cognium-dev 3.66.0 → 3.67.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +41 -4
- package/package.json +2 -2
package/dist/cli.js
CHANGED
|
@@ -11038,9 +11038,11 @@ var DEFAULT_SINKS = [
|
|
|
11038
11038
|
{ method: "rmdir", class: "fs", type: "path_traversal", cwe: "CWE-22", severity: "critical", arg_positions: [0] },
|
|
11039
11039
|
{ method: "createReadStream", class: "fs", type: "path_traversal", cwe: "CWE-22", severity: "critical", arg_positions: [0] },
|
|
11040
11040
|
{ method: "createWriteStream", class: "fs", type: "path_traversal", cwe: "CWE-22", severity: "critical", arg_positions: [0] },
|
|
11041
|
-
{ method: "query", class: "Connection", type: "sql_injection", cwe: "CWE-89", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"] },
|
|
11042
|
-
{ method: "query", class: "Pool", type: "sql_injection", cwe: "CWE-89", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"] },
|
|
11043
|
-
{ method: "query", class: "Client", type: "sql_injection", cwe: "CWE-89", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"] },
|
|
11041
|
+
{ method: "query", class: "Connection", type: "sql_injection", cwe: "CWE-89", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"], allow_unresolved_receiver: true },
|
|
11042
|
+
{ method: "query", class: "Pool", type: "sql_injection", cwe: "CWE-89", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"], allow_unresolved_receiver: true },
|
|
11043
|
+
{ method: "query", class: "Client", type: "sql_injection", cwe: "CWE-89", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"], allow_unresolved_receiver: true },
|
|
11044
|
+
{ method: "execute", class: "Pool", type: "sql_injection", cwe: "CWE-89", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"], allow_unresolved_receiver: true },
|
|
11045
|
+
{ method: "execute", class: "Connection", type: "sql_injection", cwe: "CWE-89", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"], allow_unresolved_receiver: true },
|
|
11044
11046
|
{ method: "raw", type: "sql_injection", cwe: "CWE-89", severity: "high", arg_positions: [0], languages: ["javascript", "typescript"] },
|
|
11045
11047
|
{ method: "setAttribute", type: "xss", cwe: "CWE-79", severity: "high", arg_positions: [1] },
|
|
11046
11048
|
{ method: "send", class: "Response", type: "xss", cwe: "CWE-79", severity: "high", arg_positions: [0] },
|
|
@@ -11053,6 +11055,9 @@ var DEFAULT_SINKS = [
|
|
|
11053
11055
|
{ method: "runInContext", class: "vm", type: "code_injection", cwe: "CWE-94", severity: "critical", arg_positions: [0] },
|
|
11054
11056
|
{ method: "runInNewContext", class: "vm", type: "code_injection", cwe: "CWE-94", severity: "critical", arg_positions: [0] },
|
|
11055
11057
|
{ method: "runInThisContext", class: "vm", type: "code_injection", cwe: "CWE-94", severity: "critical", arg_positions: [0] },
|
|
11058
|
+
{ method: "parse", class: "protobuf", type: "code_injection", cwe: "CWE-94", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"] },
|
|
11059
|
+
{ method: "parse", class: "protobufjs", type: "code_injection", cwe: "CWE-94", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"] },
|
|
11060
|
+
{ method: "parse", class: "Root", type: "code_injection", cwe: "CWE-94", severity: "critical", arg_positions: [0], languages: ["javascript", "typescript"] },
|
|
11056
11061
|
{ method: "find", class: "Collection", type: "nosql_injection", cwe: "CWE-943", severity: "high", arg_positions: [0] },
|
|
11057
11062
|
{ method: "findOne", class: "Collection", type: "nosql_injection", cwe: "CWE-943", severity: "high", arg_positions: [0] },
|
|
11058
11063
|
{ method: "updateOne", class: "Collection", type: "nosql_injection", cwe: "CWE-943", severity: "high", arg_positions: [0] },
|
|
@@ -12249,6 +12254,9 @@ function matchesSinkPattern(call, pattern, typeHierarchy, language) {
|
|
|
12249
12254
|
if (typeHierarchy && typeHierarchy.couldBeType(call.receiver, pattern.class)) {
|
|
12250
12255
|
return true;
|
|
12251
12256
|
}
|
|
12257
|
+
if (pattern.allow_unresolved_receiver && !call.receiver_type && !call.receiver_type_fqn && call.receiver.includes(".")) {
|
|
12258
|
+
return true;
|
|
12259
|
+
}
|
|
12252
12260
|
return false;
|
|
12253
12261
|
} else if (!call.receiver && !call.receiver_type) {
|
|
12254
12262
|
const target = call.resolution?.target;
|
|
@@ -15265,6 +15273,9 @@ class DefaultLanguageRegistry {
|
|
|
15265
15273
|
if (language === "tsx") {
|
|
15266
15274
|
return this.plugins.get("javascript");
|
|
15267
15275
|
}
|
|
15276
|
+
if (language === "typescript") {
|
|
15277
|
+
return this.plugins.get("javascript");
|
|
15278
|
+
}
|
|
15268
15279
|
return this.plugins.get(language);
|
|
15269
15280
|
}
|
|
15270
15281
|
getForFile(filePath) {
|
|
@@ -22122,6 +22133,32 @@ class SinkFilterPass {
|
|
|
22122
22133
|
return true;
|
|
22123
22134
|
});
|
|
22124
22135
|
}
|
|
22136
|
+
if (["javascript", "typescript"].includes(language)) {
|
|
22137
|
+
const sourceLines = ctx.code.split(`
|
|
22138
|
+
`);
|
|
22139
|
+
const guardPatterns = /\b(?:includes|startsWith|endsWith|indexOf|test|match)\s*\(/;
|
|
22140
|
+
filtered = filtered.filter((sink) => {
|
|
22141
|
+
if (sink.type !== "open_redirect" && sink.type !== "crlf") {
|
|
22142
|
+
return true;
|
|
22143
|
+
}
|
|
22144
|
+
const sinkLineText = sourceLines[sink.line - 1] ?? "";
|
|
22145
|
+
const startLine = Math.max(0, sink.line - 7);
|
|
22146
|
+
for (let i2 = startLine;i2 < sink.line - 1; i2++) {
|
|
22147
|
+
const line = sourceLines[i2] ?? "";
|
|
22148
|
+
if (/\bif\s*\(/.test(line) && guardPatterns.test(line)) {
|
|
22149
|
+
return false;
|
|
22150
|
+
}
|
|
22151
|
+
}
|
|
22152
|
+
if (/\bencodeURIComponent\s*\(|\bencodeURI\s*\(/.test(sinkLineText)) {
|
|
22153
|
+
return false;
|
|
22154
|
+
}
|
|
22155
|
+
const setHeaderMatch = sinkLineText.match(/setHeader\s*\(\s*[^,]+,\s*(['"`])([^'"`]*)\1\s*\)/);
|
|
22156
|
+
if (setHeaderMatch) {
|
|
22157
|
+
return false;
|
|
22158
|
+
}
|
|
22159
|
+
return true;
|
|
22160
|
+
});
|
|
22161
|
+
}
|
|
22125
22162
|
return { sources, sinks: filtered, sanitizers };
|
|
22126
22163
|
}
|
|
22127
22164
|
}
|
|
@@ -31317,7 +31354,7 @@ var colors = {
|
|
|
31317
31354
|
};
|
|
31318
31355
|
|
|
31319
31356
|
// src/version.ts
|
|
31320
|
-
var version = "3.
|
|
31357
|
+
var version = "3.67.0";
|
|
31321
31358
|
|
|
31322
31359
|
// src/formatters.ts
|
|
31323
31360
|
var SINK_SEVERITY = {
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "cognium-dev",
|
|
3
|
-
"version": "3.
|
|
3
|
+
"version": "3.67.0",
|
|
4
4
|
"description": "Static Application Security Testing CLI for detecting security vulnerabilities via taint tracking",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
@@ -65,7 +65,7 @@
|
|
|
65
65
|
"registry": "https://registry.npmjs.org/"
|
|
66
66
|
},
|
|
67
67
|
"dependencies": {
|
|
68
|
-
"circle-ir": "^3.
|
|
68
|
+
"circle-ir": "^3.67.0"
|
|
69
69
|
},
|
|
70
70
|
"devDependencies": {
|
|
71
71
|
"@types/node": "^25.5.0",
|