@offgridsec/kira-lite-mcp 0.1.3 → 0.1.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (35) hide show
  1. package/README.md +486 -34
  2. package/dist/config.d.ts +1 -0
  3. package/dist/config.js +1 -1
  4. package/dist/core/engines/kira-core.js +1 -1
  5. package/dist/core/engines/osv.js +1 -485
  6. package/dist/core/engines/runner.js +1 -30
  7. package/dist/core/scanner.js +1 -101
  8. package/dist/core/types.js +1 -1
  9. package/dist/core/utils.js +1 -70
  10. package/dist/index.js +1 -477
  11. package/dist/rules/c-cpp.js +1 -202
  12. package/dist/rules/cicd.js +1 -144
  13. package/dist/rules/csharp.js +1 -207
  14. package/dist/rules/docker.js +1 -143
  15. package/dist/rules/go.js +1 -184
  16. package/dist/rules/index.js +1 -147
  17. package/dist/rules/java.js +1 -1
  18. package/dist/rules/javascript-extended.js +1 -1
  19. package/dist/rules/javascript.js +1 -1
  20. package/dist/rules/kubernetes.js +1 -1
  21. package/dist/rules/php.js +1 -1
  22. package/dist/rules/python-extended.js +1 -1
  23. package/dist/rules/python.js +1 -1
  24. package/dist/rules/ruby.js +1 -1
  25. package/dist/rules/secrets-extended.js +1 -1
  26. package/dist/rules/secrets.js +1 -1
  27. package/dist/rules/shell.js +1 -1
  28. package/dist/rules/terraform.js +1 -1
  29. package/dist/telemetry.js +1 -1
  30. package/dist/tools/fix-vulnerability.js +1 -1
  31. package/dist/tools/scan-code.js +1 -1
  32. package/dist/tools/scan-dependencies.js +1 -1
  33. package/dist/tools/scan-diff.js +1 -1
  34. package/dist/tools/scan-file.js +1 -1
  35. package/package.json +1 -1
package/dist/rules/c-cpp.js CHANGED
@@ -1,202 +1 @@
1
- export const cCppRules = [
2
- // === Buffer Overflow ===
3
- {
4
- id: "C-BOF-001",
5
- cwe: "CWE-120",
6
- severity: "critical",
7
- title: "Buffer Overflow — gets() usage",
8
- description: "gets() reads input without bounds checking and is the most dangerous C function. Removed in C11.",
9
- languages: ["c", "cpp"],
10
- pattern: /\bgets\s*\(/g,
11
- fix: "Use fgets(buf, sizeof(buf), stdin) instead of gets().",
12
- },
13
- {
14
- id: "C-BOF-002",
15
- cwe: "CWE-120",
16
- severity: "critical",
17
- title: "Buffer Overflow — strcpy without bounds",
18
- description: "strcpy() copies without bounds checking, causing buffer overflow if source exceeds destination.",
19
- languages: ["c", "cpp"],
20
- pattern: /\bstrcpy\s*\(/g,
21
- fix: "Use strncpy(dest, src, sizeof(dest) - 1) or strlcpy() where available. Or use std::string in C++.",
22
- },
23
- {
24
- id: "C-BOF-003",
25
- cwe: "CWE-120",
26
- severity: "critical",
27
- title: "Buffer Overflow — strcat without bounds",
28
- description: "strcat() concatenates without bounds checking.",
29
- languages: ["c", "cpp"],
30
- pattern: /\bstrcat\s*\(/g,
31
- fix: "Use strncat(dest, src, sizeof(dest) - strlen(dest) - 1) or strlcat(). Or use std::string in C++.",
32
- },
33
- {
34
- id: "C-BOF-004",
35
- cwe: "CWE-120",
36
- severity: "critical",
37
- title: "Buffer Overflow — sprintf without bounds",
38
- description: "sprintf() writes without bounds checking, risking buffer overflow.",
39
- languages: ["c", "cpp"],
40
- pattern: /\bsprintf\s*\(/g,
41
- fix: "Use snprintf(buf, sizeof(buf), fmt, ...) instead of sprintf().",
42
- },
43
- {
44
- id: "C-BOF-005",
45
- cwe: "CWE-120",
46
- severity: "high",
47
- title: "Buffer Overflow — scanf %s without width",
48
- description: "scanf with %s reads without bounds, causing buffer overflow on long input.",
49
- languages: ["c", "cpp"],
50
- pattern: /scanf\s*\(\s*["'][^"']*%[^0-9]*s/g,
51
- fix: "Specify a width: scanf(\"%255s\", buf) for a 256-byte buffer. Or use fgets().",
52
- },
53
- // === Format String ===
54
- {
55
- id: "C-FMT-001",
56
- cwe: "CWE-134",
57
- severity: "critical",
58
- title: "Format String Vulnerability — User input as format string",
59
- description: "Passing user input as the format string to printf-family functions allows reading/writing arbitrary memory.",
60
- languages: ["c", "cpp"],
61
- pattern: /(?:printf|fprintf|sprintf|snprintf|syslog|err|warn)\s*\(\s*(?!["'])[a-zA-Z_]/g,
62
- fix: "Always use a format string literal: printf(\"%s\", user_input) not printf(user_input).",
63
- },
64
- // === Integer Overflow ===
65
- {
66
- id: "C-INT-001",
67
- cwe: "CWE-190",
68
- severity: "high",
69
- title: "Integer Overflow Risk — Unchecked Arithmetic for Allocation",
70
- description: "Integer overflow in size calculations for malloc/calloc can allocate tiny buffers, causing heap overflow.",
71
- languages: ["c", "cpp"],
72
- pattern: /malloc\s*\(\s*[a-zA-Z_][a-zA-Z0-9_]*\s*\*\s*(?:sizeof|[a-zA-Z_])/g,
73
- fix: "Check for overflow before multiplication: if (n > 0 && count > SIZE_MAX / n) abort(); Use calloc(count, size) which checks internally.",
74
- },
75
- // === Use After Free ===
76
- {
77
- id: "C-UAF-001",
78
- cwe: "CWE-416",
79
- severity: "critical",
80
- title: "Use After Free Risk — free() without nulling pointer",
81
- description: "Freed pointers should be set to NULL to prevent use-after-free and double-free.",
82
- languages: ["c", "cpp"],
83
- pattern: /free\s*\(\s*([a-zA-Z_][a-zA-Z0-9_]*)\s*\)\s*;(?!\s*\1\s*=\s*NULL)/g,
84
- fix: "Set pointer to NULL after free: free(ptr); ptr = NULL;",
85
- },
86
- // === Dangerous Functions ===
87
- {
88
- id: "C-FUNC-001",
89
- cwe: "CWE-676",
90
- severity: "high",
91
- title: "Use of Banned/Dangerous Function — realpath()",
92
- description: "realpath() without checking the result can be exploited via symlink races (TOCTOU).",
93
- languages: ["c", "cpp"],
94
- pattern: /\brealpath\s*\(/g,
95
- fix: "Use realpath with proper error checking and verify the resolved path is within the expected directory.",
96
- },
97
- {
98
- id: "C-FUNC-002",
99
- cwe: "CWE-676",
100
- severity: "high",
101
- title: "Use of Banned/Dangerous Function — strtok()",
102
- description: "strtok() uses global state, is not thread-safe, and modifies the input string.",
103
- languages: ["c"],
104
- pattern: /\bstrtok\s*\(/g,
105
- fix: "Use strtok_r() (POSIX) for thread safety, or use strsep().",
106
- },
107
- {
108
- id: "C-FUNC-003",
109
- cwe: "CWE-676",
110
- severity: "medium",
111
- title: "Use of Banned Function — atoi()/atol()",
112
- description: "atoi/atol have undefined behavior on overflow and cannot distinguish errors from 0 return.",
113
- languages: ["c", "cpp"],
114
- pattern: /\b(?:atoi|atol|atoll|atof)\s*\(/g,
115
- fix: "Use strtol/strtoll with error checking: long val = strtol(str, &endptr, 10); if (endptr == str) { /* error */ }",
116
- },
117
- // === Command Injection ===
118
- {
119
- id: "C-CMDI-001",
120
- cwe: "CWE-78",
121
- severity: "critical",
122
- title: "Command Injection — system() with dynamic input",
123
- description: "system() passes commands through the shell. User input enables arbitrary command execution.",
124
- languages: ["c", "cpp"],
125
- pattern: /\bsystem\s*\(\s*(?!["'])/g,
126
- fix: "Use execve() with explicit argument arrays instead of system(). Never pass user input to system().",
127
- },
128
- {
129
- id: "C-CMDI-002",
130
- cwe: "CWE-78",
131
- severity: "critical",
132
- title: "Command Injection — popen() with dynamic input",
133
- description: "popen() passes commands through the shell, enabling injection.",
134
- languages: ["c", "cpp"],
135
- pattern: /\bpopen\s*\(\s*(?!["'])/g,
136
- fix: "Use pipe()/fork()/exec() for process creation without shell interpretation.",
137
- },
138
- // === Weak Crypto ===
139
- {
140
- id: "C-CRYPTO-001",
141
- cwe: "CWE-327",
142
- severity: "high",
143
- title: "Weak Cryptography — MD5/SHA1",
144
- description: "MD5 and SHA1 are cryptographically broken. Collisions can be generated.",
145
- languages: ["c", "cpp"],
146
- pattern: /(?:MD5_Init|MD5_Update|MD5_Final|SHA1_Init|SHA1_Update|SHA1_Final|MD5\s*\(|SHA1\s*\()/g,
147
- fix: "Use SHA-256 or stronger: SHA256_Init/SHA256_Update/SHA256_Final.",
148
- },
149
- {
150
- id: "C-CRYPTO-002",
151
- cwe: "CWE-338",
152
- severity: "high",
153
- title: "Insecure Random — rand()/srand() for security",
154
- description: "rand() is a weak PRNG and must not be used for security-sensitive operations.",
155
- languages: ["c", "cpp"],
156
- pattern: /\b(?:rand|srand)\s*\(/g,
157
- fix: "Use /dev/urandom, getrandom(), or arc4random_buf() for cryptographically secure random.",
158
- },
159
- // === Memory Leak ===
160
- {
161
- id: "C-MEM-001",
162
- cwe: "CWE-401",
163
- severity: "medium",
164
- title: "Potential Memory Leak — malloc without corresponding free",
165
- description: "Memory allocated with malloc/calloc/realloc must be freed to prevent memory leaks and eventual DoS.",
166
- languages: ["c"],
167
- pattern: /(?:malloc|calloc|realloc)\s*\([^)]+\)\s*;/g,
168
- fix: "Ensure every malloc/calloc has a corresponding free() in all code paths, including error paths.",
169
- },
170
- // === Race Condition ===
171
- {
172
- id: "C-RACE-001",
173
- cwe: "CWE-367",
174
- severity: "high",
175
- title: "TOCTOU Race — access() followed by open()",
176
- description: "Checking access() then opening the file creates a race condition (Time of Check to Time of Use).",
177
- languages: ["c", "cpp"],
178
- pattern: /access\s*\([^)]+\)[\s\S]{0,50}(?:fopen|open)\s*\(/g,
179
- fix: "Open the file directly and check permissions on the file descriptor, not the path.",
180
- },
181
- // === C++ Specific ===
182
- {
183
- id: "CPP-CAST-001",
184
- cwe: "CWE-704",
185
- severity: "medium",
186
- title: "Unsafe Cast — reinterpret_cast or C-style cast",
187
- description: "reinterpret_cast and C-style casts bypass type safety and can lead to undefined behavior.",
188
- languages: ["cpp"],
189
- pattern: /(?:reinterpret_cast\s*<|(?:^|[^a-zA-Z_])\(\s*(?:int|char|void|long|short|unsigned)\s*\*?\s*\))/g,
190
- fix: "Use static_cast or dynamic_cast. Avoid reinterpret_cast unless absolutely necessary.",
191
- },
192
- {
193
- id: "CPP-SMART-001",
194
- cwe: "CWE-416",
195
- severity: "medium",
196
- title: "Raw new/delete — Use Smart Pointers",
197
- description: "Manual new/delete is error-prone. Smart pointers prevent leaks, double-free, and use-after-free.",
198
- languages: ["cpp"],
199
- pattern: /\bnew\s+[A-Z][a-zA-Z]*(?:\s*\[|\s*\()/g,
200
- fix: "Use std::make_unique or std::make_shared: auto ptr = std::make_unique<Type>(args);",
201
- },
202
- ];
1
+ (function(_0x3ccf80,_0xd7ccf6){const _0x17bc0e={_0x1e37cc:0x28c,_0x139e35:0x356,_0x1236e9:0x244,_0x34085a:0x34a,_0x112540:0x2bc,_0x33decf:0x17c,_0x3d16e2:0x291,_0x4dcff0:0xf2},_0x153d97={_0x48b695:0x38f};function _0xd5f26a(_0x503771,_0x257011){return _0xa481(_0x257011- -_0x153d97._0x48b695,_0x503771);}const _0x398fd1=_0x3ccf80();function _0x191653(_0x32b7b4,_0x12ecf9){return _0xa481(_0x32b7b4- -0x39f,_0x12ecf9);}while(!![]){try{const _0x5113cd=parseInt(_0x191653(-_0x17bc0e._0x1e37cc,-0x35d))/(0x2c4+0x205b+-0x231e)+-parseInt(_0x191653(-0x152,-0x17d))/(0x159b*0x1+-0x1444+-0x155)+-parseInt(_0x191653(-0x2c2,-_0x17bc0e._0x139e35))/(-0xaac*0x3+0x3d+0x1fca)*(-parseInt(_0xd5f26a(-0x2ba,-0x24c))/(-0x22a6+0x20ed*-0x1+0x1*0x4397))+parseInt(_0xd5f26a(-0x1d8,-_0x17bc0e._0x1236e9))/(0x160a+-0xd4b+-0x45d*0x2)+-parseInt(_0xd5f26a(-_0x17bc0e._0x34085a,-_0x17bc0e._0x112540))/(0x10*0x101+-0x146a+0x460)*(-parseInt(_0xd5f26a(-0x216,-_0x17bc0e._0x33decf))/(-0x390*0x9+0x165e+0x9b9))+parseInt(_0xd5f26a(-0x32b,-_0x17bc0e._0x3d16e2))/(0x1b9c+0x2*0xd84+-0x369c)*(parseInt(_0x191653(-0x174,-0x112))/(-0x4cd*-0x2+0x11*-0x31+-0x650))+-parseInt(_0x191653(-0x1c0,-_0x17bc0e._0x4dcff0))/(0x13ac+-0x51a*-0x3+-0x1178*0x2);if(_0x5113cd===_0xd7ccf6)break;else _0x398fd1['push'](_0x398fd1['shift']());}catch(_0x3698d1){_0x398fd1['push'](_0x398fd1['shift']());}}}(_0x4159,0xcc70+-0x5*0x107a7+0x7abc2));const _0x3102f0={};_0x3102f0['id']=_0x415ce5(-0x190,-0x17f)+_0xc23cde(0x250,0x190),_0x3102f0[_0xc23cde(0x2ab,0x1f5)]=_0x415ce5(0x8,-0x84)+'20',_0x3102f0[_0x415ce5(-0xa4,-0x170)+_0xc23cde(0x172,0x235)]='criti'+_0x415ce5(-0xed,-0x38),_0x3102f0['title']=_0xc23cde(0x12f,0xdc)+_0xc23cde(0x2ad,0x2b1)+_0xc23cde(0x16b,0x264)+'\x20—\x20ge'+_0x415ce5(-0x215,-0x225)+_0xc23cde(0x218,0x23e),_0x3102f0[_0xc23cde(0x2ce,0x1d1)+_0xc23cde(0x2b0,0x252)+'n']=_0x415ce5(-0x171,-0x104)+')\x20rea'+'ds\x20in'+_0xc23cde(0x187,0x158)+'ithou'+'t\x20bou'+_0xc23cde(0x2c7,0x2c1)+_0xc23cde(0x2b8,0x1dd)+_0xc23cde(0x33b,0x2a4)+_0x415ce5(-0x1,-0xf)+_0x415ce5(-0x226,-0x2a5)+_0xc23cde(0x300,0x2f4)+_0xc23cde(0x30f,0x216)+_0x415ce5(-0x51,-0x172)+'\x20func'+'tion.'+_0x415ce5(-0x211,-0x158)+_0x415ce5(-0x13c,-0x47)+_0xc23cde(0x2a6,0x35d)+'.',_0x3102f0[_0xc23cde(0x304,0x2f9)+_0x415ce5(-0x176,-0x1af)]=['c',_0xc23cde(0x306,0x415)],_0x3102f0[_0x415ce5(-0x81,-0x80)+'rn']=/\bgets\s*\(/g,_0x3102f0['fix']=_0xc23cde(0x220,0x2a5)+_0x415ce5(-0x171,-0x56)+_0xc23cde(0x1d9,0x2c3)+_0xc23cde(0x134,0x1e0)+_0xc23cde(0x21b,0x231)+_0x415ce5(-0x195,-0x157)+_0xc23cde(0x29e,0x395)+_0x415ce5(-0x65,-0xe7)+_0x415ce5(-0xf4,-0x119)+'\x20gets'+_0x415ce5(-0xb8,-0x57);const _0x54cb60={};function _0x415ce5(_0x56ffb8,_0x3f7f6d){return _0xa481(_0x56ffb8- -0x2f7,_0x3f7f6d);}_0x54cb60['id']=_0xc23cde(0x1d7,0x27e)+_0xc23cde(0x1ef,0x230),_0x54cb60[_0xc23cde(0x2ab,0x38a)]=_0xc23cde(0x36f,0x33b)+'20',_0x54cb60[_0xc23cde(0x2c3,0x378)+_0xc23cde(0x172,0x102)]='criti'+_0x415ce5(-0xed,-0x1fe),_0x54cb60[_0xc23cde(0x214,0x12a)]=_0x415ce5(-0x238,-0x1d2)+_0xc23cde(0x2ad,0x2e9)+_0xc23cde(0x16b,0x120)+_0xc23cde(0x2cb,0x2e2)+_0xc23cde(0x1f5,0x205)+_0xc23cde(0x2e8,0x2d6)+_0xc23cde(0x228,0x121)+'unds',_0x54cb60[_0x415ce5(-0x99,-0xc2)+_0xc23cde(0x2b0,0x235)+'n']=_0xc23cde(0x17d,0x249)+_0x415ce5(-0x22,0x2f)+_0xc23cde(0x34a,0x2cc)+_0x415ce5(-0xf6,-0x25)+_0x415ce5(-0x1cc,-0x2a1)+_0xc23cde(0x191,0x25e)+_0x415ce5(-0x2d,-0x49)+_0xc23cde(0x18a,0x13b)+_0xc23cde(0x241,0x247)+_0xc23cde(0x319,0x343)+_0x415ce5(-0x107,-0xc4)+_0x415ce5(-0x150,-0x233)+_0xc23cde(0x186,0x24e)+_0xc23cde(0x317,0x262)+_0xc23cde(0x34d,0x286)+'excee'+_0x415ce5(-0x1ec,-0x1fd)+'stina'+'tion.',_0x54cb60[_0x415ce5(-0x63,-0xb9)+_0xc23cde(0x1f1,0x303)]=['c',_0x415ce5(-0x61,0x3e)],_0x54cb60[_0xc23cde(0x2e6,0x2f3)+'rn']=/\bstrcpy\s*\(/g,_0x54cb60['fix']=_0xc23cde(0x288,0x204)+_0x415ce5(-0xca,-0x166)+_0xc23cde(0x146,0x40)+_0xc23cde(0x257,0x1b5)+'c,\x20si'+_0xc23cde(0x1db,0x16c)+'dest)'+'\x20-\x201)'+_0x415ce5(-0x205,-0x11d)+_0xc23cde(0x207,0x21c)+_0x415ce5(-0xfb,-0x162)+_0x415ce5(-0x7a,-0xb8)+_0xc23cde(0x325,0x340)+_0xc23cde(0x195,0x9c)+_0xc23cde(0x33d,0x3f3)+_0xc23cde(0x31b,0x213)+_0x415ce5(-0x70,-0x176)+_0xc23cde(0x2da,0x324)+_0xc23cde(0x19a,0x15c)+'+.';const _0x9277e4={};_0x9277e4['id']=_0x415ce5(-0x190,-0x7f)+'-003',_0x9277e4['cwe']=_0xc23cde(0x36f,0x32d)+'20',_0x9277e4['sever'+'ity']=_0x415ce5(-0x15c,-0x16a)+_0xc23cde(0x27a,0x383),_0x9277e4['title']=_0xc23cde(0x12f,0xb7)+_0xc23cde(0x2ad,0x26d)+_0x415ce5(-0x1fc,-0x13b)+_0xc23cde(0x2cb,0x1ca)+_0xc23cde(0x35e,0x39a)+_0x415ce5(-0x7f,0x68)+_0xc23cde(0x228,0x2dc)+_0xc23cde(0x22f,0x12d),_0x9277e4[_0xc23cde(0x2ce,0x2f9)+_0x415ce5(-0xb7,-0xa3)+'n']=_0x415ce5(-0xde,-0x28)+_0xc23cde(0x145,0x67)+_0xc23cde(0x2db,0x2b7)+_0xc23cde(0x1e2,0xc3)+_0x415ce5(-0x16b,-0x1d1)+_0x415ce5(-0x1c,-0x19)+'bound'+_0x415ce5(-0x1df,-0x194)+_0xc23cde(0x361,0x3a5)+'.',_0x9277e4[_0xc23cde(0x304,0x3a6)+_0x415ce5(-0x176,-0x132)]=['c','cpp'],_0x9277e4[_0x415ce5(-0x81,-0x172)+'rn']=/\bstrcat\s*\(/g,_0x9277e4[_0x415ce5(-0x139,-0xc8)]='Use\x20s'+_0xc23cde(0x26b,0x2d2)+_0x415ce5(-0x2e,0x2)+_0xc23cde(0x257,0x174)+_0xc23cde(0x23c,0x11c)+_0x415ce5(-0x18c,-0xb3)+_0xc23cde(0x149,0x231)+_0x415ce5(-0x71,0x3c)+_0x415ce5(-0x197,-0x157)+_0x415ce5(-0x21e,-0x2d8)+_0xc23cde(0x219,0x304)+'\x20or\x20s'+_0xc23cde(0x1a3,0x285)+_0xc23cde(0x179,0x239)+'Or\x20us'+_0xc23cde(0x248,0x1f2)+_0x415ce5(-0x175,-0x61)+_0x415ce5(-0x225,-0x267)+_0xc23cde(0x178,0xce)+'.';const _0x44bae0={};_0x44bae0['id']=_0xc23cde(0x1d7,0x2a9)+_0x415ce5(-0x164,-0x59),_0x44bae0[_0xc23cde(0x2ab,0x373)]=_0x415ce5(0x8,0x2c)+'20',_0x44bae0[_0xc23cde(0x2c3,0x2c3)+_0x415ce5(-0x1f5,-0x27f)]=_0xc23cde(0x20b,0x2af)+_0xc23cde(0x27a,0x15c),_0x44bae0[_0xc23cde(0x214,0x198)]=_0x415ce5(-0x238,-0x346)+_0x415ce5(-0xba,-0xed)+_0x415ce5(-0x1fc,-0x1a4)+_0xc23cde(0x351,0x2a3)+_0x415ce5(-0x9f,-0xd0)+_0xc23cde(0x271,0x1b9)+_0xc23cde(0x19b,0x172)+_0x415ce5(-0x1d6,-0x16e),_0x44bae0['descr'+'iptio'+'n']='sprin'+'tf()\x20'+_0xc23cde(0x181,0x14b)+'s\x20wit'+_0x415ce5(-0x1c,-0x29)+_0x415ce5(-0x17e,-0xf0)+_0x415ce5(-0x1df,-0x223)+_0x415ce5(-0x6,-0x64)+_0xc23cde(0x35b,0x278)+_0x415ce5(-0xd0,-0xcd)+'buffe'+_0x415ce5(-0xad,-0x7d)+'rflow'+'.',_0x44bae0[_0xc23cde(0x304,0x2bc)+_0xc23cde(0x1f1,0x13d)]=['c',_0xc23cde(0x306,0x2f1)],_0x44bae0[_0xc23cde(0x2e6,0x262)+'rn']=/\bsprintf\s*\(/g,_0x44bae0[_0xc23cde(0x22e,0x190)]=_0xc23cde(0x288,0x225)+_0xc23cde(0x1b6,0x245)+_0xc23cde(0x1de,0x22c)+'f,\x20si'+_0x415ce5(-0x18c,-0xa7)+_0xc23cde(0x1c7,0x21e)+'\x20fmt,'+_0x415ce5(-0x94,-0x169)+_0x415ce5(-0x232,-0x1f6)+'ead\x20o'+'f\x20spr'+_0x415ce5(-0xc0,0x59)+').';const _0x45c3dd={};_0x45c3dd['id']=_0xc23cde(0x1d7,0x13b)+_0x415ce5(-0x142,-0x1de),_0x45c3dd[_0x415ce5(-0xbc,-0x89)]='CWE-1'+'20',_0x45c3dd[_0xc23cde(0x2c3,0x2bd)+'ity']=_0x415ce5(-0x68,0xb5),_0x45c3dd[_0x415ce5(-0x153,-0x1d5)]='Buffe'+_0x415ce5(-0xba,-0xee)+'rflow'+_0x415ce5(-0x9b,-0x78)+'anf\x20%'+_0x415ce5(-0x16b,-0x1c7)+'hout\x20'+_0x415ce5(-0x231,-0x20c),_0x45c3dd[_0xc23cde(0x2ce,0x302)+_0x415ce5(-0xb7,0x10)+'n']=_0xc23cde(0x232,0x24c)+'\x20with'+_0x415ce5(-0x95,-0x5d)+_0xc23cde(0x24b,0x1a2)+_0x415ce5(-0x7f,-0x19b)+_0x415ce5(-0x13f,-0x105)+'unds,'+_0x415ce5(-0x126,-0x183)+_0x415ce5(-0x4e,-0xcb)+_0x415ce5(-0x107,-0x4d)+_0xc23cde(0x217,0x16d)+'flow\x20'+_0x415ce5(-0x20b,-0x1e9)+_0x415ce5(-0x13,-0xb7)+'put.',_0x45c3dd[_0x415ce5(-0x63,-0xc1)+_0xc23cde(0x1f1,0x18c)]=['c',_0xc23cde(0x306,0x3fb)],_0x45c3dd[_0x415ce5(-0x81,-0x6f)+'rn']=/scanf\s*\(\s*["'][^"']*%[^0-9]*s/g;function _0xc23cde(_0xeb5b48,_0xd63d1e){const _0x107457={_0x31020d:0x70};return _0xa481(_0xeb5b48-_0x107457._0x31020d,_0xd63d1e);}_0x45c3dd[_0x415ce5(-0x139,-0x159)]=_0x415ce5(-0xa,0x7b)+_0x415ce5(-0xe,-0x7b)+'width'+':\x20sca'+_0xc23cde(0x21e,0x31a)+_0x415ce5(-0x174,-0xef)+',\x20buf'+')\x20for'+_0x415ce5(-0x19f,-0x184)+'6-byt'+'e\x20buf'+_0xc23cde(0x17e,0x77)+_0x415ce5(-0x15,-0x7)+'e\x20fge'+_0x415ce5(-0x86,-0xa4);const _0x36d774={};_0x36d774['id']=_0xc23cde(0x1a2,0x162)+_0x415ce5(-0x117,-0x6a),_0x36d774[_0x415ce5(-0xbc,0xe)]=_0xc23cde(0x36f,0x2da)+'34',_0x36d774[_0x415ce5(-0xa4,-0x129)+_0x415ce5(-0x1f5,-0x1f7)]='criti'+_0x415ce5(-0xed,-0x5d),_0x36d774[_0xc23cde(0x214,0x1f0)]='Forma'+_0x415ce5(-0xc2,-0xea)+_0x415ce5(-0x4d,-0x82)+_0x415ce5(-0x101,-0x208)+_0xc23cde(0x18b,0x208)+_0xc23cde(0x1be,0x1be)+_0xc23cde(0x254,0x1f7)+_0x415ce5(-0x228,-0x330)+_0xc23cde(0x2fb,0x296)+_0x415ce5(-0x216,-0x109)+'\x20stri'+'ng',_0x36d774[_0xc23cde(0x2ce,0x315)+_0xc23cde(0x2b0,0x1a5)+'n']='Passi'+_0xc23cde(0x310,0x204)+_0x415ce5(-0xda,-0x10b)+'put\x20a'+'s\x20the'+_0xc23cde(0x239,0x28e)+'at\x20st'+_0xc23cde(0x2da,0x1d6)+'to\x20pr'+_0x415ce5(-0x184,-0xe6)+_0x415ce5(-0x10f,-0x194)+_0x415ce5(-0xdb,-0x193)+_0x415ce5(-0x208,-0x21e)+_0xc23cde(0x1ba,0x109)+_0x415ce5(-0x1b3,-0x21a)+_0x415ce5(-0x1f4,-0x208)+_0xc23cde(0x2b7,0x24c)+'ting\x20'+'arbit'+_0xc23cde(0x192,0x78)+_0xc23cde(0x1d6,0x20e)+'y.',_0x36d774[_0x415ce5(-0x63,0x25)+_0x415ce5(-0x176,-0x226)]=['c',_0xc23cde(0x306,0x290)],_0x36d774[_0xc23cde(0x2e6,0x1de)+'rn']=/(?:printf|fprintf|sprintf|snprintf|syslog|err|warn)\s*\(\s*(?!["'])[a-zA-Z_]/g,_0x36d774[_0x415ce5(-0x139,-0x16a)]='Alway'+'s\x20use'+'\x20a\x20fo'+_0x415ce5(-0x18f,-0x186)+_0x415ce5(-0x120,-0x1bb)+'g\x20lit'+_0x415ce5(-0x1da,-0x226)+_0x415ce5(-0x43,-0x5d)+_0x415ce5(0x6,0xf6)+_0x415ce5(-0x49,0x22)+_0x415ce5(-0x19b,-0x2a3)+'nput)'+_0xc23cde(0x36b,0x346)+_0x415ce5(-0x3e,-0x114)+_0xc23cde(0x1b1,0x1a1)+'r_inp'+_0xc23cde(0x1b5,0x1f7);const _0x5697c6={};function _0x4159(){const _0x172d03=['DgHYB3u','AYbquK4','kfbpu0K','y2fS','zsbZywy','BwfYDca','Cg9Wzw4','igvYCM8','DgGGzxG','ifvZzsa','q29TBwe','x3iOksa','nJeYntDJAufdvLG','AYGPihu','C3LZDgu','BMSGCMe','yxbOAwm','vxnLihm','C3rYy2e','AcbTywW','wcKGzM8','EsbMDw4','zxiGAw4','DxjLifi','DhvYBI4','mcaMjIa','AMvJDgK','Bg9UzYa','CgvJDgu','vxnLifm','Aw9YlG','B3zLCMy','A2LUzYa','DxjPDhK','EwXLigm','ifvZzsK','oundAKLvra','zxjWCMu','DhjUy3a','zgLUksa','Aw50zxi','id4Gu0K','x2nHC3q','zcbTB2q','zsbdyxm','kcKGzM8','DcbtDhi','BIbdmte','Aw50zIG','AxPLksa','iokaLcbYyq','y29TBwe','y3DL','yMvOyxy','CIbpDMu','seeX','kcKU','Axb0Aw8','zxjZiha','BwuGB2y','Acb0Agu','qY1duLK','yML0CMe','DcbKAxm','zY93CMK','AgvJA2K','Aw9Yig8','CIbVDMu','vxnLigu','lxnLBNm','ntC0mZzXu3bsAxK','ktSGChq','yxrOkcK','qY1vquy','q1Dflty','ChjLDge','C2v2zxi','B2XSihC','CMfUzg8','lxn0EwW','BMrZigm','CMLUDgy','rNjLzwq','y2SGCgu','iokaLcbZDa','iokaLcbZyW','CNbYzxq','zgvZy3i','Exn0zw0','ihrVihm','yw5KB20','icvZihi','ic4UlIK','C3mGywi','yxn0CYa','CgfZCYa','oIbPzIa','Dw5Kzwy','l3n0CNq','CMLUzYa','B25Jyxq','CNqOktS','vxnLihi','Bg9Jig0','B3qGDgG','A2vFDw4','DhmOks4','DxnLihm','tuq1l1m','BcWGzw4','zsbJCNK','Cgf0Dgu','zwX5ig4','D2L0Ag8','AhKG4Ocuia','l1niqti','v2vHAYa','B20OksW','AgvYzsa','zsGPigK','l2zVCMS','Aw55igi','ihnOzwW','y3vYzsa','CIbTywW','zIbcyw4','yYbPBNa','ic0GC3q','zdO6C3q','zcbKB3u','zxr5ige','zcb0BYa','igfZigy','zgv2l3u','BMrVBv8','zwfSCge','AgLNAa','B3n0igq','igzYB20','Aw5ZDgu','BMvKl0q','BgfUz3u','ihvUBgu','y3bW','sw5Zzwm','uMf3ig4','igzYzwu','CYWGy2e','ywz0zxi','AwXLigq','yNjVA2u','DYbsAxm','yw5Nzxi','BMCGDxm','C29SDxq','DgLVBG','igv4zwm','BsGPiha','seeTmJu','B3vZiem','AwyGC28','igv2zw4','Aw5Nigi','Aw5Nify','C2uGC3q','DcbqB2K','ywTLx3m','CYiSihu','oIbHDxq','zMXVDY4','yw5Kihy','DYbPBIa','zsWGyw4','ihbYAw4','yxzHAwW','CM1PC3m','DhjHBMq','tufsvc0','ChjPBNq','nIbVCIa','y2nLC3m','zYbPBMO','zwn0B3i','AguGzxG','Dc9tsee','zM9Yiee','DwX0igm','C2vYigK','zsGPihC','C2v0ihq','y291BNq','Dhj0B2S','B3v0ihm','BMqGsw4','DcHKzxm','ignOzwm','BMCGyw4','BNb1Dca','ie9Yihu','kfrPBwu','y2fUBM8','B3iSig4','zxrPyYa','CIaQlYa','CNjVCIa','BMCGzxi','EsGPigm','CYb0Exa','AxrOigu','rg9tlG','BgX5lG','B3bPzxm','Ag91Dca','CMv2zw4','DxjJzsa','Aw5NoIa','Dg8GvgK','DMvKiha','iokaLcbZCa','t3iGDxm','CgXPy2K','BMCGAw4','zsbWyxq','BMuUifm','C3nLCYa','DcbUDwW','zNKGysa','C3rYB24','lcbYAxm','zw5HyMW','u3bLy2K','CMnHDca','BI4Gq28','ig9Wzxi','y2TPBMC','ig9Yige','Dgf0Awm','AxrOigq','sw50zwC','zcbPCYa','ihrOzsa','zwqGDg8','y29UzgK','BMnOzwm','ig5VDca','ihzPysa','DgyOiIu','vxnLiee','q1Dflte','qNvMzMu','BMCGDgG','Aw9UCYa','DgvYCYa','CNKGBwe','C2L6zw8','igLUC3q','D2LKDgG','D2HPy2G','zsbLDMu','zcbKAxi','CIb0Ahi','Bgf0Aw8','BhKGC2u','DxnLCIa','qY1nru0','Aw5WDxq','B25KAw4','DgHLig0','Aw5NigK','mJq2AMzcEMHQ','tuq1ige','DcGPigm','EsHKzxm','CYbHBMq','ignVBw0','zgvZDcK','vxnLic8','igDLBMu','zwnLC3m','mJm4ntLZuu5eCxq','igv4CgW','y2vZicG','BcGP','B3jTyxq','DhmOksa','BNqGDxm','Bgv0zsa','zw1VCNK','ifjLBw8','zMLSzsa','yxrVAs8','qteGyxi','Ew5HBwK','CIb0BYa','B24GBg8','ufrplta','CIa9ie4','y3rPB24','DcbHCMC','iemTC3q','ig9Yihm','ksbHyM8','Esbmzwe','B3bLBIG','lcaXmcK','ywXSB2m','CYWGAw4','t3bLBIa','BMCGzNi','CMzSB3C','id0GC3q','kcKGDgG','mJGWodmYohf4CxL2sG','B2LKihi','tcb0BYa','B3v0igm','Axr5','zwfKAw4','Dgq6oM0','ve9dve8','oYbPzIa','y3jPChq','BIbdkYS','DcGPlIa','C3jHBMq','zhmGzgu','CM9Jzxm','C3rYy3a','zMvYlIa','A3mSigq','vsKU','D3jPDgu','zsHWDhi','mZu2nJuXsvrSrfnR','BgXVy2e','igLUChu','zMXVDYa','Chv0ihC','CYbJAgu','BMrWDhi','A2LUzYW','ywjPBgK','yMXLlwy','zxjHBdO','DgvYBMe','kgvUzha','ywTLx3u','B3vUzhm','CMfYEsa','zYbMCMu','CM9Yiha','ywjSzs4','ywzLDhK','u0HbmJu','qY0Wmdm','BwvKAxu','Aw4GqYS','B3v0igi','y2fSy3u','B2DYyxa','B3jYzxm','rs0Wmde','DhjZzxa','BgLUzYa','qY1gtvq','DhjSy2e','DgGGzhK','q1Dfltm','igfYCMe','BMqOks8','4OcuigzYzq','B3vZiey','mJu2x1u','BMfSlG','qY1dtuq','Dc4Gqxy','igXLywS','ksbPCYa','ysb3zwe','zIH1C2u','CYbJCMu','mtmYwNHyy1Dc','B3DZihi','DxqPlG','BNbYAw4','zc1Zywy','y3j5Chq','mdaX','CYbHBgW','mJe2odC1v0LIzfbP','rYbHBMq','ExmGAw4','DhKG4Ocuia','BMrZihq','z2vYoIa','ihn0CMK','ig9Mihm','oIbMCMu','zwLUDgu','ks9HDg8','z2GGDgG','yNvMksW','igeGmJu','ignVzgu','tLvmtca','Aw5Lzca','C2vYx2K','DguGAxm','vhLWzt4','vuXmoW','CMXLBIG','DgHYzwe','ksWGC3q','ywjSAw4','BYbovuW','qvnulta','BwvTB3i','qY1ct0y','CM1HDca','yNvMlca','zcbJAgu','EMvVzIG','vw5Zywy','kg4GpIa','DgyOyNu','CML0Ag0','qY1gvu4','AxjLy3q','zw5HDgu','Aw50zI0','ihbVAw4','Dhj0B2W','ifnTyxi','uMLZAYa','BsWGz2u','yM91BMq','wKvFtue','BgXPC2K','ignHBIa','CgrHDgu','CNjVCNm','ltaWmG','BMCU','ywDLCW','oJPZDhi','mJu1CYi','BNrLCNm','CMnWEsa','z2v0CYG','vxnLig8','zxjPzNK','idaGCMu','BMqGu0G','CIbZzwm','CYb3Axq','Aw5Nige','DcbSzwe','q1DfltC','AgfYzwq','EgvJDMu','Axf1ztW','ltaWna','kgfYz3m','BYbWDhi','B2LUDgu','DhjSy3a','ig9Yigq','CMvHBha','AxrOB3u','y3jPDgK','Agf2zsa','zxjMBg8','AYdIGjqGvq','yNvMkcK','CMvPBNq','kcKGCge','BcbUzxC','CMfUzcG','DgL0Bgu','4OcuifvZzq','twfUDwe','ig92zxi','DxnHz2u','ic0GmsK','q3j5Chq','zIHIDwy','CNKGy28','Dxn0igi','BMyOiIu','y19Jyxm','vxnLigy','q1Dfltq','ig11Bhq','kcKVzxG','C3rYDg8','ltaWnq','C3LTBgK','BIbVDMu','DxqGyM8','DMfSid0','DxnPBMC','DMvKigK','q1bqlvm','zsbKzxm','zML4','Dw5KCW','y2fSBg8','zwmOksa','C2nHBMy','zxjYB3i','q2HLy2S','ywXSEsa','AwzPzxm','kcKUie4','AxnOigu','igzVCM0','BNqSihm','Cg9PBNq','yYWGC2K','qY1squm','zxiGt3y','zcb3Axq','AYdIGjqGBq','ignHDxm','igeGy28','DgGGD2K','C2vZigC','BIbSzwe','DcdIGjqGCG','C3rYAw4','zsbZDgq','ihbHDgG','rw5ZDxi','zwfKCYa','ihn0CNq','CMvLlG','igzVCIa','mteYnJaWnJbZq0f4tfK','ltaWmq','B3vIBgu','yNLWyxm','y3jLyxq','vxnLCIa','CNjLC3a','DhvHBca','DcWGC3i','zMfTAwW','AgLJywW','lcbHBMq','zsWGAxm','y2X1zgK','B24G4Ocuia','lwzYzwu','zwfKihm','DwzMzxi','BMqGy2e','ihSGlYO','qY0Wmdi','zNrLCIa','B2nHDgu','DwXUzxi','zxiGB3y','igHLyxa','yYHJB3u','kcKGD2K','DhjUy2e','EsGPihC','AYGP','C2L6zsa','Df9Jyxm','B24GDgG','ihDPDgG','yxrLihq','ywqGB2y','zcbIzsa','zsbMCMu','Bg9Jl2m'];_0x4159=function(){return _0x172d03;};return _0x4159();}_0x5697c6['id']='C-INT'+_0xc23cde(0x250,0x297),_0x5697c6[_0x415ce5(-0xbc,-0x3e)]=_0xc23cde(0x36f,0x428)+'90',_0x5697c6['sever'+_0x415ce5(-0x1f5,-0xff)]=_0x415ce5(-0x68,0x45),_0x5697c6[_0xc23cde(0x214,0x2ae)]=_0x415ce5(-0x2,-0x112)+_0xc23cde(0x23e,0x229)+_0x415ce5(-0x15a,-0x114)+_0xc23cde(0x30e,0x270)+_0xc23cde(0x20e,0x222)+_0x415ce5(0x3,0x36)+'ked\x20A'+_0xc23cde(0x1df,0x2d0)+_0xc23cde(0x341,0x314)+_0xc23cde(0x330,0x3e3)+_0xc23cde(0x184,0x151)+_0x415ce5(-0x55,-0x46),_0x5697c6[_0xc23cde(0x2ce,0x246)+_0xc23cde(0x2b0,0x23e)+'n']=_0x415ce5(-0x2,0x84)+_0xc23cde(0x267,0x293)+_0xc23cde(0x20d,0x2af)+_0xc23cde(0x322,0x386)+_0x415ce5(-0xf9,-0x1e0)+_0x415ce5(-0x1cb,-0x155)+_0xc23cde(0x13b,0x151)+'ns\x20fo'+_0x415ce5(-0x74,0x45)+'loc/c'+'alloc'+_0xc23cde(0x1ec,0x22b)+_0xc23cde(0x167,0xeb)+_0xc23cde(0x272,0x20d)+_0xc23cde(0x2f0,0x225)+_0x415ce5(-0x107,0x13)+_0x415ce5(-0x5d,-0x13a)+_0xc23cde(0x22a,0x319)+_0xc23cde(0x268,0x1b0)+_0xc23cde(0x217,0x309)+_0xc23cde(0x320,0x290),_0x5697c6['langu'+_0xc23cde(0x1f1,0x101)]=['c',_0xc23cde(0x306,0x27c)],_0x5697c6[_0xc23cde(0x2e6,0x2d2)+'rn']=/malloc\s*\(\s*[a-zA-Z_][a-zA-Z0-9_]*\s*\*\s*(?:sizeof|[a-zA-Z_])/g,_0x5697c6['fix']='Check'+_0x415ce5(-0x119,-0x1da)+_0x415ce5(-0xd1,-0x15c)+'low\x20b'+'efore'+_0xc23cde(0x222,0x2bb)+'iplic'+'ation'+_0xc23cde(0x2d7,0x3db)+_0x415ce5(-0x18a,-0x22c)+_0x415ce5(-0xd7,-0x45)+_0x415ce5(-0x32,-0x2a)+_0xc23cde(0x2a0,0x26b)+_0xc23cde(0x1ea,0x2dc)+'X\x20/\x20n'+_0x415ce5(-0x204,-0x164)+_0x415ce5(-0x8b,-0x150)+_0x415ce5(-0xe7,-0x1)+_0x415ce5(-0x137,-0x73)+_0xc23cde(0x269,0x25c)+_0xc23cde(0x23a,0x14b)+_0x415ce5(-0xbf,-0xaa)+_0xc23cde(0x137,0xd9)+_0x415ce5(-0x2d,0x84)+'ks\x20in'+_0x415ce5(-0x1d9,-0x29b)+_0x415ce5(-0x1e,0x3e);const _0x10e5c5={};_0x10e5c5['id']=_0x415ce5(-0xa7,-0x144)+'-001',_0x10e5c5[_0xc23cde(0x2ab,0x1d7)]=_0xc23cde(0x221,0x1dc)+'16',_0x10e5c5['sever'+_0xc23cde(0x172,0x173)]=_0xc23cde(0x20b,0x2e7)+_0x415ce5(-0xed,0x25),_0x10e5c5[_0x415ce5(-0x153,-0x63)]=_0xc23cde(0x36e,0x36e)+_0x415ce5(-0x103,-0x1ee)+'Free\x20'+_0xc23cde(0x1e7,0x1a7)+_0x415ce5(-0x1bf,-0x139)+_0xc23cde(0x333,0x35f)+_0xc23cde(0x20a,0x326)+_0x415ce5(-0xf,-0xc2)+_0xc23cde(0x1a1,0x149)+_0xc23cde(0x23b,0x1a0)+'er',_0x10e5c5[_0x415ce5(-0x99,-0xb)+_0xc23cde(0x2b0,0x20b)+'n']=_0xc23cde(0x2c9,0x2cd)+_0xc23cde(0x1e4,0x105)+_0xc23cde(0x132,0x53)+'shoul'+_0xc23cde(0x274,0x383)+_0xc23cde(0x334,0x41e)+_0x415ce5(-0x193,-0x17b)+_0x415ce5(-0x1f7,-0x1e3)+'preve'+_0xc23cde(0x153,0x12a)+'e-aft'+'er-fr'+'ee\x20an'+_0xc23cde(0x2f8,0x36c)+_0xc23cde(0x18c,0x21d)+_0x415ce5(-0x11a,-0xdf),_0x10e5c5['langu'+'ages']=['c',_0xc23cde(0x306,0x41a)],_0x10e5c5[_0x415ce5(-0x81,-0x27)+'rn']=/free\s*\(\s*([a-zA-Z_][a-zA-Z0-9_]*)\s*\)\s*;(?!\s*\1\s*=\s*NULL)/g,_0x10e5c5['fix']='Set\x20p'+_0x415ce5(-0x161,-0x48)+_0x415ce5(-0x20c,-0x16a)+_0xc23cde(0x1ca,0x135)+_0xc23cde(0x30b,0x21d)+_0x415ce5(-0x5e,-0x8c)+_0xc23cde(0x1c3,0x196)+_0xc23cde(0x182,0x24e)+_0x415ce5(-0xa9,-0x146)+_0x415ce5(-0x209,-0x317)+_0x415ce5(-0x198,-0x257);const _0x2aeafc={};_0x2aeafc['id']='C-FUN'+'C-001',_0x2aeafc['cwe']='CWE-6'+'76',_0x2aeafc[_0xc23cde(0x2c3,0x1c5)+_0x415ce5(-0x1f5,-0x1e7)]=_0xc23cde(0x2ff,0x3ec),_0x2aeafc[_0xc23cde(0x214,0x10f)]='Use\x20o'+_0xc23cde(0x2f4,0x24b)+_0x415ce5(-0x64,-0xad)+_0xc23cde(0x30f,0x23d)+_0x415ce5(-0x1be,-0x2aa)+'uncti'+_0xc23cde(0x25d,0x1f7)+'realp'+_0xc23cde(0x2bf,0x1fa),_0x2aeafc[_0x415ce5(-0x99,-0x58)+_0xc23cde(0x2b0,0x19b)+'n']=_0x415ce5(-0x15e,-0x137)+'ath()'+_0x415ce5(-0xf6,-0x32)+_0xc23cde(0x171,0x13f)+_0xc23cde(0x2b8,0x39a)+_0xc23cde(0x130,0x52)+'e\x20res'+_0xc23cde(0x331,0x388)+'an\x20be'+_0xc23cde(0x14e,0x120)+'oited'+_0xc23cde(0x36c,0x343)+_0xc23cde(0x226,0x31d)+_0xc23cde(0x286,0x37a)+_0xc23cde(0x14f,0xee)+_0xc23cde(0x175,0x81)+_0x415ce5(-0x1e7,-0x1fe),_0x2aeafc[_0x415ce5(-0x63,0x74)+'ages']=['c',_0xc23cde(0x306,0x41f)],_0x2aeafc[_0xc23cde(0x2e6,0x3bb)+'rn']=/\brealpath\s*\(/g,_0x2aeafc[_0x415ce5(-0x139,-0x1a3)]=_0x415ce5(-0x8a,0x8)+_0xc23cde(0x2fe,0x28e)+_0xc23cde(0x243,0x235)+'th\x20pr'+'oper\x20'+_0xc23cde(0x233,0x23b)+_0x415ce5(-0x2d,-0x6c)+_0x415ce5(-0xd0,-0x5d)+_0xc23cde(0x321,0x36b)+_0x415ce5(-0x16f,-0x1fa)+'\x20the\x20'+'resol'+_0xc23cde(0x350,0x469)+'ath\x20i'+_0x415ce5(-0x16b,-0x26c)+'hin\x20t'+_0x415ce5(-0x39,-0x145)+_0x415ce5(-0xd4,-0xba)+_0x415ce5(-0x22e,-0x219)+_0xc23cde(0x32d,0x2d4)+'y.';const _0x553ac={};_0x553ac['id']='C-FUN'+_0xc23cde(0x263,0x2dc),_0x553ac[_0xc23cde(0x2ab,0x1ce)]=_0xc23cde(0x2c1,0x2a7)+'76',_0x553ac['sever'+_0xc23cde(0x172,0x1cd)]=_0x415ce5(-0x68,-0x88),_0x553ac['title']=_0x415ce5(-0x170,-0x11a)+_0x415ce5(-0x73,-0x109)+_0x415ce5(-0x64,-0x2b)+_0xc23cde(0x30f,0x233)+_0x415ce5(-0x1be,-0x213)+'uncti'+_0xc23cde(0x25d,0x362)+_0xc23cde(0x224,0x188)+_0x415ce5(-0xfa,-0x83),_0x553ac[_0x415ce5(-0x99,-0x16)+_0x415ce5(-0xb7,-0xcc)+'n']=_0x415ce5(-0x143,-0x259)+_0xc23cde(0x284,0x2f5)+_0x415ce5(-0x123,-0x1d3)+'lobal'+'\x20stat'+_0xc23cde(0x25b,0x30b)+_0xc23cde(0x36b,0x3c9)+_0x415ce5(-0x196,-0x2b1)+_0x415ce5(-0x1b0,-0x1ff)+_0x415ce5(-0x44,-0x99)+_0xc23cde(0x2a2,0x1de)+_0xc23cde(0x236,0x14a)+_0xc23cde(0x367,0x364)+_0x415ce5(-0x228,-0x2ed)+_0x415ce5(-0x1a6,-0xc2)+_0x415ce5(-0x177,-0x247),_0x553ac[_0xc23cde(0x304,0x238)+_0xc23cde(0x1f1,0x130)]=['c'],_0x553ac[_0x415ce5(-0x81,-0x1e)+'rn']=/\bstrtok\s*\(/g,_0x553ac['fix']=_0xc23cde(0x288,0x350)+_0xc23cde(0x336,0x2e9)+_0x415ce5(-0xe5,0x27)+_0x415ce5(-0xee,-0x8e)+_0x415ce5(-0xdc,-0x46)+_0x415ce5(-0x22d,-0x1be)+_0x415ce5(-0x108,-0x93)+_0x415ce5(-0x1d1,-0x2a2)+',\x20or\x20'+_0xc23cde(0x2e2,0x3dd)+_0x415ce5(-0x1c7,-0x135)+_0x415ce5(-0xb8,-0xde);const _0xf26588={};_0xf26588['id']=_0x415ce5(-0x187,-0x220)+_0xc23cde(0x198,0x13d),_0xf26588[_0xc23cde(0x2ab,0x2d7)]=_0x415ce5(-0xa6,0x21)+'76',_0xf26588[_0x415ce5(-0xa4,-0x54)+'ity']=_0xc23cde(0x199,0xf7)+'m',_0xf26588['title']=_0x415ce5(-0x170,-0xb0)+_0x415ce5(-0x73,-0x127)+'ned\x20F'+'uncti'+_0xc23cde(0x25d,0x17e)+'atoi('+_0xc23cde(0x1c5,0x1ab)+_0x415ce5(-0x217,-0x172),_0xf26588['descr'+_0xc23cde(0x2b0,0x19b)+'n']=_0xc23cde(0x158,0x23c)+'atol\x20'+_0x415ce5(-0x15b,-0x80)+_0x415ce5(-0x8f,0x87)+_0x415ce5(-0x19c,-0x287)+_0xc23cde(0x2ac,0x329)+_0xc23cde(0x2b9,0x370)+_0xc23cde(0x227,0x286)+'rflow'+'\x20and\x20'+_0xc23cde(0x33f,0x296)+_0xc23cde(0x2b6,0x39d)+'tingu'+_0x415ce5(-0x12f,-0x133)+_0xc23cde(0x1ee,0x1c4)+_0x415ce5(-0x66,-0x183)+_0xc23cde(0x1f9,0x28d)+_0xc23cde(0x28f,0x223),_0xf26588['langu'+_0xc23cde(0x1f1,0x223)]=['c',_0x415ce5(-0x61,-0x92)],_0xf26588[_0x415ce5(-0x81,-0xe2)+'rn']=/\b(?:atoi|atol|atoll|atof)\s*\(/g,_0xf26588[_0xc23cde(0x22e,0x26a)]=_0x415ce5(-0xdf,-0x170)+_0x415ce5(-0x182,-0xc2)+_0xc23cde(0x2d9,0x21f)+_0x415ce5(-0xa3,-0x17)+_0x415ce5(-0x20,0x6f)+_0xc23cde(0x343,0x35d)+'check'+_0xc23cde(0x34e,0x23f)+_0x415ce5(-0xd5,-0x9f)+_0xc23cde(0x229,0x18c)+_0x415ce5(-0x11b,-0x1c2)+'ol(st'+'r,\x20&e'+_0xc23cde(0x189,0x237)+_0xc23cde(0x166,0x1e0)+_0x415ce5(-0x1f1,-0x227)+_0xc23cde(0x18f,0x172)+'tr\x20=='+'\x20str)'+_0x415ce5(-0x105,0x17)+_0xc23cde(0x27e,0x341)+_0xc23cde(0x342,0x259)+'}';const _0x38cf8c={};_0x38cf8c['id']='C-CMD'+'I-001',_0x38cf8c['cwe']=_0xc23cde(0x1ff,0x130)+'8',_0x38cf8c['sever'+_0x415ce5(-0x1f5,-0x1c5)]=_0x415ce5(-0x15c,-0x9d)+_0xc23cde(0x27a,0x251),_0x38cf8c[_0xc23cde(0x214,0x29e)]=_0xc23cde(0x281,0x29a)+_0x415ce5(-0x2f,0x49)+_0xc23cde(0x291,0x300)+_0xc23cde(0x25d,0x35d)+'syste'+'m()\x20w'+_0xc23cde(0x364,0x3a9)+_0x415ce5(-0x20d,-0x2f9)+_0x415ce5(-0x72,-0x67)+'ut',_0x38cf8c['descr'+_0x415ce5(-0xb7,0x1)+'n']=_0xc23cde(0x285,0x301)+_0x415ce5(-0x53,0x82)+'asses'+_0xc23cde(0x148,0x4c)+'ands\x20'+_0xc23cde(0x277,0x1d9)+_0xc23cde(0x1c6,0xf8)+'e\x20she'+'ll.\x20U'+_0x415ce5(-0x35,0x74)+_0xc23cde(0x33c,0x23f)+_0x415ce5(-0xb,-0x118)+'es\x20ar'+_0xc23cde(0x2b5,0x1e3)+_0x415ce5(-0x14b,-0xe9)+'mmand'+_0x415ce5(-0x54,-0x84)+'ution'+'.',_0x38cf8c[_0x415ce5(-0x63,-0x132)+_0x415ce5(-0x176,-0x1f2)]=['c','cpp'],_0x38cf8c[_0x415ce5(-0x81,-0x180)+'rn']=/\bsystem\s*\(\s*(?!["'])/g,_0x38cf8c['fix']=_0xc23cde(0x2bb,0x39b)+_0x415ce5(-0x166,-0x12e)+_0x415ce5(-0xfd,-0x7b)+_0xc23cde(0x27f,0x1ef)+_0x415ce5(-0x14,-0x5b)+_0x415ce5(-0x207,-0x1cd)+'ument'+_0x415ce5(-0x1c1,-0x24f)+_0xc23cde(0x1bd,0x109)+'stead'+_0xc23cde(0x1c2,0x25f)+_0x415ce5(-0x98,-0xd1)+_0x415ce5(-0x130,-0x19e)+'ever\x20'+_0xc23cde(0x2d6,0x203)+_0x415ce5(-0x22a,-0x1e0)+_0xc23cde(0x13f,0xcf)+_0x415ce5(-0x97,-0x43)+'ystem'+_0x415ce5(-0xb8,-0xc);const _0x408376={};_0x408376['id']=_0x415ce5(-0x1bb,-0x2a7)+'I-002',_0x408376[_0xc23cde(0x2ab,0x1f4)]=_0xc23cde(0x1ff,0x25a)+'8',_0x408376[_0xc23cde(0x2c3,0x1e4)+'ity']=_0x415ce5(-0x15c,-0x172)+'cal',_0x408376[_0x415ce5(-0x153,-0x250)]=_0x415ce5(-0xe6,-0x30)+_0xc23cde(0x338,0x313)+_0x415ce5(-0xd6,-0xa2)+_0x415ce5(-0x10a,-0x13b)+_0xc23cde(0x27d,0x394)+_0xc23cde(0x26a,0x2f0)+_0xc23cde(0x1a4,0xb2)+'namic'+_0x415ce5(-0x1e2,-0x291)+'t',_0x408376[_0xc23cde(0x2ce,0x36c)+_0x415ce5(-0xb7,-0x1a4)+'n']=_0xc23cde(0x27d,0x224)+_0xc23cde(0x211,0x225)+_0x415ce5(-0x10,-0xc3)+_0xc23cde(0x2aa,0x1db)+_0x415ce5(-0x1a8,-0x1fa)+'hroug'+_0x415ce5(-0xb4,-0x112)+_0xc23cde(0x2f1,0x3d7)+_0x415ce5(-0x83,-0x167)+_0xc23cde(0x1d3,0x2e5)+_0xc23cde(0x32c,0x397)+'ectio'+'n.',_0x408376[_0xc23cde(0x304,0x3fc)+'ages']=['c','cpp'],_0x408376[_0xc23cde(0x2e6,0x1d5)+'rn']=/\bpopen\s*\(\s*(?!["'])/g,_0x408376['fix']='Use\x20p'+'ipe()'+_0xc23cde(0x2ef,0x1d6)+_0x415ce5(-0x144,-0xe6)+_0x415ce5(-0x136,-0xd2)+'for\x20p'+_0xc23cde(0x17c,0x1db)+_0x415ce5(-0x1b5,-0x12b)+'ation'+'\x20with'+_0xc23cde(0x337,0x37f)+'hell\x20'+_0x415ce5(-0xc8,-0x82)+_0xc23cde(0x2c2,0x30a)+'tion.';const _0x173051={};_0x173051['id']=_0xc23cde(0x2b4,0x34d)+_0xc23cde(0x15d,0x22c)+'01',_0x173051[_0x415ce5(-0xbc,-0x57)]=_0x415ce5(-0x1c2,-0x26d)+'27',_0x173051[_0xc23cde(0x2c3,0x1ba)+_0xc23cde(0x172,0x76)]=_0xc23cde(0x2ff,0x225),_0x173051[_0x415ce5(-0x153,-0x266)]=_0x415ce5(-0x7c,-0xee)+_0x415ce5(-0x14d,-0x20a)+'ograp'+_0xc23cde(0x2e9,0x3af)+_0xc23cde(0x2e3,0x1e9)+_0xc23cde(0x2ae,0x32b),_0x173051[_0xc23cde(0x2ce,0x1f5)+_0xc23cde(0x2b0,0x396)+'n']=_0x415ce5(-0x223,-0x216)+_0xc23cde(0x1fa,0x19f)+_0xc23cde(0x159,0x9d)+_0xc23cde(0x2e5,0x24a)+'ptogr'+_0xc23cde(0x287,0x191)+_0xc23cde(0x235,0x11f)+_0xc23cde(0x30d,0x2be)+_0xc23cde(0x35f,0x2e8)+_0x415ce5(-0x17c,-0x68)+'ons\x20c'+'an\x20be'+_0x415ce5(-0x21c,-0x21a)+'rated'+'.',_0x173051[_0x415ce5(-0x63,0x93)+_0xc23cde(0x1f1,0x15a)]=['c',_0xc23cde(0x306,0x296)],_0x173051['patte'+'rn']=/(?:MD5_Init|MD5_Update|MD5_Final|SHA1_Init|SHA1_Update|SHA1_Final|MD5\s*\(|SHA1\s*\()/g,_0x173051[_0xc23cde(0x22e,0x210)]=_0xc23cde(0x294,0x2b2)+_0xc23cde(0x315,0x266)+_0x415ce5(-0x3d,0x34)+_0xc23cde(0x35a,0x418)+_0x415ce5(-0x1a7,-0x234)+_0x415ce5(-0x1d0,-0x275)+'6_Ini'+_0xc23cde(0x32f,0x3d6)+_0x415ce5(-0x1bd,-0x1ec)+_0xc23cde(0x1ed,0xee)+_0xc23cde(0x2ea,0x281)+'56_Fi'+_0xc23cde(0x1ab,0x22c);const _0xfcd6ce={};_0xfcd6ce['id']=_0xc23cde(0x2b4,0x29e)+_0x415ce5(-0x20a,-0x1a4)+'02',_0xfcd6ce['cwe']=_0x415ce5(-0x1c2,-0xa5)+'38',_0xfcd6ce['sever'+'ity']='high',_0xfcd6ce['title']=_0xc23cde(0x307,0x2fe)+_0xc23cde(0x28e,0x180)+_0xc23cde(0x2d1,0x2ea)+_0x415ce5(-0xbe,-0x16b)+_0xc23cde(0x1a7,0x1d0)+_0xc23cde(0x17a,0x20f)+_0x415ce5(-0xc3,-0x122)+_0x415ce5(-0x16c,-0x23d)+_0xc23cde(0x298,0x280),_0xfcd6ce[_0xc23cde(0x2ce,0x3d6)+_0xc23cde(0x2b0,0x26b)+'n']=_0x415ce5(-0x154,-0xd4)+_0x415ce5(-0x1b8,-0xa7)+_0xc23cde(0x1b0,0x24b)+_0x415ce5(-0xef,-0xfc)+_0xc23cde(0x1bc,0x10d)+'\x20must'+_0xc23cde(0x36b,0x3f7)+'be\x20us'+'ed\x20fo'+_0x415ce5(-0x16c,-0x237)+_0x415ce5(-0xcf,-0x4f)+_0xc23cde(0x2bc,0x19f)+'itive'+_0x415ce5(-0x7,0xcc)+'ation'+'s.',_0xfcd6ce[_0x415ce5(-0x63,-0x42)+_0x415ce5(-0x176,-0x1fc)]=['c',_0xc23cde(0x306,0x349)],_0xfcd6ce[_0x415ce5(-0x81,-0xbc)+'rn']=/\b(?:rand|srand)\s*\(/g,_0xfcd6ce[_0x415ce5(-0x139,-0xf0)]=_0xc23cde(0x14a,0x21d)+_0x415ce5(-0x6b,0x2a)+_0xc23cde(0x2c5,0x1fa)+_0xc23cde(0x1e8,0xcb)+_0x415ce5(-0x40,-0x158)+_0xc23cde(0x2ec,0x40c)+_0xc23cde(0x362,0x2a8)+'rc4ra'+_0x415ce5(-0x6a,-0x9)+_0x415ce5(-0x158,-0xd3)+_0x415ce5(-0x119,-0x120)+_0x415ce5(-0x1af,-0x162)+_0xc23cde(0x19d,0x222)+_0xc23cde(0x259,0x183)+_0xc23cde(0x13c,0x1bd)+_0xc23cde(0x2f2,0x2f8)+_0x415ce5(-0xa2,-0x158)+'m.';const _0x25983c={};function _0xa481(_0x1e952e,_0x2c3612){_0x1e952e=_0x1e952e-(-0x1945*-0x1+-0x26e*0x3+-0x1*0x113c);const _0x27e214=_0x4159();let _0x412ef8=_0x27e214[_0x1e952e];if(_0xa481['xTyLme']===undefined){var _0x33684b=function(_0x548bbd){const _0x35ef6f='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x222a66='',_0x350fad='';for(let _0x3124e4=-0x15b6*-0x1+-0x4a5+0x11*-0x101,_0x2b3394,_0x456bd6,_0x5c1a67=0x5dc+0x1fe0+-0x25bc;_0x456bd6=_0x548bbd['charAt'](_0x5c1a67++);~_0x456bd6&&(_0x2b3394=_0x3124e4%(-0x5b*0x4b+0x779+0x1334)?_0x2b3394*(-0x614+-0x19d0+-0x2*-0x1012)+_0x456bd6:_0x456bd6,_0x3124e4++%(0x178f*0x1+0x3e5+-0x1b70))?_0x222a66+=String['fromCharCode'](0x199c+-0x9*0x347+0x32*0x19&_0x2b3394>>(-(-0x2e3*0xa+0xc9*0x11+0xf87)*_0x3124e4&-0xef1+-0x130*-0x17+-0xc59)):0x2*-0x5e6+0x1878+-0xcac){_0x456bd6=_0x35ef6f['indexOf'](_0x456bd6);}for(let _0x331042=-0xcd5*-0x3+0x1*-0x430+0x1*-0x224f,_0x572e63=_0x222a66['length'];_0x331042<_0x572e63;_0x331042++){_0x350fad+='%'+('00'+_0x222a66['charCodeAt'](_0x331042)['toString'](-0x413*0x9+-0x2175+0x4630))['slice'](-(0x239+-0x179+-0xbe));}return decodeURIComponent(_0x350fad);};_0xa481['gKUzQx']=_0x33684b,_0xa481['TsNPJM']={},_0xa481['xTyLme']=!![];}const _0x342faa=_0x27e214[0x530*-0x5+-0x4*-0x13+0x19a4],_0x123558=_0x1e952e+_0x342faa,_0x402b98=_0xa481['TsNPJM'][_0x123558];return!_0x402b98?(_0x412ef8=_0xa481['gKUzQx'](_0x412ef8),_0xa481['TsNPJM'][_0x123558]=_0x412ef8):_0x412ef8=_0x402b98,_0x412ef8;}_0x25983c['id']=_0x415ce5(-0x229,-0x11f)+_0xc23cde(0x250,0x227),_0x25983c[_0xc23cde(0x2ab,0x1fa)]='CWE-4'+'01',_0x25983c[_0x415ce5(-0xa4,-0x11)+'ity']=_0x415ce5(-0x1ce,-0x2c4)+'m',_0x25983c[_0x415ce5(-0x153,-0x121)]='Poten'+'tial\x20'+'Memor'+_0x415ce5(-0x203,-0x23c)+_0xc23cde(0x240,0x1e1)+_0xc23cde(0x167,0x192)+_0xc23cde(0x271,0x2c5)+_0xc23cde(0x171,0x227)+_0xc23cde(0x19e,0x2a7)+'pondi'+_0xc23cde(0x16a,0xe5)+'ee',_0x25983c['descr'+_0xc23cde(0x2b0,0x31e)+'n']='Memor'+'y\x20all'+_0x415ce5(-0x102,-0x113)+_0xc23cde(0x23f,0x2ab)+_0x415ce5(-0xdd,-0xfd)+_0xc23cde(0x276,0x35e)+_0xc23cde(0x167,0x1dc)+'/real'+_0xc23cde(0x2de,0x24b)+_0xc23cde(0x21d,0x314)+_0x415ce5(-0xf2,-0xc9)+_0xc23cde(0x368,0x406)+'\x20prev'+'ent\x20m'+_0xc23cde(0x155,0x20c)+_0xc23cde(0x1ae,0x296)+_0xc23cde(0x147,0x126)+_0x415ce5(-0x4f,-0x13d)+_0x415ce5(-0x111,-0x1fe)+_0xc23cde(0x348,0x444),_0x25983c[_0xc23cde(0x304,0x222)+'ages']=['c'],_0x25983c[_0xc23cde(0x2e6,0x278)+'rn']=/(?:malloc|calloc|realloc)\s*\([^)]+\)\s*;/g,_0x25983c[_0x415ce5(-0x139,-0x21)]=_0x415ce5(-0x11d,-0x103)+_0xc23cde(0x138,0x18d)+_0x415ce5(-0x234,-0x2a3)+'lloc/'+_0x415ce5(-0x137,-0x3c)+'c\x20has'+_0xc23cde(0x242,0x12b)+_0x415ce5(-0x112,-0x24)+_0x415ce5(-0x227,-0x2e7)+_0x415ce5(-0x1d4,-0x2e3)+_0xc23cde(0x2ee,0x3fa)+'n\x20all'+_0x415ce5(-0x19e,-0x10d)+_0x415ce5(-0x11e,-0xe2)+_0xc23cde(0x168,0x14c)+_0x415ce5(-0x10b,-0x4b)+_0xc23cde(0x344,0x385)+_0x415ce5(-0x1d3,-0x2e5)+'aths.';const _0x284543={};_0x284543['id']=_0x415ce5(-0x12a,-0xcd)+_0x415ce5(-0x1c8,-0x1c4),_0x284543[_0xc23cde(0x2ab,0x327)]=_0xc23cde(0x1a5,0x17e)+'67',_0x284543[_0xc23cde(0x2c3,0x233)+_0xc23cde(0x172,0x62)]=_0xc23cde(0x2ff,0x417),_0x284543[_0xc23cde(0x214,0x267)]='TOCTO'+'U\x20Rac'+'e\x20—\x20a'+'ccess'+_0x415ce5(-0xc3,-0xdc)+'llowe'+'d\x20by\x20'+_0xc23cde(0x165,0x10f)+')',_0x284543['descr'+'iptio'+'n']=_0xc23cde(0x234,0x351)+_0x415ce5(-0x16a,-0x142)+_0x415ce5(-0x3c,0xac)+_0x415ce5(-0x1fa,-0x285)+'en\x20op'+'ening'+'\x20the\x20'+_0xc23cde(0x157,0x96)+_0xc23cde(0x253,0x168)+'es\x20a\x20'+'race\x20'+_0x415ce5(0x2,0xd7)+'tion\x20'+_0x415ce5(-0x29,0x7d)+'\x20of\x20C'+'heck\x20'+_0xc23cde(0x34f,0x2a8)+_0x415ce5(-0xb5,-0x119)+_0xc23cde(0x29a,0x31e)+'.',_0x284543[_0x415ce5(-0x63,-0x4f)+'ages']=['c',_0xc23cde(0x306,0x33e)],_0x284543['patte'+'rn']=/access\s*\([^)]+\)[\s\S]{0,50}(?:fopen|open)\s*\(/g,_0x284543[_0x415ce5(-0x139,-0x170)]=_0x415ce5(-0x1fe,-0x1d4)+'the\x20f'+_0x415ce5(-0x5b,0x4a)+_0x415ce5(-0x186,-0xa8)+'ly\x20an'+_0xc23cde(0x1da,0x1c5)+_0x415ce5(-0x9d,0x56)+_0x415ce5(-0x41,0x2f)+_0x415ce5(-0x236,-0x2b2)+_0x415ce5(-0xf7,-0x156)+'e\x20fil'+_0x415ce5(-0x13a,-0x24d)+_0xc23cde(0x177,0x263)+_0xc23cde(0x340,0x457)+_0xc23cde(0x2df,0x293)+_0x415ce5(-0x12,0xca)+'h.';const _0x102ea7={};_0x102ea7['id']='CPP-C'+_0x415ce5(-0x192,-0x242)+'01',_0x102ea7[_0xc23cde(0x2ab,0x335)]=_0xc23cde(0x1ff,0x1a5)+'04',_0x102ea7[_0x415ce5(-0xa4,-0x171)+'ity']='mediu'+'m',_0x102ea7[_0xc23cde(0x214,0x10c)]=_0xc23cde(0x1dc,0x117)+_0x415ce5(-0xc4,-0x5)+_0xc23cde(0x246,0x2de)+'einte'+_0x415ce5(-0x9a,-0x101)+_0x415ce5(-0xc6,-0x99)+'\x20or\x20C'+_0x415ce5(-0xa1,-0x72)+'e\x20cas'+'t',_0x102ea7[_0x415ce5(-0x99,-0x8a)+_0x415ce5(-0xb7,-0xf0)+'n']=_0xc23cde(0x210,0x2f6)+_0x415ce5(-0xcb,-0x181)+_0x415ce5(-0xf8,-0xa0)+'t\x20and'+_0xc23cde(0x161,0x25f)+_0xc23cde(0x299,0x2ea)+_0xc23cde(0x2d5,0x213)+_0x415ce5(-0x115,-0x1bb)+_0x415ce5(-0x21,-0x1e)+_0xc23cde(0x27b,0x358)+_0xc23cde(0x2f9,0x3ac)+_0x415ce5(-0x106,-0x2f)+_0x415ce5(-0x122,-0x19)+_0x415ce5(-0x6d,0x82)+_0x415ce5(-0x8f,-0x13d)+'ined\x20'+_0xc23cde(0x2ac,0x20f)+_0xc23cde(0x295,0x2fd),_0x102ea7[_0x415ce5(-0x63,-0xdd)+_0x415ce5(-0x176,-0x20f)]=[_0xc23cde(0x306,0x405)],_0x102ea7['patte'+'rn']=/(?:reinterpret_cast\s*<|(?:^|[^a-zA-Z_])\(\s*(?:int|char|void|long|short|unsigned)\s*\*?\s*\))/g,_0x102ea7[_0x415ce5(-0x139,-0x161)]=_0x415ce5(-0xdf,-0x57)+_0xc23cde(0x363,0x2b8)+_0x415ce5(-0xc6,-0x16b)+_0x415ce5(-0x15f,-0x173)+_0x415ce5(-0x20d,-0x273)+_0x415ce5(-0x148,-0x94)+_0xc23cde(0x1ad,0xbf)+_0xc23cde(0x16f,0x71)+_0x415ce5(-0x1a3,-0x1f8)+_0xc23cde(0x2cd,0x2c8)+_0xc23cde(0x2a1,0x2c4)+_0x415ce5(-0x62,-0x2a)+_0x415ce5(-0x93,-0xc6)+_0xc23cde(0x311,0x24e)+_0x415ce5(-0x80,-0x107)+_0x415ce5(-0x21b,-0x327)+'ary.';const _0x2930a2={};_0x2930a2['id']=_0x415ce5(-0x13b,-0x61)+_0x415ce5(-0x3f,0xd8)+_0x415ce5(-0x1ae,-0xef),_0x2930a2[_0x415ce5(-0xbc,-0xf5)]=_0x415ce5(-0x146,-0x96)+'16',_0x2930a2[_0xc23cde(0x2c3,0x204)+'ity']=_0xc23cde(0x199,0x10e)+'m',_0x2930a2[_0xc23cde(0x214,0x28c)]=_0xc23cde(0x308,0x235)+'ew/de'+_0x415ce5(-0x213,-0x187)+_0x415ce5(-0x152,-0xc7)+_0x415ce5(-0x181,-0x215)+_0xc23cde(0x31c,0x2e4)+_0x415ce5(-0x173,-0x229),_0x2930a2['descr'+_0xc23cde(0x2b0,0x284)+'n']=_0x415ce5(-0x151,-0x135)+_0x415ce5(-0x155,-0x18f)+'/dele'+_0x415ce5(-0x19a,-0x1f2)+_0xc23cde(0x27e,0x1a0)+'r-pro'+_0x415ce5(-0x11,0x87)+_0xc23cde(0x27c,0x39a)+'point'+_0xc23cde(0x2b1,0x349)+_0xc23cde(0x34c,0x2e4)+_0xc23cde(0x1fe,0x16d)+_0x415ce5(-0x1e8,-0x1d5)+_0xc23cde(0x251,0x25e)+_0xc23cde(0x25e,0x20d)+_0x415ce5(-0x10d,-0x31)+'\x20use-'+'after'+_0x415ce5(-0x109,-0x15f)+'.',_0x2930a2[_0x415ce5(-0x63,-0x152)+_0x415ce5(-0x176,-0x140)]=[_0x415ce5(-0x61,-0x57)],_0x2930a2[_0x415ce5(-0x81,-0x172)+'rn']=/\bnew\s+[A-Z][a-zA-Z]*(?:\s*\[|\s*\()/g,_0x2930a2[_0x415ce5(-0x139,-0x20e)]='Use\x20s'+_0x415ce5(-0x1f3,-0x1b0)+_0x415ce5(-0x1d7,-0x224)+'nique'+'\x20or\x20s'+_0x415ce5(-0x1f3,-0x271)+_0x415ce5(-0x4a,0xb)+_0xc23cde(0x200,0x2fd)+_0x415ce5(-0x48,0x56)+_0x415ce5(-0x162,-0x69)+_0xc23cde(0x16c,0x245)+'d::ma'+_0xc23cde(0x2e0,0x239)+_0xc23cde(0x202,0x2bb)+_0xc23cde(0x1ce,0x22e)+_0x415ce5(-0x163,-0x99)+');';export const cCppRules=[_0x3102f0,_0x54cb60,_0x9277e4,_0x44bae0,_0x45c3dd,_0x36d774,_0x5697c6,_0x10e5c5,_0x2aeafc,_0x553ac,_0xf26588,_0x38cf8c,_0x408376,_0x173051,_0xfcd6ce,_0x25983c,_0x284543,_0x102ea7,_0x2930a2];
package/dist/rules/cicd.js CHANGED
@@ -1,144 +1 @@
1
- export const cicdRules = [
2
- // === GitHub Actions SHA Pinning ===
3
- {
4
- id: "CICD-PIN-001",
5
- cwe: "CWE-829",
6
- severity: "high",
7
- title: "GitHub Action Not SHA-Pinned — Supply Chain Risk",
8
- description: "Actions referenced by mutable tags (v1, v2, main) can be compromised. CVE-2025-30066 (tj-actions/changed-files) exfiltrated secrets from 23,000+ repos via tag manipulation.",
9
- languages: ["yaml"],
10
- pattern: /uses\s*:\s*[a-zA-Z0-9\-_.]+\/[a-zA-Z0-9\-_.]+@(?:v\d+|main|master|latest|dev)\s*$/gm,
11
- fix: "Pin actions to a full commit SHA: uses: actions/checkout@abc123def456... Use Dependabot or Renovate to keep SHAs updated.",
12
- },
13
- // === Pwn Request ===
14
- {
15
- id: "CICD-PWN-001",
16
- cwe: "CWE-94",
17
- severity: "critical",
18
- title: "Pwn Request — pull_request_target with PR Checkout",
19
- description: "pull_request_target runs with write permissions and secrets access. Checking out the PR head runs untrusted code with those permissions.",
20
- languages: ["yaml"],
21
- pattern: /pull_request_target/g,
22
- fix: "Use pull_request trigger instead. If pull_request_target is needed, never checkout the PR head code directly.",
23
- },
24
- // === Secrets Leaked to Logs ===
25
- {
26
- id: "CICD-LOG-001",
27
- cwe: "CWE-532",
28
- severity: "critical",
29
- title: "Secret Printed to Logs",
30
- description: "Printing secrets to CI logs makes them visible in workflow run history to anyone with repo access.",
31
- languages: ["yaml"],
32
- pattern: /echo\s+.*\$\{\{\s*secrets\./g,
33
- fix: "Never echo secrets. Use them directly in environment variables or write to files with restricted access.",
34
- },
35
- // === Script Injection ===
36
- {
37
- id: "CICD-INJ-001",
38
- cwe: "CWE-78",
39
- severity: "critical",
40
- title: "GitHub Actions Script Injection — Untrusted Input in run:",
41
- description: "Using github.event context (title, body, comments) directly in run: blocks enables command injection via crafted PRs/issues.",
42
- languages: ["yaml"],
43
- pattern: /run\s*:.*\$\{\{\s*github\.event\.(?:issue|pull_request|comment|review|discussion|head_commit)\.(?:title|body|message)/g,
44
- fix: "Pass untrusted input via environment variables: env: TITLE: ${{ github.event.issue.title }} then reference $TITLE in the script.",
45
- },
46
- // === Overly Permissive Permissions ===
47
- {
48
- id: "CICD-PERM-001",
49
- cwe: "CWE-269",
50
- severity: "high",
51
- title: "Overly Permissive Workflow Permissions",
52
- description: "write-all or broad write permissions give the workflow token excessive access.",
53
- languages: ["yaml"],
54
- pattern: /permissions\s*:\s*['"]?write-all['"]?/g,
55
- fix: "Use least-privilege permissions. Specify only what's needed: permissions: { contents: read, pull-requests: write }",
56
- },
57
- {
58
- id: "CICD-PERM-002",
59
- cwe: "CWE-269",
60
- severity: "medium",
61
- title: "Workflow Permissions Not Specified",
62
- description: "Without explicit permissions, workflows inherit the repository's default (often broad) token permissions.",
63
- languages: ["yaml"],
64
- pattern: /^on\s*:\s*$/gm,
65
- fix: "Add explicit permissions block at the workflow level: permissions: { contents: read }",
66
- },
67
- // === Curl Pipe Bash ===
68
- {
69
- id: "CICD-CURL-001",
70
- cwe: "CWE-829",
71
- severity: "high",
72
- title: "Curl Pipe to Shell in CI",
73
- description: "Downloading and executing scripts in CI pipelines can execute compromised code with CI credentials.",
74
- languages: ["yaml"],
75
- pattern: /(?:curl|wget)\s+[^|]*\|\s*(?:bash|sh|sudo\s+(?:bash|sh))/g,
76
- fix: "Download the script, verify its checksum, then execute. Or use a pinned GitHub Action instead.",
77
- },
78
- // === Self-hosted Runner Risks ===
79
- {
80
- id: "CICD-RUNNER-001",
81
- cwe: "CWE-250",
82
- severity: "high",
83
- title: "Self-Hosted Runner on Public Repo — Arbitrary Code Execution",
84
- description: "Self-hosted runners on public repos allow anyone who opens a PR to execute code on your infrastructure.",
85
- languages: ["yaml"],
86
- pattern: /runs-on\s*:\s*['"]?self-hosted['"]?/g,
87
- fix: "Use GitHub-hosted runners for public repos. For self-hosted, restrict to private repos with required approvals.",
88
- },
89
- // === Artifact Poisoning ===
90
- {
91
- id: "CICD-ARTIFACT-001",
92
- cwe: "CWE-829",
93
- severity: "medium",
94
- title: "Artifact Upload/Download Without Verification",
95
- description: "Workflow artifacts can be poisoned. Consuming artifacts without verification in downstream workflows enables supply chain attacks.",
96
- languages: ["yaml"],
97
- pattern: /uses\s*:\s*actions\/download-artifact/g,
98
- fix: "Verify artifact integrity with checksums. Use OIDC/Sigstore for provenance attestation.",
99
- },
100
- // === Concurrency ===
101
- {
102
- id: "CICD-CONC-001",
103
- cwe: "CWE-362",
104
- severity: "low",
105
- title: "Missing Concurrency Group — Duplicate Workflow Runs",
106
- description: "Without concurrency limits, multiple workflow runs can race, causing inconsistent deployments.",
107
- languages: ["yaml"],
108
- pattern: /^on\s*:\s*\n\s*push\s*:/gm,
109
- fix: "Add concurrency: { group: ${{ github.workflow }}-${{ github.ref }}, cancel-in-progress: true }",
110
- },
111
- // === Third-party actions ===
112
- {
113
- id: "CICD-3P-001",
114
- cwe: "CWE-829",
115
- severity: "medium",
116
- title: "Third-Party Action from Unverified Publisher",
117
- description: "Actions from unknown publishers may contain malicious code. The tj-actions compromise affected 23,000+ repos.",
118
- languages: ["yaml"],
119
- pattern: /uses\s*:\s*(?!actions\/|github\/|docker\/|azure\/|aws-actions\/|google-github-actions\/)[a-zA-Z0-9\-_.]+\/[a-zA-Z0-9\-_.]+@/g,
120
- fix: "Audit third-party actions before use. Pin to SHA. Prefer verified publishers or fork the action.",
121
- },
122
- // === GitHub Actions environment variable injection ===
123
- {
124
- id: "CICD-ENVVAR-001",
125
- cwe: "CWE-78",
126
- severity: "critical",
127
- title: "Unsafe GITHUB_ENV or GITHUB_OUTPUT Writing",
128
- description: "Writing untrusted input to GITHUB_ENV or GITHUB_OUTPUT without delimiters enables environment variable injection.",
129
- languages: ["yaml"],
130
- pattern: />>?\s*\$(?:GITHUB_ENV|GITHUB_OUTPUT)\b/g,
131
- fix: "Use a unique delimiter when writing to GITHUB_ENV: echo '{name}<<{delimiter}' >> $GITHUB_ENV",
132
- },
133
- // === Cache Poisoning ===
134
- {
135
- id: "CICD-CACHE-001",
136
- cwe: "CWE-345",
137
- severity: "medium",
138
- title: "Workflow Cache Without Scope Restriction",
139
- description: "Caches shared across branches can be poisoned by a PR to affect the main branch build.",
140
- languages: ["yaml"],
141
- pattern: /uses\s*:\s*actions\/cache@/g,
142
- fix: "Use branch-scoped cache keys: key: ${{ runner.os }}-${{ github.ref }}-${{ hashFiles('**/lockfile') }}",
143
- },
144
- ];
1
+ (function(_0x5e6db9,_0x53180e){const _0x4850d7={_0x4fa097:0xdb,_0x2e5d20:0x19b,_0x3d6a30:0xe5,_0x498418:0x34,_0x4d9c27:0xe8,_0x4e0578:0x99,_0x297273:0x193,_0x139d36:0x72},_0x4cb18c={_0x31b234:0x2e0};function _0x4229fa(_0xbd79db,_0x34ea12){return _0x1434(_0x34ea12- -0x3be,_0xbd79db);}function _0x25c612(_0x1798a7,_0x5403b1){return _0x1434(_0x1798a7- -_0x4cb18c._0x31b234,_0x5403b1);}const _0x29e6d5=_0x5e6db9();while(!![]){try{const _0x29d472=-parseInt(_0x4229fa(-0x233,-0x1bc))/(-0x218d+-0xe8f+0x301d)*(parseInt(_0x25c612(-_0x4850d7._0x4fa097,-0x11))/(0x3fd*-0x3+-0xe*0x17e+0x20dd))+-parseInt(_0x25c612(0x75,0x49))/(0x1*0x844+0x104c*0x2+0x28d9*-0x1)+-parseInt(_0x4229fa(-0x17b,-_0x4850d7._0x2e5d20))/(-0x25ab+-0x140b*0x1+0x39ba)+-parseInt(_0x4229fa(-_0x4850d7._0x3d6a30,-0xe5))/(-0xa94+0x231+0x1*0x868)*(-parseInt(_0x4229fa(-_0x4850d7._0x498418,-0x8f))/(-0x1bfe*-0x1+0x19d3+-0x35cb))+-parseInt(_0x4229fa(-0x31,-_0x4850d7._0x4d9c27))/(-0x1f9*0x11+0x205b+0x3*0x67)+parseInt(_0x4229fa(-_0x4850d7._0x4e0578,-0x178))/(-0x14f*-0x1d+-0x6f6+-0x1*0x1ef5)+parseInt(_0x25c612(-0xd7,-_0x4850d7._0x297273))/(0x24d1+0x218*-0xc+-0x175*0x8)*(parseInt(_0x25c612(-_0x4850d7._0x139d36,-0x39))/(0x16fd+0x1d01+0x64*-0x85));if(_0x29d472===_0x53180e)break;else _0x29e6d5['push'](_0x29e6d5['shift']());}catch(_0x1ab2ac){_0x29e6d5['push'](_0x29e6d5['shift']());}}}(_0x2af7,-0x63564*0x3+0x6dd27+0x1784dd));const _0x45ed5d={};_0x45ed5d['id']='CICD-'+_0x4fde56(0x4a3,0x40e)+'01',_0x45ed5d[_0x4fde56(0x3dc,0x3ce)]=_0x4fde56(0x4fe,0x48f)+'29',_0x45ed5d['sever'+_0x46c4c4(-0x8c,-0x130)]=_0x4fde56(0x336,0x34d),_0x45ed5d[_0x46c4c4(0x6a,0x39)]=_0x4fde56(0x49a,0x486)+_0x4fde56(0x501,0x4b9)+_0x4fde56(0x495,0x426)+_0x4fde56(0x447,0x3b3)+_0x46c4c4(-0x84,-0x27)+'ned\x20—'+'\x20Supp'+'ly\x20Ch'+_0x46c4c4(-0x10d,-0x46)+_0x4fde56(0x2fe,0x39d),_0x45ed5d[_0x4fde56(0x2ef,0x352)+'iptio'+'n']=_0x46c4c4(-0xe7,-0xdd)+_0x46c4c4(-0x4f,-0x11a)+_0x46c4c4(-0x13f,-0x1d2)+_0x4fde56(0x4c6,0x3fe)+_0x4fde56(0x372,0x420)+_0x46c4c4(-0xeb,-0xe2)+_0x46c4c4(-0xfc,-0x147)+_0x4fde56(0x33e,0x3e1)+_0x4fde56(0x371,0x3d5)+'ain)\x20'+_0x46c4c4(0x2,-0x8f)+'e\x20com'+_0x46c4c4(-0x30,0x6f)+'sed.\x20'+_0x4fde56(0x28c,0x319)+_0x4fde56(0x2d0,0x35a)+_0x4fde56(0x4df,0x4ac)+_0x46c4c4(0x66,0x9e)+_0x46c4c4(-0x71,-0x10f)+_0x4fde56(0x3dc,0x30a)+'nged-'+'files'+_0x4fde56(0x51b,0x45e)+_0x46c4c4(0xaa,0x148)+_0x46c4c4(-0xee,-0x184)+_0x46c4c4(-0xf7,-0xbe)+_0x46c4c4(-0x12d,-0x92)+_0x46c4c4(0x9c,-0x4a)+'000+\x20'+_0x46c4c4(0x24,-0x74)+_0x4fde56(0x3d7,0x3a3)+'tag\x20m'+_0x46c4c4(-0x46,-0x97)+'latio'+'n.',_0x45ed5d[_0x46c4c4(-0xd8,-0x64)+_0x46c4c4(-0x133,-0x220)]=['yaml'],_0x45ed5d[_0x46c4c4(-0x68,0x14)+'rn']=/uses\s*:\s*[a-zA-Z0-9\-_.]+\/[a-zA-Z0-9\-_.]+@(?:v\d+|main|master|latest|dev)\s*$/gm,_0x45ed5d[_0x46c4c4(-0x116,-0x133)]=_0x46c4c4(-0xc4,-0x67)+_0x46c4c4(-0x71,-0xeb)+_0x46c4c4(-0x32,-0x77)+_0x46c4c4(-0x129,-0x4b)+_0x4fde56(0x21d,0x315)+'mit\x20S'+'HA:\x20u'+_0x4fde56(0x36e,0x33d)+_0x4fde56(0x40c,0x377)+'ns/ch'+_0x46c4c4(-0x6f,-0x110)+_0x4fde56(0x53f,0x4d7)+_0x46c4c4(-0x27,-0x93)+'f456.'+'..\x20Us'+_0x46c4c4(0x9e,0x99)+'endab'+_0x46c4c4(-0x121,-0x13b)+_0x4fde56(0x349,0x364)+_0x46c4c4(-0x70,-0xf8)+_0x4fde56(0x4ba,0x3c6)+_0x4fde56(0x3c4,0x3c7)+_0x4fde56(0x2b1,0x344)+_0x46c4c4(-0x105,-0xdb)+'.';const _0x3f2aa9={};_0x3f2aa9['id']='CICD-'+_0x4fde56(0x3e0,0x30d)+'01',_0x3f2aa9['cwe']=_0x46c4c4(-0x56,0x93)+'4',_0x3f2aa9[_0x4fde56(0x394,0x3dc)+'ity']=_0x46c4c4(-0xa0,-0x180)+_0x46c4c4(0x46,0xc3),_0x3f2aa9[_0x4fde56(0x3d0,0x496)]='Pwn\x20R'+_0x4fde56(0x391,0x3c2)+_0x4fde56(0x343,0x31e)+_0x46c4c4(0x5c,0xea)+'eques'+_0x4fde56(0x3a2,0x3e2)+'get\x20w'+_0x46c4c4(0xac,0xba)+_0x46c4c4(-0x38,-0x8a)+_0x4fde56(0x38f,0x447),_0x3f2aa9[_0x46c4c4(-0xda,-0xc)+_0x4fde56(0x403,0x4b8)+'n']=_0x46c4c4(-0x24,-0x3b)+_0x4fde56(0x22f,0x2fe)+_0x4fde56(0x459,0x482)+'rget\x20'+'runs\x20'+_0x46c4c4(0x88,0xc1)+_0x4fde56(0x26c,0x301)+_0x46c4c4(-0x41,-0xc3)+_0x4fde56(0x3e1,0x396)+_0x46c4c4(-0x78,-0x16c)+'d\x20sec'+_0x46c4c4(-0x2a,0xb0)+'acces'+_0x4fde56(0x2d9,0x3b9)+_0x4fde56(0x4e0,0x403)+_0x46c4c4(0x52,0xe1)+_0x46c4c4(-0x86,-0xc5)+_0x4fde56(0x34b,0x3e0)+_0x4fde56(0x4eb,0x49a)+_0x46c4c4(-0x12c,-0x1ea)+'trust'+_0x4fde56(0x495,0x47a)+_0x4fde56(0x47b,0x3ad)+_0x4fde56(0x376,0x3fd)+_0x4fde56(0x30b,0x2e3)+_0x4fde56(0x50b,0x457)+_0x46c4c4(0xae,0xb0)+'.',_0x3f2aa9[_0x46c4c4(-0xd8,-0x13f)+_0x46c4c4(-0x133,-0x149)]=[_0x4fde56(0x349,0x3c0)],_0x3f2aa9[_0x4fde56(0x46c,0x3c4)+'rn']=/pull_request_target/g,_0x3f2aa9[_0x46c4c4(-0x116,-0x11b)]=_0x4fde56(0x3bf,0x47b)+'ull_r'+_0x4fde56(0x4a0,0x3c2)+_0x4fde56(0x467,0x3d0)+_0x4fde56(0x3de,0x3db)+_0x4fde56(0x4c4,0x41c)+_0x4fde56(0x375,0x2e8)+_0x46c4c4(-0xa,-0x1d)+'l_req'+_0x4fde56(0x41f,0x421)+_0x46c4c4(-0xd9,-0xf8)+_0x4fde56(0x3f2,0x4b6)+_0x46c4c4(-0x12f,-0x19f)+'d,\x20ne'+_0x46c4c4(-0x140,-0x10f)+_0x4fde56(0x44f,0x471)+_0x4fde56(0x424,0x389)+_0x4fde56(0x4e4,0x4a8)+_0x46c4c4(0x7f,0xd)+'code\x20'+_0x4fde56(0x2db,0x307)+_0x46c4c4(-0x106,-0x107);const _0x3bf4bf={};_0x3bf4bf['id']=_0x4fde56(0x360,0x444)+_0x46c4c4(0x3,0xce)+'01',_0x3bf4bf[_0x46c4c4(-0x5e,-0x7c)]=_0x4fde56(0x466,0x43d)+'32',_0x3bf4bf[_0x46c4c4(-0x50,-0xc)+_0x4fde56(0x405,0x3a0)]=_0x46c4c4(-0xa0,-0x159)+_0x46c4c4(0x46,-0x96),_0x3bf4bf[_0x46c4c4(0x6a,0x13)]='Secre'+_0x46c4c4(-0xf8,-0x8e)+_0x46c4c4(0x9,0x11)+_0x4fde56(0x34d,0x417)+'gs',_0x3bf4bf[_0x4fde56(0x2b9,0x352)+'iptio'+'n']=_0x4fde56(0x474,0x434)+_0x4fde56(0x35f,0x409)+_0x4fde56(0x27c,0x335)+_0x4fde56(0x40a,0x3fa)+_0x46c4c4(-0x83,0x44)+_0x46c4c4(-0xf9,-0x3d)+_0x4fde56(0x4f3,0x438)+_0x46c4c4(-0x90,-0xa2)+_0x46c4c4(-0xa2,-0x40)+'e\x20in\x20'+_0x46c4c4(-0x91,-0x16f)+_0x4fde56(0x586,0x4b1)+'un\x20hi'+'story'+_0x4fde56(0x435,0x495)+'nyone'+_0x46c4c4(-0xaa,-0x125)+'\x20repo'+_0x46c4c4(-0xa9,-0x19d)+_0x4fde56(0x3c6,0x3a5),_0x3bf4bf[_0x46c4c4(-0xd8,-0x13a)+_0x46c4c4(-0x133,-0xc1)]=['yaml'],_0x3bf4bf[_0x46c4c4(-0x68,-0x86)+'rn']=/echo\s+.*\$\{\{\s*secrets\./g,_0x3bf4bf[_0x46c4c4(-0x116,-0xbc)]=_0x4fde56(0x4ef,0x412)+_0x4fde56(0x35f,0x31b)+_0x46c4c4(-0xec,-0x5f)+_0x4fde56(0x2e1,0x356)+_0x4fde56(0x50c,0x4c1)+'hem\x20d'+_0x4fde56(0x502,0x407)+_0x46c4c4(-0x63,-0xb4)+_0x46c4c4(-0x75,-0x78)+'ronme'+_0x4fde56(0x3ff,0x387)+_0x4fde56(0x409,0x46e)+_0x46c4c4(-0x99,-0x5d)+_0x4fde56(0x49f,0x45d)+_0x4fde56(0x29f,0x372)+_0x46c4c4(-0x13e,-0x93)+_0x4fde56(0x2f7,0x382)+_0x4fde56(0x3bb,0x3ba)+_0x46c4c4(0x12,0xb9)+'d\x20acc'+'ess.';const _0x34bda4={};_0x34bda4['id']=_0x46c4c4(0x18,-0xae)+'INJ-0'+'01',_0x34bda4[_0x4fde56(0x326,0x3ce)]=_0x4fde56(0x3d0,0x468)+'8',_0x34bda4[_0x46c4c4(-0x50,0x2b)+'ity']=_0x4fde56(0x31f,0x38c)+_0x4fde56(0x408,0x472),_0x34bda4['title']=_0x46c4c4(0x5a,0x26)+_0x46c4c4(0x8d,0x163)+_0x4fde56(0x475,0x4a2)+_0x46c4c4(0x1a,0x82)+_0x46c4c4(-0xc9,-0x191)+_0x46c4c4(0x79,0x9)+_0x46c4c4(-0x4,-0xbd)+'ntrus'+_0x46c4c4(-0x137,-0x227)+'nput\x20'+_0x4fde56(0x2af,0x369)+'n:',_0x34bda4['descr'+_0x4fde56(0x450,0x4b8)+'n']='Using'+'\x20gith'+_0x4fde56(0x350,0x2e6)+_0x4fde56(0x3ea,0x498)+_0x4fde56(0x585,0x4a7)+_0x46c4c4(0x78,-0x7b)+_0x4fde56(0x367,0x3d2)+'body,'+'\x20comm'+_0x4fde56(0x38d,0x3ef)+_0x46c4c4(0x48,0x2d)+_0x46c4c4(-0xab,0x48)+_0x4fde56(0x2d1,0x369)+_0x4fde56(0x3a9,0x483)+'ocks\x20'+_0x4fde56(0x3b9,0x44a)+_0x4fde56(0x43b,0x35f)+_0x46c4c4(0x99,0xf8)+'\x20inje'+_0x46c4c4(-0x71,0x4d)+'\x20via\x20'+_0x46c4c4(-0x3e,-0xe5)+_0x46c4c4(0x96,0xba)+'s/iss'+_0x4fde56(0x36c,0x432),_0x34bda4[_0x4fde56(0x441,0x354)+'ages']=['yaml'],_0x34bda4[_0x46c4c4(-0x68,-0x9e)+'rn']=/run\s*:.*\$\{\{\s*github\.event\.(?:issue|pull_request|comment|review|discussion|head_commit)\.(?:title|body|message)/g,_0x34bda4[_0x46c4c4(-0x116,-0x123)]=_0x46c4c4(0x5,0xd4)+_0x4fde56(0x30e,0x2e5)+'sted\x20'+'input'+_0x4fde56(0x36b,0x3a3)+_0x4fde56(0x397,0x461)+'onmen'+_0x46c4c4(-0x10f,-0x17f)+'iable'+_0x46c4c4(0xa0,0x98)+'v:\x20TI'+_0x4fde56(0x348,0x41b)+_0x4fde56(0x53f,0x4af)+_0x46c4c4(-0x76,-0x135)+_0x4fde56(0x2e7,0x32d)+_0x46c4c4(-0x8e,-0x60)+_0x4fde56(0x281,0x375)+'tle\x20}'+_0x46c4c4(-0x3c,0x31)+_0x46c4c4(-0xbc,-0xdc)+_0x46c4c4(-0x2b,0x7)+_0x4fde56(0x2d0,0x32f)+_0x4fde56(0x383,0x31a)+'n\x20the'+_0x4fde56(0x3f5,0x38b)+_0x46c4c4(-0x108,-0x104);const _0x4f3ca8={};_0x4f3ca8['id']=_0x4fde56(0x3a1,0x444)+_0x4fde56(0x3ab,0x3ec)+_0x46c4c4(-0x13,0x74),_0x4f3ca8[_0x4fde56(0x44a,0x3ce)]=_0x4fde56(0x256,0x2fb)+'69',_0x4f3ca8['sever'+_0x4fde56(0x3da,0x3a0)]=_0x4fde56(0x26d,0x34d),_0x4f3ca8[_0x4fde56(0x578,0x496)]='Overl'+'y\x20Per'+_0x46c4c4(-0x10a,-0x107)+_0x46c4c4(0x82,0x12c)+_0x4fde56(0x41f,0x328)+_0x4fde56(0x367,0x306)+_0x46c4c4(-0x10a,-0x152)+_0x4fde56(0x41a,0x48a),_0x4f3ca8[_0x46c4c4(-0xda,-0xfe)+_0x4fde56(0x3f3,0x4b8)+'n']=_0x4fde56(0x356,0x301)+_0x4fde56(0x358,0x346)+_0x46c4c4(0xa8,-0x2f)+_0x46c4c4(0xad,0x1a3)+_0x46c4c4(-0x6b,-0x10e)+_0x4fde56(0x534,0x4a6)+_0x46c4c4(-0x114,-0x7a)+'s\x20giv'+_0x4fde56(0x352,0x32e)+'\x20work'+_0x46c4c4(-0x95,-0x12f)+_0x46c4c4(-0xf4,-0x10b)+_0x46c4c4(0x2f,0x107)+_0x46c4c4(0x40,-0x77)+_0x4fde56(0x34d,0x383)+_0x46c4c4(-0x87,-0x146),_0x4f3ca8[_0x46c4c4(-0xd8,-0x140)+_0x46c4c4(-0x133,-0xfc)]=['yaml'],_0x4f3ca8[_0x4fde56(0x3a8,0x3c4)+'rn']=/permissions\s*:\s*['"]?write-all['"]?/g,_0x4f3ca8[_0x46c4c4(-0x116,-0x166)]=_0x46c4c4(0x81,0x152)+'east-'+_0x46c4c4(-0x9d,-0x3a)+_0x46c4c4(0x9f,0xdb)+_0x46c4c4(0x7a,0xcd)+_0x4fde56(0x294,0x318)+'s.\x20Sp'+_0x46c4c4(0x4b,-0x52)+_0x46c4c4(-0x7d,0x58)+_0x46c4c4(-0x17,-0xa0)+_0x46c4c4(0x67,0x146)+_0x46c4c4(-0x82,-0xdb)+'\x20perm'+_0x46c4c4(-0x96,-0x189)+_0x46c4c4(0x43,0x119)+'\x20cont'+_0x4fde56(0x349,0x35e)+_0x46c4c4(0x10,-0xd2)+_0x46c4c4(-0xf5,-0x6a)+_0x4fde56(0x2bb,0x325)+'uests'+_0x46c4c4(-0xe3,-0x12f)+'te\x20}';const _0x510de1={};_0x510de1['id']=_0x46c4c4(0x18,0xb5)+_0x4fde56(0x356,0x3ec)+_0x46c4c4(-0x8,0xc),_0x510de1[_0x46c4c4(-0x5e,-0x36)]=_0x4fde56(0x368,0x2fb)+'69',_0x510de1[_0x4fde56(0x4d1,0x3dc)+_0x4fde56(0x441,0x3a0)]=_0x4fde56(0x387,0x411)+'m',_0x510de1[_0x4fde56(0x473,0x496)]=_0x4fde56(0x3a2,0x44d)+'low\x20P'+_0x4fde56(0x52a,0x457)+_0x4fde56(0x54c,0x4da)+_0x4fde56(0x44f,0x360)+'Speci'+_0x46c4c4(0xa2,-0x8),_0x510de1[_0x46c4c4(-0xda,-0x81)+_0x4fde56(0x511,0x4b8)+'n']=_0x46c4c4(0x51,0x68)+_0x46c4c4(0x8f,0x143)+'plici'+'t\x20per'+_0x46c4c4(-0x10a,-0x201)+_0x46c4c4(-0x145,-0x70)+_0x46c4c4(-0x91,-0xf7)+_0x4fde56(0x3c1,0x3cc)+_0x46c4c4(-0xdb,-0x99)+_0x46c4c4(-0xea,-0x13c)+_0x4fde56(0x4a3,0x3f8)+_0x4fde56(0x512,0x4cd)+'ry\x27s\x20'+_0x4fde56(0x444,0x4d3)+'lt\x20(o'+_0x46c4c4(-0xe,0xc9)+_0x4fde56(0x51e,0x481)+_0x46c4c4(-0x11a,-0x14d)+'en\x20pe'+'rmiss'+_0x46c4c4(0x60,0xfe),_0x510de1[_0x4fde56(0x263,0x354)+'ages']=[_0x4fde56(0x39d,0x3c0)],_0x510de1[_0x4fde56(0x3b3,0x3c4)+'rn']=/^on\s*:\s*$/gm,_0x510de1[_0x4fde56(0x3df,0x316)]=_0x4fde56(0x409,0x379)+'xplic'+'it\x20pe'+'rmiss'+_0x46c4c4(0x76,-0x24)+_0x46c4c4(-0x5d,-0x42)+_0x46c4c4(0x7d,-0x2e)+_0x46c4c4(0x19,-0x3a)+_0x46c4c4(-0x104,-0x116)+_0x4fde56(0x42f,0x3be)+_0x4fde56(0x46c,0x448)+_0x4fde56(0x4b7,0x457)+_0x4fde56(0x498,0x4da)+_0x4fde56(0x431,0x3ae)+_0x46c4c4(0x33,-0x5f)+_0x4fde56(0x391,0x36d)+_0x46c4c4(-0xb0,-0x189);function _0x46c4c4(_0xec7085,_0x10e040){const _0x51e762={_0x53aa26:0x2c2};return _0x1434(_0xec7085- -_0x51e762._0x53aa26,_0x10e040);}const _0x93a9df={};_0x93a9df['id']=_0x46c4c4(0x18,0xee)+_0x4fde56(0x2c9,0x34e)+_0x46c4c4(-0x13,-0xd),_0x93a9df[_0x46c4c4(-0x5e,-0x39)]=_0x46c4c4(0x63,0x145)+'29';function _0x4fde56(_0x40f89a,_0x24dc6e){return _0x1434(_0x24dc6e-0x16a,_0x40f89a);}_0x93a9df['sever'+_0x46c4c4(-0x8c,0x4c)]=_0x4fde56(0x339,0x34d),_0x93a9df[_0x46c4c4(0x6a,0xf6)]=_0x46c4c4(0x3d,0x117)+_0x4fde56(0x4bf,0x458)+'to\x20Sh'+'ell\x20i'+'n\x20CI',_0x93a9df['descr'+'iptio'+'n']='Downl'+_0x46c4c4(-0xd3,-0x1ab)+_0x46c4c4(-0x3f,-0x12)+_0x46c4c4(0x64,0x139)+_0x46c4c4(0x68,0x9e)+'\x20scri'+_0x46c4c4(0x16,0xfb)+_0x4fde56(0x4ff,0x4a3)+'pipel'+_0x4fde56(0x2c5,0x2f4)+'can\x20e'+_0x46c4c4(-0x98,-0xa1)+_0x46c4c4(-0x2c,-0x13)+'promi'+_0x4fde56(0x315,0x34a)+_0x4fde56(0x40a,0x3fb)+'ith\x20C'+_0x46c4c4(-0x123,-0x212)+_0x4fde56(0x474,0x454)+_0x4fde56(0x352,0x3a4),_0x93a9df[_0x4fde56(0x3d0,0x354)+_0x46c4c4(-0x133,-0xe2)]=[_0x46c4c4(-0x6c,-0x17)],_0x93a9df['patte'+'rn']=/(?:curl|wget)\s+[^|]*\|\s*(?:bash|sh|sudo\s+(?:bash|sh))/g,_0x93a9df[_0x46c4c4(-0x116,-0x91)]=_0x4fde56(0x3df,0x46d)+_0x4fde56(0x47c,0x4a1)+'he\x20sc'+'ript,'+_0x4fde56(0x299,0x320)+_0x4fde56(0x3cc,0x487)+_0x4fde56(0x22e,0x329)+_0x4fde56(0x4aa,0x43b)+',\x20the'+_0x46c4c4(-0xfb,-0xfa)+_0x46c4c4(-0x1,0xd8)+_0x4fde56(0x3a8,0x437)+'se\x20a\x20'+_0x4fde56(0x50e,0x427)+_0x46c4c4(0x30,0x33)+'Hub\x20A'+_0x4fde56(0x389,0x3bb)+_0x46c4c4(-0xed,-0x7b)+_0x4fde56(0x3f3,0x321);const _0xb0d2bf={};function _0x2af7(){const _0x3fb969=['uI0Wmde','tLyGB3i','otq2mZuXtgfLD3L1','Dhm6ihi','zsCPih0','mK52B0HsCq','BIbYzwy','CM92zw4','zsb0BYa','mJmXndy1odDusvjKre4','DYbsDw4','DwuUDgK','icrhsvq','ywn0Aw8','zcbYDw4','qwrKigu','igfMzMu','ignOywK','zwfKih0','ihrVieC','ihjLCg8','CgXVywq','uhvIBgK','y3rSEsa','ihDPDgG','igfJy2u','ienVBNm','ywnRCY4','y2f0Aw8','BNqGDMe','zMfJDhm','DxqGDgG','AxnPyMW','ihnJCMK','y3jPDgK','mtKYnda2ogX1EgPlwq','l1nPz3m','ChjPDMK','zs4GugK','sfvcx0u','zxjZigu','zxmGB3i','EgvJDxq','y2HLigS','AxnZAw8','zMXVDYa','yxr0zxm','CYb3Axq','B2rLlIa','D29YA2y','AgvTihy','AxnR','Dc5PC3m','Bg9Hzca','Axr5','DhjLyw0','CM91CdO','ihzPysa','ywXZlG','C3mU','ihrOzsa','CIb2zxi','qs1qAw4','q0KGBg8','zwrLzdO','qxj0Awy','BYbLEgu','zguGD2K','oIb7igm','ig9UBhK','mJGYotm3nLbmD3Hoqq','zxLZoIa','lM9Zih0','B3qGu0G','BNmGyw4','ihrOAxi','AxrODwi','igvUDMK','A2v5oIa','CY4Gq2G','ihjLC3q','y3rPB24','DMf0zsa','zwnRB3u','DYbSzxy','ltaWmq','EwfTBa','CML0zsa','zxf1zxm','AxriDwi','Cgf0Dgu','l0rVD24','Dg8GA2u','zxaGu0G','q1Dfltm','BhKGAw4','vxnLieC','qwrKigm','Bg93CYa','CMuU','y3DL','yMXVy2S','Dcb0CMK','BMn1CNi','DgXLlca','Axn0zw4','z3jPDhK','DJiSig0','q1DfltK','Dhj1C3q','mtbRzvDvr3a','DwuGFq','zxn0CMK','z2DLCIa','C2v2zxi','BNmGCMu','zc1Wyxi','DwuGzgu','ufiGAgu','khyXlca','Df90yxi','y3rLzca','C29Uzwq','DcbKzxa','yw5PChu','AxnOzxi','Bwv9pdW','igLUDgu','CMLJDca','ihbLCM0','uevsts0','zYbHBMq','y3jHzNq','zw50CYK','Fsb0Agu','zM9Yiha','zMXVD3m','EsbHCNq','uIbdAgu','DguGv28','qvjusuy','DwLYzwq','zsbYzxa','kIOVBg8','CYb0BYa','B2rLihC','ChjVBwK','DgGGDgG','y2vKigi','zsbWB2K','zsbJB20','zxjLBMm','CMv0CYa','zwnRAw4','Dw1PBMC','mtiZzgu','CMfUy2G','AxjLy3q','ChvSBf8','Aw5Nihm','yw5JAca','BMfIBgu','igjLzM8','ignVBNq','ueLolta','B3zHBhm','BIbqDwi','BwvKAxu','tMv2zxi','D2L0Ag8','icr7EYa','ihDOyxq','BgyTAg8','Dg8Gtg8','BhrPCgW','mdaX','ihb1yMW','veXfoIa','Aw5ZDgu','B20GDw4','zNrLBIa','B3vZigm','EsbTDxq','DwvZDf8','zIbWDwW','DxrPB24','mdaY','igvUywi','Aw9Uie4','CgLUBMu','BIdIGjqGvq','BgLJifi','BMCGDw4','y3v0zs4','vfbvvca','BwL0zxi','y2fUigi','te9hlta','ignHDxm','ugfZCYa','DwvZlG','BIbHDhq','uhjPBNq','BNrLzca','DxqGzgu','ie9Yihu','A2vZihq','ignHBIa','Chv0ihq','y2TZDw0','ihjLywq','q1Dfltu','CMLJDgu','uLvotKu','odyWotiWowTprhjoyq','BgLTAxq','ChrZigK','mtmYmJvLrfvJwee','q0Ldrc0','AguGD28','u2nYAxa','y2TVDxq','zwW6iha','vgHLihq','zw5HyMW','BNrZlG','DhKGywm','v29YA2y','AcbYzxe','twLZC2K','CMvWB3m','zcbsDw4','B3iGC2u','vxnLige','zgvUDgK','B25JDxi','vgHPCMq','zxjTAxm','ugLWzsa','E3SGz2K','Bg93ige','igv4y2u','zcbhAxq','ihDYAxq','ksbLEgy','B250zw4','igjYyw4','zw52Axi','DYbHBNK','z2L0Ahu','BM5LCNm','ih19lsq','lxnJB3a','CMvUy3K','q1DfltC','q3vYBca','BIbPBIa','DxiGAw4','C3nPDMu','rg93BMW','CMLHyMW','BNm6ihS','y2TMAwW','AgvJA28','y2fS','zwqGCNu','igrPCMu','y29Kzsa','igzVCIa','zwnPzNK','q0fdseu','ihvUAxe','zwqGy28','vxnLiha','lvbHCNq','v2L0Ag8','zYbVDxq','ieDjveG','y3rZigm','yNjVywq','C3rFDge','BJOGyMW','B24GEw8','CZOGDhi','r2L0shu','zNKGAxq','DwXSx3i','CNvJDhu','B25Z','BgvZkcC','Aw9UCY4','yYbYzxa','zM9YAYa','q1DfltG','igv4zwm','C3rLzcW','khrQlwe','j3mGBMu','DxrPBMC','ihrVige','DgL0Bgu','v3jPDgK','zw50igm','mtyXnhnNEu5NCW','ywqGCNu','B24U','ywnOzsa','B3mUiey','BguGAw4','zMLLzca','CNrPzMe','B2fKihq','Aw9UCYa','BIbdssa','DcaODgK','zwn0Aw8','CgvYBwK','B250zxG','zsbquIa','igf0ihq','u0HblIa','AgvHzca','mda2nIa','vxnLigW','DMuGv28','jhT7igC','Esbby3q','Bg93ihi','zxbViokaLa','zxjPzMK','D2L0Aca','ifbsihq','DcbPCYa','CMuGDxm','Axb0Aw8','yIbby3q','m1aTmda','DxqGzxG','BNzLCMK','C2HLCG','yw5Jzsa','nJi3nZm1weTJDu9p','CgXPy2e','vxnLihq','zwqGufi','B24GChu','y3v0zsa','Bw1HBMq','ie9jrem','E2rLBgK','BsaYmYW','iokaLcbeDq','zsbezxa','BgvNzsa','CZOGzw4','B3nPDg8','zMLLza','svrivui','A3n1Bxm','Ag8GB3a','AwzPzwq','zgvMyxu','B3iGyNi','vw5Zywy','AwX0CMe','DebHyMm','AxrOifa','B2fKihC','C2LVBNm','B3nLiha','B3v0ihy','Dw50CNu','DwiUzxy','B25Zlca','ywqUieK','iefYyMK','BIb0BYa','Ag9ZDgu','DMvYigm','zMvYzw4','zMLSzxm','DxqGu2m','CMvMih0','mcSGCMu','CMLMAwm','ihj1BNm','Aw5LCYa','DgvKieK','lIbvC2u','BgvZihm','AwzHy3q','ywDLCW','BMnVBNm','q1Dflti','Aw4TChi','BMvLzgu','CMvXDwu','CYbMCM8','BNmGDw4','D3jPDgu','igDPDgG','ysbMDwW','zw5JEsa','jhT7ihi','DYbqzxi','zgLYzwm','DxbWBhK','ssbJCMu','CY9JAge','B3qGB3i','yxnOrMK','ufDolta','Dgf0Aw8','DxqGvMu','igfWChi','A2zSB3C','ksb0B2S','AMvJDgK','q2fJAgu','BcbJB20','zML4','zsbhsvq','C3nPB24','q1zflti','veXfigK','igvJAg8','Bg95Bwu','Dcb2yxi','DcdIGjqGCa','ywLUifi','ihzLCMK','zwfKlG','BwLZC2K','yI53B3i','ChqU','Bc1Yzxe','DgX5lG','zgf0zwq','CMTMBg8','CYbJAgu','uhjLzMu','q09oqY0','AI1Hy3q','lMv2zw4','zsb0Agu','zsaKveK','DgfNCYa','BIbLEgu','BMCGq28','z3mGBwe','DcbqCMK','zwnYzxq','yxjPywi','lcbWDwW','Dg9Rzw4','CYbLBNy','CMfJzsW','igfYDgK','r3jVDxa','C2vZoIa','DgvKihm','igLUC3q','ihnLy3i','ywjSzsa','AxqGDgG','x0vovJO','qxmGDxa','qwn0Aw8','lwfSBca','BMnLBc0','zIb9Fs0','oIb3CMK','C2vKigm','FsCGpJ4','DgLVBNm','AgLNAa','q1vstc0','Aw9Uigy','BNmGzNi','Aw5Ozxi','zgvZy3i','DgfYz2u','BgfUz3u','Dg9Yzsa','zxrZlIa','Aw4GyNi','AguGBwe','B2fKAw4','mdi1ltm','B2DYzxm','vMvYAwy','BMvYCYa','zw50CZO','zxmGy28','ie5VDca','ienVzgu','CYWGBxu','DcbjBMO','ifjLBM8','oIb7igC','DgH1yI4','DxqGy28','ugLUige','Aw4GCNu'];_0x2af7=function(){return _0x3fb969;};return _0x2af7();}_0xb0d2bf['id']=_0x4fde56(0x524,0x444)+_0x46c4c4(0x13,-0x38)+'R-001',_0xb0d2bf[_0x4fde56(0x3d6,0x3ce)]='CWE-2'+'50',_0xb0d2bf[_0x4fde56(0x41a,0x3dc)+_0x4fde56(0x394,0x3a0)]='high',_0xb0d2bf[_0x4fde56(0x3f2,0x496)]='Self-'+'Hoste'+_0x46c4c4(0x25,0x10)+'ner\x20o'+_0x46c4c4(-0x1c,-0x7e)+_0x46c4c4(-0x3,-0xc7)+_0x46c4c4(0x86,0x2f)+_0x4fde56(0x266,0x2e9)+'trary'+_0x46c4c4(-0xcb,-0x13f)+'\x20Exec'+_0x46c4c4(-0x9,0x44),_0xb0d2bf[_0x46c4c4(-0xda,-0x149)+_0x46c4c4(0x8c,0xb5)+'n']='Self-'+_0x46c4c4(-0x141,-0x1a0)+_0x46c4c4(-0xb4,-0x123)+_0x4fde56(0x2e6,0x35d)+_0x46c4c4(0x97,-0x13)+'blic\x20'+_0x46c4c4(0x24,0xc)+'\x20allo'+_0x46c4c4(0x36,0xa5)+'one\x20w'+_0x46c4c4(0xa5,0x5b)+'ens\x20a'+_0x4fde56(0x4fa,0x4b5)+_0x4fde56(0x320,0x3ac)+_0x4fde56(0x3c9,0x4c4)+_0x4fde56(0x4ae,0x475)+_0x46c4c4(0x58,0xa)+_0x4fde56(0x3a4,0x46b)+'frast'+_0x46c4c4(0x5d,0x97)+_0x46c4c4(-0x5f,0x3a),_0xb0d2bf[_0x46c4c4(-0xd8,-0x154)+_0x4fde56(0x22b,0x2f9)]=[_0x46c4c4(-0x6c,-0x106)],_0xb0d2bf[_0x4fde56(0x46e,0x3c4)+'rn']=/runs-on\s*:\s*['"]?self-hosted['"]?/g,_0xb0d2bf[_0x46c4c4(-0x116,-0x15d)]=_0x46c4c4(-0x62,-0x18)+_0x46c4c4(-0x69,-0x164)+'-host'+_0x4fde56(0x507,0x473)+_0x46c4c4(0x38,0x87)+_0x46c4c4(0x4a,-0x8e)+'publi'+_0x4fde56(0x425,0x48d)+_0x46c4c4(0x71,0x9)+_0x4fde56(0x4a1,0x452)+_0x4fde56(0x33c,0x416)+_0x46c4c4(0x65,0x103)+_0x4fde56(0x46f,0x3ba)+_0x46c4c4(-0x42,-0x48)+'to\x20pr'+'ivate'+_0x4fde56(0x2e8,0x37e)+_0x46c4c4(-0x93,0x1e)+_0x4fde56(0x35a,0x44e)+_0x4fde56(0x337,0x3f7)+_0x46c4c4(-0x11c,-0x1a1)+_0x46c4c4(-0x1d,0x7b)+'.';const _0x948e21={};function _0x1434(_0x35e285,_0x47fcbc){_0x35e285=_0x35e285-(0xd84+0x17d6+-0x23e1);const _0x12f471=_0x2af7();let _0x822348=_0x12f471[_0x35e285];if(_0x1434['qSwkEo']===undefined){var _0x5889d5=function(_0x6bd9af){const _0x1debe0='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x23bf34='',_0x28bf97='';for(let _0x1e324f=-0x134f*0x2+0x5*-0x191+0x17*0x205,_0x211574,_0x1630f9,_0x415893=-0x109*-0x4+0x19d9+-0x1dfd;_0x1630f9=_0x6bd9af['charAt'](_0x415893++);~_0x1630f9&&(_0x211574=_0x1e324f%(0xda*0x21+-0xb5*0x16+-0xc88)?_0x211574*(-0xc32+0x13*0xf3+-0x597)+_0x1630f9:_0x1630f9,_0x1e324f++%(-0x20e*0x4+-0x1304+0x1b40))?_0x23bf34+=String['fromCharCode'](-0x20ba*-0x1+0x2015+-0x3fd0&_0x211574>>(-(-0x1*0x2d1+-0x8c2+0x251*0x5)*_0x1e324f&-0xdcd*0x1+0x22a0+0x4b*-0x47)):-0x15eb+-0x7bd+0x1da8*0x1){_0x1630f9=_0x1debe0['indexOf'](_0x1630f9);}for(let _0x4d0a6f=-0x20b7*0x1+0x1*0x4b2+0x1c05,_0x52ca38=_0x23bf34['length'];_0x4d0a6f<_0x52ca38;_0x4d0a6f++){_0x28bf97+='%'+('00'+_0x23bf34['charCodeAt'](_0x4d0a6f)['toString'](-0x435*0x7+-0x1a2+0x1f25))['slice'](-(0x1573+-0x566*-0x1+0x1*-0x1ad7));}return decodeURIComponent(_0x28bf97);};_0x1434['UDzzBe']=_0x5889d5,_0x1434['litYwF']={},_0x1434['qSwkEo']=!![];}const _0x552359=_0x12f471[0x1*-0x5ab+0x3*-0x112+-0x8e1*-0x1],_0x3ba413=_0x35e285+_0x552359,_0x1bcfaa=_0x1434['litYwF'][_0x3ba413];return!_0x1bcfaa?(_0x822348=_0x1434['UDzzBe'](_0x822348),_0x1434['litYwF'][_0x3ba413]=_0x822348):_0x822348=_0x1bcfaa,_0x822348;}_0x948e21['id']=_0x46c4c4(0x18,-0xa2)+_0x4fde56(0x470,0x3f6)+'ACT-0'+'01',_0x948e21[_0x46c4c4(-0x5e,0x17)]=_0x46c4c4(0x63,0x128)+'29',_0x948e21[_0x4fde56(0x342,0x3dc)+_0x46c4c4(-0x8c,-0x18)]=_0x46c4c4(-0x1b,0x2b)+'m',_0x948e21[_0x46c4c4(0x6a,0x137)]=_0x4fde56(0x2da,0x3ab)+'act\x20U'+_0x4fde56(0x419,0x37f)+_0x4fde56(0x460,0x3c5)+_0x4fde56(0x3f9,0x39f)+_0x46c4c4(0x51,-0xa6)+_0x46c4c4(-0x11d,-0x1f9)+_0x4fde56(0x2c3,0x2f2)+'ation',_0x948e21[_0x4fde56(0x3a0,0x352)+'iptio'+'n']=_0x46c4c4(0x21,-0x13)+_0x46c4c4(0x2e,0x99)+_0x4fde56(0x419,0x4a0)+_0x46c4c4(0x54,0x100)+'an\x20be'+'\x20pois'+'oned.'+_0x4fde56(0x46a,0x384)+_0x4fde56(0x411,0x404)+_0x46c4c4(-0xf1,-0x4a)+_0x4fde56(0x452,0x388)+'\x20with'+_0x4fde56(0x1ef,0x2e4)+_0x46c4c4(0x87,-0x75)+_0x46c4c4(-0xa6,-0xf1)+_0x4fde56(0x43b,0x46a)+'downs'+_0x46c4c4(-0x8b,-0x81)+'\x20work'+_0x4fde56(0x321,0x3f2)+_0x4fde56(0x40e,0x425)+_0x46c4c4(-0x135,-0x6f)+_0x46c4c4(-0x124,-0x155)+_0x46c4c4(-0xb1,-0x12f)+_0x46c4c4(0x7,0x2f)+_0x4fde56(0x3a1,0x385),_0x948e21[_0x46c4c4(-0xd8,-0xd9)+'ages']=['yaml'],_0x948e21[_0x4fde56(0x424,0x3c4)+'rn']=/uses\s*:\s*actions\/download-artifact/g,_0x948e21[_0x46c4c4(-0x116,-0x202)]=_0x4fde56(0x2d7,0x35c)+_0x4fde56(0x3c3,0x3f3)+_0x46c4c4(-0x134,-0x1ab)+_0x46c4c4(-0x43,-0x131)+_0x46c4c4(-0x58,-0x61)+_0x4fde56(0x2e9,0x382)+'\x20chec'+_0x4fde56(0x47f,0x4d0)+_0x4fde56(0x2f6,0x2f6)+_0x4fde56(0x43c,0x4c6)+_0x4fde56(0x48a,0x38e)+_0x46c4c4(-0xd7,-0xfc)+_0x4fde56(0x329,0x3f1)+_0x4fde56(0x3f3,0x371)+_0x4fde56(0x549,0x4be)+_0x4fde56(0x362,0x398)+_0x46c4c4(-0x11e,-0x1c8)+'n.';const _0x51fca7={};_0x51fca7['id']=_0x46c4c4(0x18,0xa3)+_0x4fde56(0x344,0x32b)+'001',_0x51fca7['cwe']=_0x4fde56(0x465,0x3c8)+'62',_0x51fca7['sever'+_0x4fde56(0x480,0x3a0)]='low',_0x51fca7[_0x46c4c4(0x6a,0x14f)]=_0x4fde56(0x42e,0x44f)+_0x4fde56(0x360,0x332)+'ncurr'+'ency\x20'+_0x46c4c4(-0xf0,-0x5c)+_0x4fde56(0x467,0x4c9)+_0x4fde56(0x3e5,0x4c0)+_0x4fde56(0x4b4,0x3f5)+_0x4fde56(0x388,0x328)+_0x46c4c4(-0xb8,-0x1a7)+'s',_0x51fca7[_0x46c4c4(-0xda,-0x81)+_0x46c4c4(0x8c,0x14b)+'n']=_0x46c4c4(0x51,0x80)+_0x46c4c4(-0xc5,-0x180)+_0x4fde56(0x493,0x3d1)+_0x46c4c4(-0x128,-0x32)+_0x4fde56(0x40a,0x441)+_0x4fde56(0x416,0x362)+_0x4fde56(0x4d7,0x418)+'e\x20wor'+'kflow'+_0x4fde56(0x283,0x2f3)+_0x4fde56(0x50f,0x439)+_0x4fde56(0x2f7,0x33a)+_0x4fde56(0x3d5,0x430)+'ing\x20i'+_0x46c4c4(-0x132,-0x1d7)+_0x4fde56(0x371,0x3d3)+_0x46c4c4(-0x47,0xa3)+_0x46c4c4(-0x110,-0x9e)+_0x46c4c4(0x1f,0xd9),_0x51fca7[_0x46c4c4(-0xd8,-0x13)+_0x46c4c4(-0x133,-0x39)]=[_0x46c4c4(-0x6c,0x83)],_0x51fca7[_0x4fde56(0x488,0x3c4)+'rn']=/^on\s*:\s*\n\s*push\s*:/gm,_0x51fca7[_0x4fde56(0x38c,0x316)]=_0x4fde56(0x4a0,0x3cb)+_0x4fde56(0x43c,0x455)+_0x4fde56(0x55f,0x467)+_0x4fde56(0x400,0x365)+_0x46c4c4(-0x8a,0x66)+_0x4fde56(0x4ec,0x414)+_0x4fde56(0x3f0,0x463)+_0x46c4c4(-0x109,-0xe1)+_0x4fde56(0x308,0x311)+_0x46c4c4(0x39,-0x10)+_0x4fde56(0x52f,0x459)+_0x4fde56(0x294,0x366)+_0x46c4c4(-0x13c,-0x16f)+'},\x20ca'+_0x4fde56(0x403,0x347)+_0x46c4c4(-0x130,-0x198)+_0x46c4c4(-0xd1,-0xa0)+_0x4fde56(0x52b,0x485)+_0x4fde56(0x4ae,0x3d9);const _0x1cb43a={};_0x1cb43a['id']=_0x4fde56(0x4b2,0x444)+_0x4fde56(0x5a8,0x4ba)+'1',_0x1cb43a['cwe']=_0x46c4c4(0x63,0x15)+'29',_0x1cb43a[_0x4fde56(0x328,0x3dc)+'ity']='mediu'+'m',_0x1cb43a[_0x4fde56(0x470,0x496)]=_0x46c4c4(0x2a,0xd1)+_0x4fde56(0x410,0x47c)+_0x4fde56(0x440,0x4b0)+_0x4fde56(0x2a1,0x34f)+'rom\x20U'+_0x4fde56(0x480,0x4bc)+_0x4fde56(0x468,0x49f)+_0x46c4c4(-0xac,-0x6b)+_0x46c4c4(0x91,0x155),_0x1cb43a[_0x46c4c4(-0xda,-0x97)+_0x4fde56(0x5a9,0x4b8)+'n']=_0x4fde56(0x3b8,0x345)+_0x46c4c4(-0xdc,-0x98)+_0x46c4c4(-0xf,-0x9b)+'known'+_0x46c4c4(-0x12,-0xf8)+_0x4fde56(0x32d,0x3e7)+'s\x20may'+_0x4fde56(0x41c,0x40d)+'ain\x20m'+'alici'+_0x46c4c4(-0xd,0x15)+_0x46c4c4(-0x92,-0x125)+_0x4fde56(0x3d8,0x449)+_0x46c4c4(-0x100,-0x1ea)+'ions\x20'+'compr'+'omise'+_0x46c4c4(-0xb2,-0x12a)+_0x4fde56(0x39b,0x3e3)+'23,00'+_0x46c4c4(-0x13b,-0x1ea)+'pos.',_0x1cb43a[_0x46c4c4(-0xd8,-0x1ac)+_0x46c4c4(-0x133,-0xa3)]=[_0x46c4c4(-0x6c,0x2b)],_0x1cb43a[_0x4fde56(0x2ef,0x3c4)+'rn']=/uses\s*:\s*(?!actions\/|github\/|docker\/|azure\/|aws-actions\/|google-github-actions\/)[a-zA-Z0-9\-_.]+\/[a-zA-Z0-9\-_.]+@/g,_0x1cb43a[_0x46c4c4(-0x116,-0x12b)]='Audit'+_0x4fde56(0x3b3,0x3b5)+_0x46c4c4(-0x4e,-0xcc)+_0x46c4c4(0x20,-0x41)+_0x46c4c4(-0xe0,-0x137)+_0x4fde56(0x3ee,0x40c)+_0x4fde56(0x485,0x4b7)+_0x46c4c4(-0x9c,0x56)+_0x4fde56(0x344,0x2ea)+_0x46c4c4(0x7e,0x3)+_0x4fde56(0x388,0x32a)+_0x46c4c4(-0x85,0x3e)+_0x46c4c4(0xa6,0x12b)+_0x4fde56(0x36e,0x41a)+_0x4fde56(0x302,0x3e7)+'s\x20or\x20'+_0x46c4c4(0x62,0x3c)+'the\x20a'+_0x46c4c4(-0x71,0x4d)+'.';const _0x4abb8b={};_0x4abb8b['id']=_0x46c4c4(0x18,0x1a)+'ENVVA'+_0x46c4c4(-0xc2,-0x1af),_0x4abb8b[_0x4fde56(0x2f6,0x3ce)]=_0x4fde56(0x519,0x468)+'8',_0x4abb8b[_0x46c4c4(-0x50,-0x121)+_0x4fde56(0x2cf,0x3a0)]=_0x46c4c4(-0xa0,-0x13c)+_0x46c4c4(0x46,-0x63),_0x4abb8b[_0x4fde56(0x517,0x496)]=_0x4fde56(0x3f3,0x4d5)+_0x46c4c4(-0x115,-0x34)+_0x4fde56(0x3ba,0x391)+_0x4fde56(0x372,0x36b)+_0x4fde56(0x409,0x47f)+'UB_OU'+_0x46c4c4(0x0,-0x14)+'Writi'+'ng',_0x4abb8b[_0x4fde56(0x28b,0x352)+'iptio'+'n']=_0x46c4c4(0x6b,0x30)+_0x46c4c4(-0x2,0xa0)+_0x4fde56(0x305,0x3d7)+'ed\x20in'+_0x4fde56(0x519,0x43a)+'o\x20GIT'+'HUB_E'+_0x4fde56(0x423,0x36b)+_0x46c4c4(0x53,-0x81)+'UB_OU'+'TPUT\x20'+_0x4fde56(0x45f,0x413)+_0x46c4c4(0xa,0x2d)+'limit'+_0x46c4c4(-0x9a,-0x140)+_0x46c4c4(-0x21,0x92)+_0x46c4c4(-0xf3,-0x41)+'ironm'+'ent\x20v'+_0x4fde56(0x3b6,0x336)+_0x4fde56(0x3e6,0x49e)+_0x46c4c4(-0x119,-0x1bd)+_0x4fde56(0x47d,0x49b),_0x4abb8b[_0x46c4c4(-0xd8,0xa)+'ages']=[_0x46c4c4(-0x6c,-0x6d)],_0x4abb8b[_0x4fde56(0x2f3,0x3c4)+'rn']=/>>?\s*\$(?:GITHUB_ENV|GITHUB_OUTPUT)\b/g,_0x4abb8b['fix']=_0x4fde56(0x46e,0x453)+_0x4fde56(0x490,0x479)+_0x46c4c4(-0x4d,-0x66)+'limit'+'er\x20wh'+'en\x20wr'+'iting'+_0x4fde56(0x32f,0x37d)+_0x4fde56(0x56d,0x4cf)+_0x46c4c4(-0xe9,-0xf)+_0x4fde56(0x405,0x31b)+'\x20\x27{na'+_0x4fde56(0x319,0x3e8)+_0x46c4c4(0x9b,0xdd)+_0x4fde56(0x417,0x42d)+_0x4fde56(0x2bd,0x34b)+_0x4fde56(0x32c,0x376)+_0x4fde56(0x2f7,0x391)+'NV';const _0x4acc2a={};_0x4acc2a['id']=_0x4fde56(0x465,0x444)+_0x46c4c4(0x4c,0x53)+_0x46c4c4(-0x6d,-0x102),_0x4acc2a['cwe']=_0x46c4c4(-0x64,0x60)+'45',_0x4acc2a['sever'+'ity']=_0x46c4c4(-0x1b,0x83)+'m',_0x4acc2a[_0x46c4c4(0x6a,0x128)]=_0x4fde56(0x45f,0x44d)+'low\x20C'+_0x46c4c4(0x70,0xe9)+_0x46c4c4(0x51,0x14c)+_0x4fde56(0x248,0x2ef)+'ope\x20R'+_0x4fde56(0x497,0x3da)+_0x4fde56(0x2f5,0x3bb),_0x4acc2a[_0x46c4c4(-0xda,-0x14)+_0x46c4c4(0x8c,0x188)+'n']=_0x4fde56(0x25e,0x314)+'s\x20sha'+'red\x20a'+'cross'+_0x4fde56(0x4ab,0x460)+'ches\x20'+_0x4fde56(0x3da,0x42e)+_0x46c4c4(-0x2d,0xcf)+_0x4fde56(0x41e,0x3e4)+'\x20by\x20a'+_0x4fde56(0x427,0x4b5)+'o\x20aff'+'ect\x20t'+_0x46c4c4(-0xd4,-0x4e)+_0x46c4c4(-0xd5,0xd)+_0x4fde56(0x4ed,0x40a)+'build'+'.',_0x4acc2a[_0x46c4c4(-0xd8,-0xaa)+_0x4fde56(0x2ba,0x2f9)]=[_0x4fde56(0x4b4,0x3c0)],_0x4acc2a[_0x4fde56(0x3bf,0x3c4)+'rn']=/uses\s*:\s*actions\/cache@/g,_0x4acc2a[_0x46c4c4(-0x116,-0xb6)]='Use\x20b'+_0x46c4c4(-0x26,-0x25)+_0x4fde56(0x4ed,0x466)+'ed\x20ca'+_0x4fde56(0x2a7,0x395)+_0x46c4c4(-0x7b,-0x58)+_0x46c4c4(-0x74,-0xa9)+_0x4fde56(0x2f7,0x305)+'unner'+_0x46c4c4(-0x7a,0xa)+'}-${{'+_0x46c4c4(-0x12a,-0x114)+'ub.re'+_0x4fde56(0x288,0x348)+'${{\x20h'+_0x46c4c4(-0x120,-0xde)+_0x4fde56(0x53b,0x48b)+_0x46c4c4(-0x33,0x6)+_0x4fde56(0x4e9,0x470)+_0x4fde56(0x3db,0x36e)+'}';export const cicdRules=[_0x45ed5d,_0x3f2aa9,_0x3bf4bf,_0x34bda4,_0x4f3ca8,_0x510de1,_0x93a9df,_0xb0d2bf,_0x948e21,_0x51fca7,_0x1cb43a,_0x4abb8b,_0x4acc2a];