circle-ir 3.158.0 → 3.159.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/analysis/passes/cross-file-pass.d.ts.map +1 -1
- package/dist/analysis/passes/cross-file-pass.js +44 -2
- package/dist/analysis/passes/cross-file-pass.js.map +1 -1
- package/dist/analysis/passes/language-sources-pass.d.ts.map +1 -1
- package/dist/analysis/passes/language-sources-pass.js +79 -0
- package/dist/analysis/passes/language-sources-pass.js.map +1 -1
- package/dist/browser/circle-ir.js +37 -0
- package/package.json +1 -1
|
@@ -24592,6 +24592,7 @@ var LanguageSourcesPass = class {
|
|
|
24592
24592
|
additionalSanitizers.push(
|
|
24593
24593
|
...findJavaPathNormalizeStartsWithGuardSanitizers(code)
|
|
24594
24594
|
);
|
|
24595
|
+
additionalSanitizers.push(...findJavaPathGetFileNameSanitizers(code));
|
|
24595
24596
|
additionalSanitizers.push(...findJavaInlineCrlfStripLogSanitizers(code));
|
|
24596
24597
|
additionalSanitizers.push(...findJavaArgvFormExecSanitizers(code));
|
|
24597
24598
|
for (const finding of findJavaPatternFindings(code, graph.ir.meta.file)) {
|
|
@@ -26634,6 +26635,42 @@ function findJavaPathNormalizeStartsWithGuardSanitizers(code) {
|
|
|
26634
26635
|
}
|
|
26635
26636
|
return sanitizers;
|
|
26636
26637
|
}
|
|
26638
|
+
function findJavaPathGetFileNameSanitizers(code) {
|
|
26639
|
+
const sanitizers = [];
|
|
26640
|
+
const lines = code.split("\n");
|
|
26641
|
+
const assignmentRe = /^\s*(?:(?:final\s+)?[A-Za-z_][\w.<>?,\s\[\]]*?\s+)?([A-Za-z_]\w*)\s*=\s*(.+?);\s*$/;
|
|
26642
|
+
const rhsHasGetFileNameRe = /\.\s*getFileName\s*\(\s*\)/;
|
|
26643
|
+
const rhsHasPathsChainRe = /\b(?:Paths\s*\.\s*get|Path\s*\.\s*of)\s*\(/;
|
|
26644
|
+
const candidates = [];
|
|
26645
|
+
for (let i2 = 0; i2 < lines.length; i2++) {
|
|
26646
|
+
const m = assignmentRe.exec(lines[i2]);
|
|
26647
|
+
if (!m) continue;
|
|
26648
|
+
const rhs = m[2];
|
|
26649
|
+
if (!rhsHasGetFileNameRe.test(rhs)) continue;
|
|
26650
|
+
if (!rhsHasPathsChainRe.test(rhs)) continue;
|
|
26651
|
+
candidates.push({ line: i2 + 1, boundVar: m[1] });
|
|
26652
|
+
}
|
|
26653
|
+
if (candidates.length === 0) return sanitizers;
|
|
26654
|
+
for (const c of candidates) {
|
|
26655
|
+
sanitizers.push({
|
|
26656
|
+
type: "java_path_get_filename",
|
|
26657
|
+
method: "getFileName",
|
|
26658
|
+
line: c.line,
|
|
26659
|
+
sanitizes: ["path_traversal", "external_taint_escape"]
|
|
26660
|
+
});
|
|
26661
|
+
const varRefRe = new RegExp(`\\b${c.boundVar}\\b`);
|
|
26662
|
+
for (let l = c.line; l < lines.length; l++) {
|
|
26663
|
+
if (!varRefRe.test(lines[l])) continue;
|
|
26664
|
+
sanitizers.push({
|
|
26665
|
+
type: "java_path_get_filename",
|
|
26666
|
+
method: "getFileName",
|
|
26667
|
+
line: l + 1,
|
|
26668
|
+
sanitizes: ["path_traversal", "external_taint_escape"]
|
|
26669
|
+
});
|
|
26670
|
+
}
|
|
26671
|
+
}
|
|
26672
|
+
return sanitizers;
|
|
26673
|
+
}
|
|
26637
26674
|
function findJavaInlineCrlfStripLogSanitizers(code) {
|
|
26638
26675
|
const sanitizers = [];
|
|
26639
26676
|
const lines = code.split("\n");
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "circle-ir",
|
|
3
|
-
"version": "3.
|
|
3
|
+
"version": "3.159.0",
|
|
4
4
|
"description": "High-performance Static Application Security Testing (SAST) library for detecting security vulnerabilities through taint analysis",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"module": "dist/index.js",
|