type}: Use atomic operations or locks`,
+                        location: { file: context.filePath, startLine: i + 1, endLine: i + 1 },
+                        cwe: ['362'],
+                        suggestion: {
+                            description: 'Use atomic operations or proper locking',
+                            example: `// Use atomic operation or transaction
+await db.transaction(async (tx) => {
+  const item = await tx.findOne(query);
+  if (item) await tx.update(item.id, data);
+});`,
+                        },
+                    });
+                }
+            }
+        }
+        return findings;
+    },
+};
+export default cwe362RaceCondition;
+//# sourceMappingURL=cwe-362-race-condition.js.map

package/dist/rules/cwe/cwe-362-race-condition.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-362-race-condition.js","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-362-race-condition.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,CAAC,MAAM,mBAAmB,GAAiB;IAC/C,EAAE,EAAE,wBAAwB;IAC5B,IAAI,EAAE,yBAAyB;IAC/B,WAAW,EAAE,kDAAkD;IAC/D,eAAe,EAAE,QAAQ;IACzB,QAAQ,EAAE,aAAa;IACvB,IAAI,EAAE,CAAC,KAAK,EAAE,gBAAgB,EAAE,aAAa,EAAE,UAAU,CAAC;IAC1D,GAAG,EAAE,CAAC,KAAK,CAAC;IACZ,UAAU,EAAE;QACV,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,iDAAiD,EAAE;KAC7E;IAED,KAAK,CAAC,OAAO,CAAC,OAAoB;QAChC,MAAM,QAAQ,GAAkB,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE7C,MAAM,QAAQ,GAAG;YACf,EAAE,OAAO,EAAE,wDAAwD,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,MAAe,EAAE;YAChI,EAAE,OAAO,EAAE,8CAA8C,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAe,EAAE;YAC3G,EAAE,OAAO,EAAE,wCAAwC,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,QAAiB,EAAE;YACrH,EAAE,OAAO,EAAE,iDAAiD,EAAE,IAAI,EAAE,yBAAyB,EAAE,QAAQ,EAAE,QAAiB,EAAE;YAC5H,EAAE,OAAO,EAAE,uCAAuC,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,QAAiB,EAAE;YACpH,EAAE,OAAO,EAAE,yCAAyC,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,QAAiB,EAAE;SAClH,CAAC;QAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,QAAQ,EAAE,CAAC;gBACnD,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;gBACtB,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC3B,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,WAAW,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;wBACpC,MAAM,EAAE,wBAAwB;wBAChC,QAAQ;wBACR,OAAO,EAAE,oBAAoB,IAAI,kCAAkC;wBACnE,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,QAAQ,EAAE,SAAS,EAAE,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE;wBACtE,GAAG,EAAE,CAAC,KAAK,CAAC;wBACZ,UAAU,EAAE;4BACV,WAAW,EAAE,yCAAyC;4BACtD,OAAO,EAAE;;;;IAInB;yBACS;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,mBAAmB,CAAC"}

package/dist/rules/cwe/cwe-416-use-after-free.d.ts

@@ -0,0 +1,23 @@
+/**
+ * @fileoverview CWE-416: Use After Free
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-416-use-after-free
+ * @trace TSK-RULE-005
+ *
+ * Detects:
+ * - Resource usage after disposal (streams, handles)
+ * - Promise race conditions
+ * - Event listener memory leaks
+ * - Timer cleanup issues
+ * - Database connection pool misuse
+ *
+ * CWE-416 is #4 in CWE Top 25 2023.
+ * Note: JavaScript has garbage collection, so traditional UAF is rare.
+ * This rule focuses on logical "use after free" patterns.
+ */
+import type { SecurityRule } from '../types.js';
+/**
+ * CWE-416 - Use After Free
+ */
+export declare const cwe416UseAfterFree: SecurityRule;
+export default cwe416UseAfterFree;
+//# sourceMappingURL=cwe-416-use-after-free.d.ts.map

package/dist/rules/cwe/cwe-416-use-after-free.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-416-use-after-free.d.ts","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-416-use-after-free.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,YAAY,EAA4B,MAAM,aAAa,CAAC;AAE1E;;GAEG;AACH,eAAO,MAAM,kBAAkB,EAAE,YAgChC,CAAC;AAqZF,eAAe,kBAAkB,CAAC"}

package/dist/rules/cwe/cwe-416-use-after-free.js

@@ -0,0 +1,402 @@
+/**
+ * @fileoverview CWE-416: Use After Free
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-416-use-after-free
+ * @trace TSK-RULE-005
+ *
+ * Detects:
+ * - Resource usage after disposal (streams, handles)
+ * - Promise race conditions
+ * - Event listener memory leaks
+ * - Timer cleanup issues
+ * - Database connection pool misuse
+ *
+ * CWE-416 is #4 in CWE Top 25 2023.
+ * Note: JavaScript has garbage collection, so traditional UAF is rare.
+ * This rule focuses on logical "use after free" patterns.
+ */
+/**
+ * CWE-416 - Use After Free
+ */
+export const cwe416UseAfterFree = {
+    id: 'cwe-416-use-after-free',
+    name: 'CWE-416: Use After Free',
+    description: 'Detects resource usage after disposal patterns including streams, connections, and event handlers',
+    defaultSeverity: 'medium',
+    category: 'memory-safety',
+    tags: ['cwe', 'memory', 'resource', 'disposal', 'security'],
+    cwe: ['416'],
+    references: [
+        {
+            title: 'CWE-416: Use After Free',
+            url: 'https://cwe.mitre.org/data/definitions/416.html',
+        },
+        {
+            title: 'Node.js Stream Documentation',
+            url: 'https://nodejs.org/api/stream.html',
+        },
+    ],
+    async analyze(context) {
+        const findings = [];
+        const sourceCode = context.sourceCode;
+        checkStreamDisposal(context, sourceCode, findings);
+        checkConnectionPoolIssues(context, sourceCode, findings);
+        checkEventListenerLeaks(context, sourceCode, findings);
+        checkTimerCleanup(context, sourceCode, findings);
+        checkPromiseRaceConditions(context, sourceCode, findings);
+        return findings;
+    },
+};
+/**
+ * Check for stream usage after close/destroy
+ */
+function checkStreamDisposal(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const streamPatterns = [
+        {
+            pattern: /\.destroy\s*\(\s*\)[^;]*;[^}]*\.write\s*\(/gi,
+            type: 'Write after destroy',
+            message: 'Writing to stream after destroy() was called',
+            severity: 'high',
+        },
+        {
+            pattern: /\.end\s*\(\s*\)[^;]*;[^}]*\.write\s*\(/gi,
+            type: 'Write after end',
+            message: 'Writing to stream after end() was called',
+            severity: 'medium',
+        },
+        {
+            pattern: /\.close\s*\(\s*\)[^;]*;[^}]*(?:\.read|\.write|\.pipe)\s*\(/gi,
+            type: 'Operation after close',
+            message: 'Stream operation after close() was called',
+            severity: 'medium',
+        },
+        {
+            pattern: /stream\.(?:destroy|end|close)\s*\([^)]*\)\s*;[\s\S]{0,100}stream\./gi,
+            type: 'Stream reuse after disposal',
+            message: 'Potential stream usage after disposal',
+            severity: 'medium',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message, severity } of streamPatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-416-stream-${findings.length + 1}`,
+                    ruleId: 'cwe-416-use-after-free',
+                    severity,
+                    message: `Use After Free - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['416'],
+                    suggestion: {
+                        description: 'Check stream state before operations',
+                        example: `// Check if stream is writable before writing
+if (!stream.destroyed && stream.writable) {
+  stream.write(data);
+}
+
+// Use proper event handlers
+stream.on('close', () => {
+  // Stream is now closed, don't use it
+  stream = null;
+});`,
+                    },
+                });
+            }
+        }
+    }
+}
+/**
+ * Check for database connection pool issues
+ */
+function checkConnectionPoolIssues(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const connectionPatterns = [
+        {
+            pattern: /\.release\s*\(\s*\)[^;]*;[^}]*(?:\.query|\.execute)\s*\(/gi,
+            type: 'Query after release',
+            message: 'Database operation after connection release',
+            severity: 'high',
+        },
+        {
+            pattern: /connection\.end\s*\(\s*\)[^;]*;[^}]*connection\./gi,
+            type: 'Connection use after end',
+            message: 'Connection used after end() was called',
+            severity: 'high',
+        },
+        {
+            pattern: /pool\.end\s*\(\s*\)[^;]*;[^}]*pool\.(?:query|getConnection)/gi,
+            type: 'Pool use after end',
+            message: 'Connection pool used after being closed',
+            severity: 'high',
+        },
+        {
+            pattern: /client\.close\s*\(\s*\)[^;]*;[^}]*client\./gi,
+            type: 'Client use after close',
+            message: 'Database client used after close()',
+            severity: 'high',
+        },
+        {
+            pattern: /await\s+\w+\.release\s*\(\s*\)[\s\S]{0,50}await\s+\w+\.query/gi,
+            type: 'Query after async release',
+            message: 'Async query after connection release',
+            severity: 'medium',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message, severity } of connectionPatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-416-conn-${findings.length + 1}`,
+                    ruleId: 'cwe-416-use-after-free',
+                    severity,
+                    message: `Use After Free - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['416'],
+                    suggestion: {
+                        description: 'Use connection within try-finally or use pooled queries',
+                        example: `// Use try-finally for proper cleanup
+const connection = await pool.getConnection();
+try {
+  await connection.query('SELECT ...');
+} finally {
+  connection.release();
+}
+
+// Or use pool.query directly (auto-release)
+const results = await pool.query('SELECT ...');`,
+                    },
+                });
+            }
+        }
+    }
+}
+/**
+ * Check for event listener memory leaks
+ */
+function checkEventListenerLeaks(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const listenerPatterns = [
+        {
+            pattern: /\.on\s*\(\s*['"`]\w+['"`]\s*,\s*(?:function|\([^)]*\)\s*=>)/gi,
+            type: 'Event listener without removal',
+            message: 'Event listener added - ensure proper cleanup',
+            severity: 'info',
+        },
+        {
+            pattern: /\.addListener\s*\(\s*['"`]\w+['"`]\s*,/gi,
+            type: 'addListener without removal',
+            message: 'addListener used - ensure corresponding removeListener',
+            severity: 'info',
+        },
+        {
+            pattern: /setMaxListeners\s*\(\s*0\s*\)/gi,
+            type: 'Unlimited listeners',
+            message: 'setMaxListeners(0) disables leak warning - may mask real leaks',
+            severity: 'medium',
+        },
+        {
+            pattern: /setMaxListeners\s*\(\s*(?:Infinity|Number\.MAX_SAFE_INTEGER)\s*\)/gi,
+            type: 'Infinite listeners',
+            message: 'Infinite max listeners disables leak detection',
+            severity: 'medium',
+        },
+        {
+            pattern: /\.removeAllListeners\s*\(\s*\)/gi,
+            type: 'Remove all listeners',
+            message: 'removeAllListeners() may remove listeners from other modules',
+            severity: 'low',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message, severity } of listenerPatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-416-listener-${findings.length + 1}`,
+                    ruleId: 'cwe-416-use-after-free',
+                    severity,
+                    message: `Resource Leak - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['416'],
+                    suggestion: {
+                        description: 'Use once() or cleanup listeners properly',
+                        example: `// Use once() for one-time events
+emitter.once('event', handler);
+
+// Store reference for cleanup
+const handler = () => { /* ... */ };
+emitter.on('event', handler);
+// Later:
+emitter.off('event', handler);
+
+// Use AbortController for cleanup
+const controller = new AbortController();
+element.addEventListener('click', handler, { signal: controller.signal });
+// Cleanup:
+controller.abort();`,
+                    },
+                });
+            }
+        }
+    }
+}
+/**
+ * Check for timer cleanup issues
+ */
+function checkTimerCleanup(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const timerPatterns = [
+        {
+            pattern: /setInterval\s*\([^)]+\)/gi,
+            type: 'setInterval without clearInterval',
+            message: 'setInterval may cause memory leaks if not cleared',
+            severity: 'low',
+        },
+        {
+            pattern: /setTimeout\s*\([^)]+\)(?!\s*;?\s*(?:const|let|var)\s+\w+)/gi,
+            type: 'setTimeout without reference',
+            message: 'setTimeout without storing reference cannot be cancelled',
+            severity: 'info',
+        },
+        {
+            pattern: /clearTimeout\s*\(\s*\w+\s*\)\s*;[^}]*setTimeout/gi,
+            type: 'Timeout cleared then reused',
+            message: 'Timer variable reused after clear - ensure proper assignment',
+            severity: 'low',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message, severity } of timerPatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-416-timer-${findings.length + 1}`,
+                    ruleId: 'cwe-416-use-after-free',
+                    severity,
+                    message: `Resource Leak - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['416'],
+                    suggestion: {
+                        description: 'Store timer references and clean up properly',
+                        example: `// Store reference for cleanup
+const timerId = setInterval(() => {
+  // periodic work
+}, 1000);
+
+// Clean up when done
+clearInterval(timerId);
+
+// For React components
+useEffect(() => {
+  const id = setInterval(fn, 1000);
+  return () => clearInterval(id);
+}, []);`,
+                    },
+                });
+            }
+        }
+    }
+}
+/**
+ * Check for promise race conditions that may cause UAF-like issues
+ */
+function checkPromiseRaceConditions(context, sourceCode, findings) {
+    const lines = sourceCode.split('\n');
+    const racePatterns = [
+        {
+            pattern: /Promise\.race\s*\(\s*\[/gi,
+            type: 'Promise.race usage',
+            message: 'Promise.race may leave pending promises - ensure proper cleanup',
+            severity: 'info',
+        },
+        {
+            pattern: /\.then\s*\([^)]+\)\s*;[^}]*=\s*null/gi,
+            type: 'Nullify after async',
+            message: 'Variable nullified while async operation may still be pending',
+            severity: 'medium',
+        },
+        {
+            pattern: /async\s+function[^{]*\{[^}]*this\.\w+\s*=[^}]*await/gi,
+            type: 'This assignment after await',
+            message: 'Assignment to this after await may fail if object was disposed',
+            severity: 'medium',
+        },
+        {
+            pattern: /unmount|destroy|dispose[^}]*await/gi,
+            type: 'Await in cleanup',
+            message: 'Async operation in cleanup function may complete after disposal',
+            severity: 'medium',
+        },
+    ];
+    for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+        const line = lines[lineNum];
+        for (const { pattern, type, message, severity } of racePatterns) {
+            pattern.lastIndex = 0;
+            if (pattern.test(line)) {
+                findings.push({
+                    id: `cwe-416-race-${findings.length + 1}`,
+                    ruleId: 'cwe-416-use-after-free',
+                    severity,
+                    message: `Race Condition - ${type}: ${message}`,
+                    location: {
+                        file: context.filePath,
+                        startLine: lineNum + 1,
+                        endLine: lineNum + 1,
+                        startColumn: 0,
+                        endColumn: line.length,
+                    },
+                    cwe: ['416'],
+                    suggestion: {
+                        description: 'Use cancellation tokens or check component state',
+                        example: `// Use AbortController for cancellation
+const controller = new AbortController();
+fetch(url, { signal: controller.signal });
+// Cancel on cleanup:
+controller.abort();
+
+// Check mounted state in React
+useEffect(() => {
+  let mounted = true;
+  fetchData().then(data => {
+    if (mounted) setData(data);
+  });
+  return () => { mounted = false; };
+}, []);`,
+                    },
+                });
+            }
+        }
+    }
+}
+export default cwe416UseAfterFree;
+//# sourceMappingURL=cwe-416-use-after-free.js.map

package/dist/rules/cwe/cwe-416-use-after-free.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-416-use-after-free.js","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-416-use-after-free.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAIH;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAiB;IAC9C,EAAE,EAAE,wBAAwB;IAC5B,IAAI,EAAE,yBAAyB;IAC/B,WAAW,EACT,mGAAmG;IACrG,eAAe,EAAE,QAAQ;IACzB,QAAQ,EAAE,eAAe;IACzB,IAAI,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,CAAC;IAC3D,GAAG,EAAE,CAAC,KAAK,CAAC;IACZ,UAAU,EAAE;QACV;YACE,KAAK,EAAE,yBAAyB;YAChC,GAAG,EAAE,iDAAiD;SACvD;QACD;YACE,KAAK,EAAE,8BAA8B;YACrC,GAAG,EAAE,oCAAoC;SAC1C;KACF;IAED,KAAK,CAAC,OAAO,CAAC,OAAoB;QAChC,MAAM,QAAQ,GAAkB,EAAE,CAAC;QACnC,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC;QAEtC,mBAAmB,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QACnD,yBAAyB,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QACzD,uBAAuB,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QACvD,iBAAiB,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QACjD,0BAA0B,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;QAE1D,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,SAAS,mBAAmB,CAC1B,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,cAAc,GAAG;QACrB;YACE,OAAO,EAAE,8CAA8C;YACvD,IAAI,EAAE,qBAAqB;YAC3B,OAAO,EAAE,8CAA8C;YACvD,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,0CAA0C;YACnD,IAAI,EAAE,iBAAiB;YACvB,OAAO,EAAE,0CAA0C;YACnD,QAAQ,EAAE,QAAiB;SAC5B;QACD;YACE,OAAO,EAAE,8DAA8D;YACvE,IAAI,EAAE,uBAAuB;YAC7B,OAAO,EAAE,2CAA2C;YACpD,QAAQ,EAAE,QAAiB;SAC5B;QACD;YACE,OAAO,EAAE,sEAAsE;YAC/E,IAAI,EAAE,6BAA6B;YACnC,OAAO,EAAE,uCAAuC;YAChD,QAAQ,EAAE,QAAiB;SAC5B;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,cAAc,EAAE,CAAC;YAClE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,kBAAkB,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC3C,MAAM,EAAE,wBAAwB;oBAChC,QAAQ;oBACR,OAAO,EAAE,oBAAoB,IAAI,KAAK,OAAO,EAAE;oBAC/C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,KAAK,CAAC;oBACZ,UAAU,EAAE;wBACV,WAAW,EAAE,sCAAsC;wBACnD,OAAO,EAAE;;;;;;;;;IASjB;qBACO;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAChC,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,kBAAkB,GAAG;QACzB;YACE,OAAO,EAAE,4DAA4D;YACrE,IAAI,EAAE,qBAAqB;YAC3B,OAAO,EAAE,6CAA6C;YACtD,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,oDAAoD;YAC7D,IAAI,EAAE,0BAA0B;YAChC,OAAO,EAAE,wCAAwC;YACjD,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,+DAA+D;YACxE,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,yCAAyC;YAClD,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,8CAA8C;YACvD,IAAI,EAAE,wBAAwB;YAC9B,OAAO,EAAE,oCAAoC;YAC7C,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,gEAAgE;YACzE,IAAI,EAAE,2BAA2B;YACjC,OAAO,EAAE,sCAAsC;YAC/C,QAAQ,EAAE,QAAiB;SAC5B;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,kBAAkB,EAAE,CAAC;YACtE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,gBAAgB,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBACzC,MAAM,EAAE,wBAAwB;oBAChC,QAAQ;oBACR,OAAO,EAAE,oBAAoB,IAAI,KAAK,OAAO,EAAE;oBAC/C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,KAAK,CAAC;oBACZ,UAAU,EAAE;wBACV,WAAW,EAAE,yDAAyD;wBACtE,OAAO,EAAE;;;;;;;;;gDAS2B;qBACrC;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAC9B,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,gBAAgB,GAAG;QACvB;YACE,OAAO,EAAE,+DAA+D;YACxE,IAAI,EAAE,gCAAgC;YACtC,OAAO,EAAE,8CAA8C;YACvD,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,0CAA0C;YACnD,IAAI,EAAE,6BAA6B;YACnC,OAAO,EAAE,wDAAwD;YACjE,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,iCAAiC;YAC1C,IAAI,EAAE,qBAAqB;YAC3B,OAAO,EACL,gEAAgE;YAClE,QAAQ,EAAE,QAAiB;SAC5B;QACD;YACE,OAAO,EACL,qEAAqE;YACvE,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EACL,gDAAgD;YAClD,QAAQ,EAAE,QAAiB;SAC5B;QACD;YACE,OAAO,EAAE,kCAAkC;YAC3C,IAAI,EAAE,sBAAsB;YAC5B,OAAO,EACL,8DAA8D;YAChE,QAAQ,EAAE,KAAc;SACzB;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,gBAAgB,EAAE,CAAC;YACpE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,oBAAoB,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC7C,MAAM,EAAE,wBAAwB;oBAChC,QAAQ;oBACR,OAAO,EAAE,mBAAmB,IAAI,KAAK,OAAO,EAAE;oBAC9C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,KAAK,CAAC;oBACZ,UAAU,EAAE;wBACV,WAAW,EAAE,0CAA0C;wBACvD,OAAO,EAAE;;;;;;;;;;;;;oBAaD;qBACT;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CACxB,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,aAAa,GAAG;QACpB;YACE,OAAO,EAAE,2BAA2B;YACpC,IAAI,EAAE,mCAAmC;YACzC,OAAO,EACL,mDAAmD;YACrD,QAAQ,EAAE,KAAc;SACzB;QACD;YACE,OAAO,EAAE,6DAA6D;YACtE,IAAI,EAAE,8BAA8B;YACpC,OAAO,EACL,0DAA0D;YAC5D,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,mDAAmD;YAC5D,IAAI,EAAE,6BAA6B;YACnC,OAAO,EACL,8DAA8D;YAChE,QAAQ,EAAE,KAAc;SACzB;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,aAAa,EAAE,CAAC;YACjE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,iBAAiB,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBAC1C,MAAM,EAAE,wBAAwB;oBAChC,QAAQ;oBACR,OAAO,EAAE,mBAAmB,IAAI,KAAK,OAAO,EAAE;oBAC9C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,KAAK,CAAC;oBACZ,UAAU,EAAE;wBACV,WAAW,EAAE,8CAA8C;wBAC3D,OAAO,EAAE;;;;;;;;;;;;QAYb;qBACG;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,0BAA0B,CACjC,OAAoB,EACpB,UAAkB,EAClB,QAAuB;IAEvB,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAErC,MAAM,YAAY,GAAG;QACnB;YACE,OAAO,EAAE,2BAA2B;YACpC,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EACL,iEAAiE;YACnE,QAAQ,EAAE,MAAe;SAC1B;QACD;YACE,OAAO,EAAE,uCAAuC;YAChD,IAAI,EAAE,qBAAqB;YAC3B,OAAO,EACL,+DAA+D;YACjE,QAAQ,EAAE,QAAiB;SAC5B;QACD;YACE,OAAO,EAAE,uDAAuD;YAChE,IAAI,EAAE,6BAA6B;YACnC,OAAO,EACL,gEAAgE;YAClE,QAAQ,EAAE,QAAiB;SAC5B;QACD;YACE,OAAO,EAAE,qCAAqC;YAC9C,IAAI,EAAE,kBAAkB;YACxB,OAAO,EACL,iEAAiE;YACnE,QAAQ,EAAE,QAAiB;SAC5B;KACF,CAAC;IAEF,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;QACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;QAE5B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;YAChE,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YACtB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,gBAAgB,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;oBACzC,MAAM,EAAE,wBAAwB;oBAChC,QAAQ;oBACR,OAAO,EAAE,oBAAoB,IAAI,KAAK,OAAO,EAAE;oBAC/C,QAAQ,EAAE;wBACR,IAAI,EAAE,OAAO,CAAC,QAAQ;wBACtB,SAAS,EAAE,OAAO,GAAG,CAAC;wBACtB,OAAO,EAAE,OAAO,GAAG,CAAC;wBACpB,WAAW,EAAE,CAAC;wBACd,SAAS,EAAE,IAAI,CAAC,MAAM;qBACvB;oBACD,GAAG,EAAE,CAAC,KAAK,CAAC;oBACZ,UAAU,EAAE;wBACV,WAAW,EAAE,kDAAkD;wBAC/D,OAAO,EAAE;;;;;;;;;;;;;QAab;qBACG;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,eAAe,kBAAkB,CAAC"}

package/dist/rules/cwe/cwe-434-file-upload.d.ts

@@ -0,0 +1,9 @@
+/**
+ * @fileoverview CWE-434: Unrestricted Upload of File with Dangerous Type
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-434-file-upload
+ * @trace TSK-RULE-005
+ */
+import type { SecurityRule } from '../types.js';
+export declare const cwe434FileUpload: SecurityRule;
+export default cwe434FileUpload;
+//# sourceMappingURL=cwe-434-file-upload.d.ts.map

package/dist/rules/cwe/cwe-434-file-upload.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-434-file-upload.d.ts","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-434-file-upload.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,YAAY,EAA4B,MAAM,aAAa,CAAC;AAE1E,eAAO,MAAM,gBAAgB,EAAE,YAkD9B,CAAC;AAEF,eAAe,gBAAgB,CAAC"}

package/dist/rules/cwe/cwe-434-file-upload.js

@@ -0,0 +1,55 @@
+/**
+ * @fileoverview CWE-434: Unrestricted Upload of File with Dangerous Type
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-434-file-upload
+ * @trace TSK-RULE-005
+ */
+export const cwe434FileUpload = {
+    id: 'cwe-434-file-upload',
+    name: 'CWE-434: Unrestricted File Upload',
+    description: 'Detects dangerous file upload patterns',
+    defaultSeverity: 'high',
+    category: 'file-system',
+    tags: ['cwe', 'upload', 'file', 'security'],
+    cwe: ['434'],
+    references: [
+        { title: 'CWE-434', url: 'https://cwe.mitre.org/data/definitions/434.html' },
+    ],
+    async analyze(context) {
+        const findings = [];
+        const lines = context.sourceCode.split('\n');
+        const patterns = [
+            { pattern: /multer\s*\(\s*\{[^}]*dest\s*:/gi, type: 'Multer without fileFilter', severity: 'medium' },
+            { pattern: /\.originalname/gi, type: 'Using original filename', severity: 'high' },
+            { pattern: /req\.files?\.\w+\.(?:path|name)/gi, type: 'Direct file path usage', severity: 'medium' },
+            { pattern: /\.mimetype\s*===?\s*['"`]/gi, type: 'Client-side mimetype trust', severity: 'medium' },
+            { pattern: /upload\.(?:single|array|fields)\s*\(/gi, type: 'File upload endpoint', severity: 'info' },
+        ];
+        for (let i = 0; i < lines.length; i++) {
+            for (const { pattern, type, severity } of patterns) {
+                pattern.lastIndex = 0;
+                if (pattern.test(lines[i])) {
+                    findings.push({
+                        id: `cwe-434-${findings.length + 1}`,
+                        ruleId: 'cwe-434-file-upload',
+                        severity,
+                        message: `File Upload - ${type}: Validate file type and sanitize filename`,
+                        location: { file: context.filePath, startLine: i + 1, endLine: i + 1 },
+                        cwe: ['434'],
+                        suggestion: {
+                            description: 'Validate file type by content, not extension',
+                            example: `const upload = multer({
+  fileFilter: (req, file, cb) => {
+    const allowed = ['image/jpeg', 'image/png'];
+    cb(null, allowed.includes(file.mimetype));
+  }
+});`,
+                        },
+                    });
+                }
+            }
+        }
+        return findings;
+    },
+};
+export default cwe434FileUpload;
+//# sourceMappingURL=cwe-434-file-upload.js.map

package/dist/rules/cwe/cwe-434-file-upload.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-434-file-upload.js","sourceRoot":"","sources":["../../../src/rules/cwe/cwe-434-file-upload.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,CAAC,MAAM,gBAAgB,GAAiB;IAC5C,EAAE,EAAE,qBAAqB;IACzB,IAAI,EAAE,mCAAmC;IACzC,WAAW,EAAE,wCAAwC;IACrD,eAAe,EAAE,MAAM;IACvB,QAAQ,EAAE,aAAa;IACvB,IAAI,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC;IAC3C,GAAG,EAAE,CAAC,KAAK,CAAC;IACZ,UAAU,EAAE;QACV,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,EAAE,iDAAiD,EAAE;KAC7E;IAED,KAAK,CAAC,OAAO,CAAC,OAAoB;QAChC,MAAM,QAAQ,GAAkB,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE7C,MAAM,QAAQ,GAAG;YACf,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,EAAE,2BAA2B,EAAE,QAAQ,EAAE,QAAiB,EAAE;YAC9G,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,yBAAyB,EAAE,QAAQ,EAAE,MAAe,EAAE;YAC3F,EAAE,OAAO,EAAE,mCAAmC,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,QAAiB,EAAE;YAC7G,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,4BAA4B,EAAE,QAAQ,EAAE,QAAiB,EAAE;YAC3G,EAAE,OAAO,EAAE,wCAAwC,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAe,EAAE;SAC/G,CAAC;QAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,QAAQ,EAAE,CAAC;gBACnD,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;gBACtB,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;oBAC3B,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,WAAW,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE;wBACpC,MAAM,EAAE,qBAAqB;wBAC7B,QAAQ;wBACR,OAAO,EAAE,iBAAiB,IAAI,4CAA4C;wBAC1E,QAAQ,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,QAAQ,EAAE,SAAS,EAAE,CAAC,GAAG,CAAC,EAAE,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE;wBACtE,GAAG,EAAE,CAAC,KAAK,CAAC;wBACZ,UAAU,EAAE;4BACV,WAAW,EAAE,8CAA8C;4BAC3D,OAAO,EAAE;;;;;IAKnB;yBACS;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QACD,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,gBAAgB,CAAC"}

package/dist/rules/cwe/cwe-476-null-deref.d.ts

@@ -0,0 +1,9 @@
+/**
+ * @fileoverview CWE-476: NULL Pointer Dereference
+ * @module @nahisaho/musubix-security/rules/cwe/cwe-476-null-deref
+ * @trace TSK-RULE-005
+ */
+import type { SecurityRule } from '../types.js';
+export declare const cwe476NullDeref: SecurityRule;
+export default cwe476NullDeref;
+//# sourceMappingURL=cwe-476-null-deref.d.ts.map