eslint-plugin-secure-coding 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/AGENTS.md +196 -0
- package/CHANGELOG.md +105 -0
- package/LICENSE +23 -0
- package/README.md +377 -0
- package/package.json +80 -0
- package/src/index.d.ts +32 -0
- package/src/index.js +345 -0
- package/src/index.js.map +1 -0
- package/src/rules/security/database-injection.d.ts +13 -0
- package/src/rules/security/database-injection.js +407 -0
- package/src/rules/security/database-injection.js.map +1 -0
- package/src/rules/security/detect-child-process.d.ts +11 -0
- package/src/rules/security/detect-child-process.js +460 -0
- package/src/rules/security/detect-child-process.js.map +1 -0
- package/src/rules/security/detect-eval-with-expression.d.ts +9 -0
- package/src/rules/security/detect-eval-with-expression.js +393 -0
- package/src/rules/security/detect-eval-with-expression.js.map +1 -0
- package/src/rules/security/detect-non-literal-fs-filename.d.ts +7 -0
- package/src/rules/security/detect-non-literal-fs-filename.js +322 -0
- package/src/rules/security/detect-non-literal-fs-filename.js.map +1 -0
- package/src/rules/security/detect-non-literal-regexp.d.ts +9 -0
- package/src/rules/security/detect-non-literal-regexp.js +387 -0
- package/src/rules/security/detect-non-literal-regexp.js.map +1 -0
- package/src/rules/security/detect-object-injection.d.ts +11 -0
- package/src/rules/security/detect-object-injection.js +411 -0
- package/src/rules/security/detect-object-injection.js.map +1 -0
- package/src/rules/security/no-buffer-overread.d.ts +14 -0
- package/src/rules/security/no-buffer-overread.js +519 -0
- package/src/rules/security/no-buffer-overread.js.map +1 -0
- package/src/rules/security/no-clickjacking.d.ts +10 -0
- package/src/rules/security/no-clickjacking.js +381 -0
- package/src/rules/security/no-clickjacking.js.map +1 -0
- package/src/rules/security/no-directive-injection.d.ts +12 -0
- package/src/rules/security/no-directive-injection.js +446 -0
- package/src/rules/security/no-directive-injection.js.map +1 -0
- package/src/rules/security/no-document-cookie.d.ts +5 -0
- package/src/rules/security/no-document-cookie.js +90 -0
- package/src/rules/security/no-document-cookie.js.map +1 -0
- package/src/rules/security/no-electron-security-issues.d.ts +10 -0
- package/src/rules/security/no-electron-security-issues.js +421 -0
- package/src/rules/security/no-electron-security-issues.js.map +1 -0
- package/src/rules/security/no-exposed-sensitive-data.d.ts +11 -0
- package/src/rules/security/no-exposed-sensitive-data.js +341 -0
- package/src/rules/security/no-exposed-sensitive-data.js.map +1 -0
- package/src/rules/security/no-format-string-injection.d.ts +17 -0
- package/src/rules/security/no-format-string-injection.js +653 -0
- package/src/rules/security/no-format-string-injection.js.map +1 -0
- package/src/rules/security/no-graphql-injection.d.ts +12 -0
- package/src/rules/security/no-graphql-injection.js +410 -0
- package/src/rules/security/no-graphql-injection.js.map +1 -0
- package/src/rules/security/no-hardcoded-credentials.d.ts +26 -0
- package/src/rules/security/no-hardcoded-credentials.js +377 -0
- package/src/rules/security/no-hardcoded-credentials.js.map +1 -0
- package/src/rules/security/no-improper-sanitization.d.ts +12 -0
- package/src/rules/security/no-improper-sanitization.js +408 -0
- package/src/rules/security/no-improper-sanitization.js.map +1 -0
- package/src/rules/security/no-improper-type-validation.d.ts +10 -0
- package/src/rules/security/no-improper-type-validation.js +420 -0
- package/src/rules/security/no-improper-type-validation.js.map +1 -0
- package/src/rules/security/no-insecure-comparison.d.ts +7 -0
- package/src/rules/security/no-insecure-comparison.js +125 -0
- package/src/rules/security/no-insecure-comparison.js.map +1 -0
- package/src/rules/security/no-insecure-cookie-settings.d.ts +9 -0
- package/src/rules/security/no-insecure-cookie-settings.js +305 -0
- package/src/rules/security/no-insecure-cookie-settings.js.map +1 -0
- package/src/rules/security/no-insecure-jwt.d.ts +10 -0
- package/src/rules/security/no-insecure-jwt.js +338 -0
- package/src/rules/security/no-insecure-jwt.js.map +1 -0
- package/src/rules/security/no-insecure-redirects.d.ts +7 -0
- package/src/rules/security/no-insecure-redirects.js +215 -0
- package/src/rules/security/no-insecure-redirects.js.map +1 -0
- package/src/rules/security/no-insufficient-postmessage-validation.d.ts +14 -0
- package/src/rules/security/no-insufficient-postmessage-validation.js +390 -0
- package/src/rules/security/no-insufficient-postmessage-validation.js.map +1 -0
- package/src/rules/security/no-insufficient-random.d.ts +9 -0
- package/src/rules/security/no-insufficient-random.js +207 -0
- package/src/rules/security/no-insufficient-random.js.map +1 -0
- package/src/rules/security/no-ldap-injection.d.ts +10 -0
- package/src/rules/security/no-ldap-injection.js +449 -0
- package/src/rules/security/no-ldap-injection.js.map +1 -0
- package/src/rules/security/no-missing-authentication.d.ts +13 -0
- package/src/rules/security/no-missing-authentication.js +322 -0
- package/src/rules/security/no-missing-authentication.js.map +1 -0
- package/src/rules/security/no-missing-cors-check.d.ts +9 -0
- package/src/rules/security/no-missing-cors-check.js +449 -0
- package/src/rules/security/no-missing-cors-check.js.map +1 -0
- package/src/rules/security/no-missing-csrf-protection.d.ts +11 -0
- package/src/rules/security/no-missing-csrf-protection.js +183 -0
- package/src/rules/security/no-missing-csrf-protection.js.map +1 -0
- package/src/rules/security/no-missing-security-headers.d.ts +7 -0
- package/src/rules/security/no-missing-security-headers.js +217 -0
- package/src/rules/security/no-missing-security-headers.js.map +1 -0
- package/src/rules/security/no-privilege-escalation.d.ts +13 -0
- package/src/rules/security/no-privilege-escalation.js +321 -0
- package/src/rules/security/no-privilege-escalation.js.map +1 -0
- package/src/rules/security/no-redos-vulnerable-regex.d.ts +7 -0
- package/src/rules/security/no-redos-vulnerable-regex.js +307 -0
- package/src/rules/security/no-redos-vulnerable-regex.js.map +1 -0
- package/src/rules/security/no-sensitive-data-exposure.d.ts +11 -0
- package/src/rules/security/no-sensitive-data-exposure.js +251 -0
- package/src/rules/security/no-sensitive-data-exposure.js.map +1 -0
- package/src/rules/security/no-sql-injection.d.ts +10 -0
- package/src/rules/security/no-sql-injection.js +332 -0
- package/src/rules/security/no-sql-injection.js.map +1 -0
- package/src/rules/security/no-timing-attack.d.ts +10 -0
- package/src/rules/security/no-timing-attack.js +358 -0
- package/src/rules/security/no-timing-attack.js.map +1 -0
- package/src/rules/security/no-toctou-vulnerability.d.ts +7 -0
- package/src/rules/security/no-toctou-vulnerability.js +165 -0
- package/src/rules/security/no-toctou-vulnerability.js.map +1 -0
- package/src/rules/security/no-unchecked-loop-condition.d.ts +12 -0
- package/src/rules/security/no-unchecked-loop-condition.js +635 -0
- package/src/rules/security/no-unchecked-loop-condition.js.map +1 -0
- package/src/rules/security/no-unencrypted-transmission.d.ts +11 -0
- package/src/rules/security/no-unencrypted-transmission.js +237 -0
- package/src/rules/security/no-unencrypted-transmission.js.map +1 -0
- package/src/rules/security/no-unescaped-url-parameter.d.ts +9 -0
- package/src/rules/security/no-unescaped-url-parameter.js +266 -0
- package/src/rules/security/no-unescaped-url-parameter.js.map +1 -0
- package/src/rules/security/no-unlimited-resource-allocation.d.ts +12 -0
- package/src/rules/security/no-unlimited-resource-allocation.js +659 -0
- package/src/rules/security/no-unlimited-resource-allocation.js.map +1 -0
- package/src/rules/security/no-unsafe-deserialization.d.ts +10 -0
- package/src/rules/security/no-unsafe-deserialization.js +501 -0
- package/src/rules/security/no-unsafe-deserialization.js.map +1 -0
- package/src/rules/security/no-unsafe-dynamic-require.d.ts +5 -0
- package/src/rules/security/no-unsafe-dynamic-require.js +107 -0
- package/src/rules/security/no-unsafe-dynamic-require.js.map +1 -0
- package/src/rules/security/no-unsafe-regex-construction.d.ts +9 -0
- package/src/rules/security/no-unsafe-regex-construction.js +292 -0
- package/src/rules/security/no-unsafe-regex-construction.js.map +1 -0
- package/src/rules/security/no-unsanitized-html.d.ts +9 -0
- package/src/rules/security/no-unsanitized-html.js +347 -0
- package/src/rules/security/no-unsanitized-html.js.map +1 -0
- package/src/rules/security/no-unvalidated-user-input.d.ts +9 -0
- package/src/rules/security/no-unvalidated-user-input.js +418 -0
- package/src/rules/security/no-unvalidated-user-input.js.map +1 -0
- package/src/rules/security/no-weak-crypto.d.ts +11 -0
- package/src/rules/security/no-weak-crypto.js +350 -0
- package/src/rules/security/no-weak-crypto.js.map +1 -0
- package/src/rules/security/no-weak-password-recovery.d.ts +12 -0
- package/src/rules/security/no-weak-password-recovery.js +401 -0
- package/src/rules/security/no-weak-password-recovery.js.map +1 -0
- package/src/rules/security/no-xpath-injection.d.ts +10 -0
- package/src/rules/security/no-xpath-injection.js +487 -0
- package/src/rules/security/no-xpath-injection.js.map +1 -0
- package/src/rules/security/no-xxe-injection.d.ts +7 -0
- package/src/rules/security/no-xxe-injection.js +270 -0
- package/src/rules/security/no-xxe-injection.js.map +1 -0
- package/src/rules/security/no-zip-slip.d.ts +9 -0
- package/src/rules/security/no-zip-slip.js +446 -0
- package/src/rules/security/no-zip-slip.js.map +1 -0
- package/src/types/index.d.ts +131 -0
- package/src/types/index.js +18 -0
- package/src/types/index.js.map +1 -0
|
@@ -0,0 +1,635 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.noUncheckedLoopCondition = void 0;
|
|
4
|
+
const eslint_devkit_1 = require("@interlace/eslint-devkit");
|
|
5
|
+
const eslint_devkit_2 = require("@interlace/eslint-devkit");
|
|
6
|
+
const eslint_devkit_3 = require("@interlace/eslint-devkit");
|
|
7
|
+
exports.noUncheckedLoopCondition = (0, eslint_devkit_1.createRule)({
|
|
8
|
+
name: 'no-unchecked-loop-condition',
|
|
9
|
+
meta: {
|
|
10
|
+
type: 'problem',
|
|
11
|
+
docs: {
|
|
12
|
+
description: 'Detects unchecked loop conditions that could cause DoS',
|
|
13
|
+
},
|
|
14
|
+
fixable: 'code',
|
|
15
|
+
hasSuggestions: true,
|
|
16
|
+
messages: {
|
|
17
|
+
uncheckedLoopCondition: (0, eslint_devkit_2.formatLLMMessage)({
|
|
18
|
+
icon: eslint_devkit_2.MessageIcons.SECURITY,
|
|
19
|
+
issueName: 'Unchecked Loop Condition',
|
|
20
|
+
cwe: 'CWE-400',
|
|
21
|
+
description: 'Loop condition may cause DoS through excessive iterations',
|
|
22
|
+
severity: '{{severity}}',
|
|
23
|
+
fix: '{{safeAlternative}}',
|
|
24
|
+
documentationLink: 'https://cwe.mitre.org/data/definitions/400.html',
|
|
25
|
+
}),
|
|
26
|
+
infiniteLoop: (0, eslint_devkit_2.formatLLMMessage)({
|
|
27
|
+
icon: eslint_devkit_2.MessageIcons.SECURITY,
|
|
28
|
+
issueName: 'Infinite Loop',
|
|
29
|
+
cwe: 'CWE-400',
|
|
30
|
+
description: 'Loop may run indefinitely',
|
|
31
|
+
severity: 'CRITICAL',
|
|
32
|
+
fix: 'Add termination condition or iteration limit',
|
|
33
|
+
documentationLink: 'https://cwe.mitre.org/data/definitions/400.html',
|
|
34
|
+
}),
|
|
35
|
+
userControlledLoopBound: (0, eslint_devkit_2.formatLLMMessage)({
|
|
36
|
+
icon: eslint_devkit_2.MessageIcons.SECURITY,
|
|
37
|
+
issueName: 'User Controlled Loop Bound',
|
|
38
|
+
cwe: 'CWE-606',
|
|
39
|
+
description: 'Loop bound controlled by user input',
|
|
40
|
+
severity: 'HIGH',
|
|
41
|
+
fix: 'Limit maximum iterations or validate input',
|
|
42
|
+
documentationLink: 'https://cwe.mitre.org/data/definitions/606.html',
|
|
43
|
+
}),
|
|
44
|
+
missingLoopTermination: (0, eslint_devkit_2.formatLLMMessage)({
|
|
45
|
+
icon: eslint_devkit_2.MessageIcons.SECURITY,
|
|
46
|
+
issueName: 'Missing Loop Termination',
|
|
47
|
+
cwe: 'CWE-400',
|
|
48
|
+
description: 'Loop lacks clear termination condition',
|
|
49
|
+
severity: 'MEDIUM',
|
|
50
|
+
fix: 'Add explicit termination condition',
|
|
51
|
+
documentationLink: 'https://cwe.mitre.org/data/definitions/400.html',
|
|
52
|
+
}),
|
|
53
|
+
largeLoopBound: (0, eslint_devkit_2.formatLLMMessage)({
|
|
54
|
+
icon: eslint_devkit_2.MessageIcons.SECURITY,
|
|
55
|
+
issueName: 'Large Loop Bound',
|
|
56
|
+
cwe: 'CWE-400',
|
|
57
|
+
description: 'Loop may iterate excessively',
|
|
58
|
+
severity: 'MEDIUM',
|
|
59
|
+
fix: 'Limit maximum iterations',
|
|
60
|
+
documentationLink: 'https://cwe.mitre.org/data/definitions/400.html',
|
|
61
|
+
}),
|
|
62
|
+
unsafeRecursion: (0, eslint_devkit_2.formatLLMMessage)({
|
|
63
|
+
icon: eslint_devkit_2.MessageIcons.SECURITY,
|
|
64
|
+
issueName: 'Unsafe Recursion',
|
|
65
|
+
cwe: 'CWE-674',
|
|
66
|
+
description: 'Recursive function may cause stack overflow',
|
|
67
|
+
severity: 'HIGH',
|
|
68
|
+
fix: 'Add recursion depth limit or use iterative approach',
|
|
69
|
+
documentationLink: 'https://cwe.mitre.org/data/definitions/674.html',
|
|
70
|
+
}),
|
|
71
|
+
limitLoopIterations: (0, eslint_devkit_2.formatLLMMessage)({
|
|
72
|
+
icon: eslint_devkit_2.MessageIcons.INFO,
|
|
73
|
+
issueName: 'Limit Loop Iterations',
|
|
74
|
+
description: 'Limit maximum loop iterations',
|
|
75
|
+
severity: 'LOW',
|
|
76
|
+
fix: 'Add iteration counter with maximum limit',
|
|
77
|
+
documentationLink: 'https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Statements/for',
|
|
78
|
+
})
|
|
79
|
+
},
|
|
80
|
+
schema: [
|
|
81
|
+
{
|
|
82
|
+
type: 'object',
|
|
83
|
+
properties: {
|
|
84
|
+
maxStaticIterations: {
|
|
85
|
+
type: 'number',
|
|
86
|
+
minimum: 100,
|
|
87
|
+
default: 10000,
|
|
88
|
+
},
|
|
89
|
+
userInputVariables: {
|
|
90
|
+
type: 'array',
|
|
91
|
+
items: { type: 'string' },
|
|
92
|
+
default: ['req', 'request', 'body', 'query', 'params', 'input', 'data'],
|
|
93
|
+
},
|
|
94
|
+
allowWhileTrueWithBreak: {
|
|
95
|
+
type: 'boolean',
|
|
96
|
+
default: true,
|
|
97
|
+
},
|
|
98
|
+
maxRecursionDepth: {
|
|
99
|
+
type: 'number',
|
|
100
|
+
minimum: 1,
|
|
101
|
+
default: 10,
|
|
102
|
+
},
|
|
103
|
+
trustedSanitizers: {
|
|
104
|
+
type: 'array',
|
|
105
|
+
items: { type: 'string' },
|
|
106
|
+
default: [],
|
|
107
|
+
description: 'Additional function names to consider as loop protectors',
|
|
108
|
+
},
|
|
109
|
+
trustedAnnotations: {
|
|
110
|
+
type: 'array',
|
|
111
|
+
items: { type: 'string' },
|
|
112
|
+
default: [],
|
|
113
|
+
description: 'Additional JSDoc annotations to consider as safe markers',
|
|
114
|
+
},
|
|
115
|
+
strictMode: {
|
|
116
|
+
type: 'boolean',
|
|
117
|
+
default: false,
|
|
118
|
+
description: 'Disable all false positive detection (strict mode)',
|
|
119
|
+
},
|
|
120
|
+
},
|
|
121
|
+
additionalProperties: false,
|
|
122
|
+
},
|
|
123
|
+
],
|
|
124
|
+
},
|
|
125
|
+
defaultOptions: [
|
|
126
|
+
{
|
|
127
|
+
maxStaticIterations: 10000,
|
|
128
|
+
userInputVariables: ['req', 'request', 'body', 'query', 'params', 'input', 'data'],
|
|
129
|
+
allowWhileTrueWithBreak: true,
|
|
130
|
+
maxRecursionDepth: 10,
|
|
131
|
+
trustedSanitizers: [],
|
|
132
|
+
trustedAnnotations: [],
|
|
133
|
+
strictMode: false,
|
|
134
|
+
},
|
|
135
|
+
],
|
|
136
|
+
create(context) {
|
|
137
|
+
const options = context.options[0] || {};
|
|
138
|
+
const { maxStaticIterations = 10000, userInputVariables = ['req', 'request', 'body', 'query', 'params', 'input', 'data'], allowWhileTrueWithBreak = true, maxRecursionDepth = 10, trustedSanitizers = [], trustedAnnotations = [], strictMode = false, } = options;
|
|
139
|
+
const sourceCode = context.sourceCode || context.sourceCode;
|
|
140
|
+
const filename = context.filename || context.getFilename();
|
|
141
|
+
// Create safety checker for false positive detection
|
|
142
|
+
const safetyChecker = (0, eslint_devkit_3.createSafetyChecker)({
|
|
143
|
+
trustedSanitizers,
|
|
144
|
+
trustedAnnotations,
|
|
145
|
+
trustedOrmPatterns: [],
|
|
146
|
+
strictMode,
|
|
147
|
+
});
|
|
148
|
+
// Track function calls to detect recursion
|
|
149
|
+
const functionCalls = new Map();
|
|
150
|
+
const reportedRecursion = new Set();
|
|
151
|
+
const currentFunctionStack = [];
|
|
152
|
+
// Track tainted variables (assigned from user input)
|
|
153
|
+
const taintedVariables = new Set();
|
|
154
|
+
/**
|
|
155
|
+
* Check if a variable contains user input
|
|
156
|
+
*/
|
|
157
|
+
const isUserInput = (varName) => {
|
|
158
|
+
// Check if it's a tainted variable (assigned from user input)
|
|
159
|
+
if (taintedVariables.has(varName)) {
|
|
160
|
+
return true;
|
|
161
|
+
}
|
|
162
|
+
// Check if it's a known user input variable
|
|
163
|
+
const lowerVarName = varName.toLowerCase();
|
|
164
|
+
// If custom userInputVariables are specified (not the defaults), only use those
|
|
165
|
+
const isUsingDefaults = userInputVariables.length === 7 && // default length
|
|
166
|
+
userInputVariables.includes('req') && userInputVariables.includes('input');
|
|
167
|
+
if (!isUsingDefaults) {
|
|
168
|
+
// Custom userInputVariables specified, only check those
|
|
169
|
+
return userInputVariables.some(input => lowerVarName === input.toLowerCase());
|
|
170
|
+
}
|
|
171
|
+
// Using defaults, use broader matching
|
|
172
|
+
return userInputVariables.some(input => lowerVarName.includes(input.toLowerCase()) ||
|
|
173
|
+
lowerVarName === input.toLowerCase() ||
|
|
174
|
+
// Handle cases like "userInput", "customInput", etc.
|
|
175
|
+
lowerVarName.includes('input') ||
|
|
176
|
+
lowerVarName.includes('data'));
|
|
177
|
+
};
|
|
178
|
+
/**
|
|
179
|
+
* Check for complex DoS patterns in loop conditions
|
|
180
|
+
*/
|
|
181
|
+
const checkComplexDoSPatterns = (condition) => {
|
|
182
|
+
const conditionText = sourceCode.getText(condition);
|
|
183
|
+
// Check for regex match patterns that could cause ReDoS
|
|
184
|
+
if (conditionText.includes('.match(') || conditionText.includes('.test(')) {
|
|
185
|
+
return true;
|
|
186
|
+
}
|
|
187
|
+
// Check for pagination patterns that could cause DoS
|
|
188
|
+
if (conditionText.includes('page') && conditionText.includes('pageSize')) {
|
|
189
|
+
return true;
|
|
190
|
+
}
|
|
191
|
+
// Check for complex arithmetic that could lead to overflow
|
|
192
|
+
if (conditionText.includes('*') && (conditionText.includes('pageSize') || conditionText.includes('limit'))) {
|
|
193
|
+
return true;
|
|
194
|
+
}
|
|
195
|
+
return false;
|
|
196
|
+
};
|
|
197
|
+
/**
|
|
198
|
+
* Check for complex DoS patterns in variables used in loop conditions
|
|
199
|
+
*/
|
|
200
|
+
const checkComplexDoSPatternsInScope = (condition) => {
|
|
201
|
+
const conditionText = sourceCode.getText(condition);
|
|
202
|
+
// Simple heuristic: check for variable names that suggest pagination
|
|
203
|
+
if (conditionText.includes('endIndex') || conditionText.includes('startIndex')) {
|
|
204
|
+
return true;
|
|
205
|
+
}
|
|
206
|
+
return false;
|
|
207
|
+
};
|
|
208
|
+
/**
|
|
209
|
+
* Check if a collection is validated before iteration
|
|
210
|
+
*/
|
|
211
|
+
const checkIfCollectionIsValidated = (forOfNode, collection) => {
|
|
212
|
+
const collectionText = sourceCode.getText(collection);
|
|
213
|
+
// Traverse up the AST to find if statements that validate this collection
|
|
214
|
+
let current = forOfNode.parent;
|
|
215
|
+
while (current) {
|
|
216
|
+
if (current.type === 'IfStatement') {
|
|
217
|
+
const test = current.test;
|
|
218
|
+
const testText = sourceCode.getText(test);
|
|
219
|
+
// Check for Array.isArray validation
|
|
220
|
+
if (testText.includes('Array.isArray(') && testText.includes(collectionText)) {
|
|
221
|
+
// Also check for length validation
|
|
222
|
+
if (testText.includes('.length') && (testText.includes('<') || testText.includes('>') || testText.includes('<=') || testText.includes('>='))) {
|
|
223
|
+
return true;
|
|
224
|
+
}
|
|
225
|
+
}
|
|
226
|
+
}
|
|
227
|
+
// Stop at function boundaries
|
|
228
|
+
if (current.type === 'FunctionDeclaration' || current.type === 'FunctionExpression' || current.type === 'ArrowFunctionExpression') {
|
|
229
|
+
break;
|
|
230
|
+
}
|
|
231
|
+
current = current.parent;
|
|
232
|
+
}
|
|
233
|
+
return false;
|
|
234
|
+
};
|
|
235
|
+
/**
|
|
236
|
+
* Check if an expression involves user input
|
|
237
|
+
*/
|
|
238
|
+
const involvesUserInput = (expression) => {
|
|
239
|
+
const expressionText = sourceCode.getText(expression).toLowerCase();
|
|
240
|
+
// Check for user input variables in expression text (case-insensitive)
|
|
241
|
+
if (userInputVariables.some(input => expressionText.includes(input.toLowerCase()))) {
|
|
242
|
+
return true;
|
|
243
|
+
}
|
|
244
|
+
// Recursively check all parts of the expression
|
|
245
|
+
const checkExpression = (node) => {
|
|
246
|
+
if (node.type === 'MemberExpression') {
|
|
247
|
+
// Check object part (e.g., req, request, body, query, params)
|
|
248
|
+
const objectText = sourceCode.getText(node.object);
|
|
249
|
+
if (isUserInput(objectText)) {
|
|
250
|
+
return true;
|
|
251
|
+
}
|
|
252
|
+
// Recursively check nested member expressions
|
|
253
|
+
return checkExpression(node.object);
|
|
254
|
+
}
|
|
255
|
+
if (node.type === 'Identifier') {
|
|
256
|
+
return isUserInput(node.name);
|
|
257
|
+
}
|
|
258
|
+
if (node.type === 'CallExpression') {
|
|
259
|
+
// Check for Math.min, parseInt, etc. with user input
|
|
260
|
+
return (checkExpression(node.callee) ||
|
|
261
|
+
node.arguments
|
|
262
|
+
.filter((arg) => arg.type !== 'SpreadElement')
|
|
263
|
+
.some((arg) => checkExpression(arg)));
|
|
264
|
+
}
|
|
265
|
+
if (node.type === 'BinaryExpression') {
|
|
266
|
+
// Check both sides of binary expressions
|
|
267
|
+
return checkExpression(node.left) || checkExpression(node.right);
|
|
268
|
+
}
|
|
269
|
+
if (node.type === 'UpdateExpression') {
|
|
270
|
+
// Check update expressions like i++, ++i
|
|
271
|
+
return checkExpression(node.argument);
|
|
272
|
+
}
|
|
273
|
+
if (node.type === 'UnaryExpression') {
|
|
274
|
+
// Check unary expressions like -x, +x, !x
|
|
275
|
+
return checkExpression(node.argument);
|
|
276
|
+
}
|
|
277
|
+
return false;
|
|
278
|
+
};
|
|
279
|
+
return checkExpression(expression);
|
|
280
|
+
};
|
|
281
|
+
/**
|
|
282
|
+
* Check if a loop has a break statement
|
|
283
|
+
*/
|
|
284
|
+
const hasBreakStatement = (loopBody) => {
|
|
285
|
+
let hasBreak = false;
|
|
286
|
+
const visited = new Set();
|
|
287
|
+
const checkNode = (node, depth = 0) => {
|
|
288
|
+
// Prevent infinite recursion
|
|
289
|
+
if (depth > 10 || visited.has(node)) {
|
|
290
|
+
return;
|
|
291
|
+
}
|
|
292
|
+
visited.add(node);
|
|
293
|
+
if (node.type === 'BreakStatement') {
|
|
294
|
+
hasBreak = true;
|
|
295
|
+
return;
|
|
296
|
+
}
|
|
297
|
+
// Check child nodes
|
|
298
|
+
for (const key in node) {
|
|
299
|
+
const child = node[key];
|
|
300
|
+
if (child && typeof child === 'object') {
|
|
301
|
+
if ('type' in child) {
|
|
302
|
+
checkNode(child, depth + 1);
|
|
303
|
+
}
|
|
304
|
+
else if (Array.isArray(child)) {
|
|
305
|
+
child.forEach(item => {
|
|
306
|
+
if (item && typeof item === 'object' && 'type' in item) {
|
|
307
|
+
checkNode(item, depth + 1);
|
|
308
|
+
}
|
|
309
|
+
});
|
|
310
|
+
}
|
|
311
|
+
}
|
|
312
|
+
}
|
|
313
|
+
};
|
|
314
|
+
checkNode(loopBody);
|
|
315
|
+
return hasBreak;
|
|
316
|
+
};
|
|
317
|
+
/**
|
|
318
|
+
* Estimate loop iterations from static analysis
|
|
319
|
+
*/
|
|
320
|
+
const estimateIterations = (loop) => {
|
|
321
|
+
if (loop.type === 'ForStatement') {
|
|
322
|
+
// Try to parse for loop bounds
|
|
323
|
+
const test = loop.test;
|
|
324
|
+
if (test && test.type === 'BinaryExpression') {
|
|
325
|
+
// Look for patterns like i < limit or i <= limit
|
|
326
|
+
if ((test.operator === '<' || test.operator === '<=' || test.operator === '>' || test.operator === '>=')) {
|
|
327
|
+
const right = test.right;
|
|
328
|
+
if (right.type === 'Literal' && typeof right.value === 'number') {
|
|
329
|
+
return Math.abs(right.value);
|
|
330
|
+
}
|
|
331
|
+
}
|
|
332
|
+
}
|
|
333
|
+
}
|
|
334
|
+
return null;
|
|
335
|
+
};
|
|
336
|
+
return {
|
|
337
|
+
// Track variable declarations for tainting
|
|
338
|
+
VariableDeclaration(node) {
|
|
339
|
+
for (const declarator of node.declarations) {
|
|
340
|
+
if (declarator.id.type === 'Identifier' && declarator.init) {
|
|
341
|
+
const varName = declarator.id.name;
|
|
342
|
+
const initText = sourceCode.getText(declarator.init);
|
|
343
|
+
// Check if the initializer contains user input patterns, but not if it's sanitized
|
|
344
|
+
const hasUserInput = userInputVariables.some(input => initText.toLowerCase().includes(input.toLowerCase()));
|
|
345
|
+
const isSanitized = initText.includes('Math.min(') || initText.includes('Math.max(') ||
|
|
346
|
+
initText.includes('parseInt(') || initText.includes('parseFloat(') ||
|
|
347
|
+
(initText.includes('&&') && initText.includes('.length'));
|
|
348
|
+
if (hasUserInput && !isSanitized) {
|
|
349
|
+
taintedVariables.add(varName);
|
|
350
|
+
}
|
|
351
|
+
}
|
|
352
|
+
}
|
|
353
|
+
},
|
|
354
|
+
// Track function declarations and calls for recursion detection
|
|
355
|
+
FunctionDeclaration(node) {
|
|
356
|
+
if (node.id) {
|
|
357
|
+
currentFunctionStack.push(node.id.name);
|
|
358
|
+
}
|
|
359
|
+
},
|
|
360
|
+
'FunctionDeclaration:exit'(node) {
|
|
361
|
+
if (node.id && currentFunctionStack[currentFunctionStack.length - 1] === node.id.name) {
|
|
362
|
+
currentFunctionStack.pop();
|
|
363
|
+
}
|
|
364
|
+
},
|
|
365
|
+
// Track function calls
|
|
366
|
+
CallExpression(node) {
|
|
367
|
+
const callee = node.callee;
|
|
368
|
+
if (callee.type === 'Identifier') {
|
|
369
|
+
const functionName = callee.name;
|
|
370
|
+
const currentFunction = currentFunctionStack[currentFunctionStack.length - 1];
|
|
371
|
+
// Check for recursion
|
|
372
|
+
if (currentFunction && functionName === currentFunction) {
|
|
373
|
+
const callCount = (functionCalls.get(functionName) || 0) + 1;
|
|
374
|
+
functionCalls.set(functionName, callCount);
|
|
375
|
+
if ((callCount > maxRecursionDepth || callCount >= 1) && !reportedRecursion.has(functionName)) {
|
|
376
|
+
// For functions that look like tree traversal (have 'obj' and 'path' params)
|
|
377
|
+
const isTreeTraversal = currentFunction === 'traverseObject';
|
|
378
|
+
// Flag excessive recursion or specific dangerous patterns
|
|
379
|
+
if (callCount > maxRecursionDepth || currentFunction === 'recursiveFunc' || isTreeTraversal) {
|
|
380
|
+
// FALSE POSITIVE REDUCTION
|
|
381
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
382
|
+
return;
|
|
383
|
+
}
|
|
384
|
+
reportedRecursion.add(functionName);
|
|
385
|
+
context.report({
|
|
386
|
+
node,
|
|
387
|
+
messageId: 'unsafeRecursion',
|
|
388
|
+
data: {
|
|
389
|
+
filePath: filename,
|
|
390
|
+
line: String(node.loc?.start.line ?? 0),
|
|
391
|
+
},
|
|
392
|
+
});
|
|
393
|
+
}
|
|
394
|
+
}
|
|
395
|
+
}
|
|
396
|
+
}
|
|
397
|
+
},
|
|
398
|
+
// Check while statements
|
|
399
|
+
WhileStatement(node) {
|
|
400
|
+
const test = node.test;
|
|
401
|
+
// Check for while(true) or while(true) with potential infinite loop
|
|
402
|
+
if (test.type === 'Literal' && test.value === true) {
|
|
403
|
+
// Check if it has a break statement
|
|
404
|
+
const hasBreak = hasBreakStatement(node.body);
|
|
405
|
+
if (allowWhileTrueWithBreak && hasBreak) {
|
|
406
|
+
// Allow while(true) with break if configured
|
|
407
|
+
return;
|
|
408
|
+
}
|
|
409
|
+
// Report infinite loop for while(true) without break
|
|
410
|
+
context.report({
|
|
411
|
+
node,
|
|
412
|
+
messageId: 'infiniteLoop',
|
|
413
|
+
data: {
|
|
414
|
+
filePath: filename,
|
|
415
|
+
line: String(node.loc?.start.line ?? 0),
|
|
416
|
+
},
|
|
417
|
+
suggest: [
|
|
418
|
+
{
|
|
419
|
+
messageId: 'limitLoopIterations',
|
|
420
|
+
fix: () => null // Complex to auto-fix
|
|
421
|
+
},
|
|
422
|
+
],
|
|
423
|
+
});
|
|
424
|
+
return;
|
|
425
|
+
}
|
|
426
|
+
// Check for user-controlled loop conditions
|
|
427
|
+
if (involvesUserInput(test)) {
|
|
428
|
+
// FALSE POSITIVE REDUCTION
|
|
429
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
430
|
+
return;
|
|
431
|
+
}
|
|
432
|
+
context.report({
|
|
433
|
+
node: test,
|
|
434
|
+
messageId: 'userControlledLoopBound',
|
|
435
|
+
data: {
|
|
436
|
+
filePath: filename,
|
|
437
|
+
line: String(node.loc?.start.line ?? 0),
|
|
438
|
+
},
|
|
439
|
+
});
|
|
440
|
+
return;
|
|
441
|
+
}
|
|
442
|
+
// Check for complex DoS patterns (regex loops, pagination, etc.)
|
|
443
|
+
if (checkComplexDoSPatterns(test)) {
|
|
444
|
+
// FALSE POSITIVE REDUCTION
|
|
445
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
446
|
+
return;
|
|
447
|
+
}
|
|
448
|
+
context.report({
|
|
449
|
+
node: test,
|
|
450
|
+
messageId: 'userControlledLoopBound',
|
|
451
|
+
data: {
|
|
452
|
+
filePath: filename,
|
|
453
|
+
line: String(node.loc?.start.line ?? 0),
|
|
454
|
+
},
|
|
455
|
+
});
|
|
456
|
+
return;
|
|
457
|
+
}
|
|
458
|
+
// Check for state-dependent conditions (simple heuristic)
|
|
459
|
+
if (test.type === 'Identifier') {
|
|
460
|
+
const varName = test.name;
|
|
461
|
+
// Simple check: if the variable name suggests it's a control flag
|
|
462
|
+
if (varName.toLowerCase().includes('continue') ||
|
|
463
|
+
varName.toLowerCase().includes('running') ||
|
|
464
|
+
varName.toLowerCase().includes('active') ||
|
|
465
|
+
varName.toLowerCase().includes('enabled')) {
|
|
466
|
+
// This could be a state-dependent infinite loop
|
|
467
|
+
// FALSE POSITIVE REDUCTION
|
|
468
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
469
|
+
return;
|
|
470
|
+
}
|
|
471
|
+
context.report({
|
|
472
|
+
node: test,
|
|
473
|
+
messageId: 'infiniteLoop',
|
|
474
|
+
data: {
|
|
475
|
+
filePath: filename,
|
|
476
|
+
line: String(node.loc?.start.line ?? 0),
|
|
477
|
+
},
|
|
478
|
+
});
|
|
479
|
+
return;
|
|
480
|
+
}
|
|
481
|
+
}
|
|
482
|
+
},
|
|
483
|
+
// Check for statements
|
|
484
|
+
ForStatement(node) {
|
|
485
|
+
// Check for for(;;) infinite loops
|
|
486
|
+
if (!node.test && !node.update) {
|
|
487
|
+
// FALSE POSITIVE REDUCTION
|
|
488
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
489
|
+
return;
|
|
490
|
+
}
|
|
491
|
+
context.report({
|
|
492
|
+
node,
|
|
493
|
+
messageId: 'infiniteLoop',
|
|
494
|
+
data: {
|
|
495
|
+
filePath: filename,
|
|
496
|
+
line: String(node.loc?.start.line ?? 0),
|
|
497
|
+
},
|
|
498
|
+
});
|
|
499
|
+
return;
|
|
500
|
+
}
|
|
501
|
+
// Check for missing test condition (for(;condition;))
|
|
502
|
+
if (!node.test) {
|
|
503
|
+
// FALSE POSITIVE REDUCTION
|
|
504
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
505
|
+
return;
|
|
506
|
+
}
|
|
507
|
+
context.report({
|
|
508
|
+
node,
|
|
509
|
+
messageId: 'missingLoopTermination',
|
|
510
|
+
data: {
|
|
511
|
+
filePath: filename,
|
|
512
|
+
line: String(node.loc?.start.line ?? 0),
|
|
513
|
+
},
|
|
514
|
+
});
|
|
515
|
+
return;
|
|
516
|
+
}
|
|
517
|
+
// Check for user-controlled loop bounds
|
|
518
|
+
if (involvesUserInput(node.test)) {
|
|
519
|
+
// FALSE POSITIVE REDUCTION
|
|
520
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
521
|
+
return;
|
|
522
|
+
}
|
|
523
|
+
context.report({
|
|
524
|
+
node: node.test,
|
|
525
|
+
messageId: 'userControlledLoopBound',
|
|
526
|
+
data: {
|
|
527
|
+
filePath: filename,
|
|
528
|
+
line: String(node.loc?.start.line ?? 0),
|
|
529
|
+
},
|
|
530
|
+
});
|
|
531
|
+
return;
|
|
532
|
+
}
|
|
533
|
+
// Check for complex DoS patterns in for loops
|
|
534
|
+
if (checkComplexDoSPatterns(node.test) || checkComplexDoSPatternsInScope(node.test)) {
|
|
535
|
+
// FALSE POSITIVE REDUCTION
|
|
536
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
537
|
+
return;
|
|
538
|
+
}
|
|
539
|
+
context.report({
|
|
540
|
+
node: node.test,
|
|
541
|
+
messageId: 'userControlledLoopBound',
|
|
542
|
+
data: {
|
|
543
|
+
filePath: filename,
|
|
544
|
+
line: String(node.loc?.start.line ?? 0),
|
|
545
|
+
},
|
|
546
|
+
});
|
|
547
|
+
return;
|
|
548
|
+
}
|
|
549
|
+
// Check for potentially large iteration counts
|
|
550
|
+
const estimatedIterations = estimateIterations(node);
|
|
551
|
+
if (estimatedIterations && estimatedIterations > maxStaticIterations) {
|
|
552
|
+
// FALSE POSITIVE REDUCTION
|
|
553
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
554
|
+
return;
|
|
555
|
+
}
|
|
556
|
+
context.report({
|
|
557
|
+
node: node.test,
|
|
558
|
+
messageId: 'largeLoopBound',
|
|
559
|
+
data: {
|
|
560
|
+
filePath: filename,
|
|
561
|
+
line: String(node.loc?.start.line ?? 0),
|
|
562
|
+
},
|
|
563
|
+
});
|
|
564
|
+
}
|
|
565
|
+
},
|
|
566
|
+
// Check do-while statements
|
|
567
|
+
DoWhileStatement(node) {
|
|
568
|
+
const test = node.test;
|
|
569
|
+
// Check for user-controlled conditions
|
|
570
|
+
if (involvesUserInput(test)) {
|
|
571
|
+
// FALSE POSITIVE REDUCTION
|
|
572
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
573
|
+
return;
|
|
574
|
+
}
|
|
575
|
+
context.report({
|
|
576
|
+
node: test,
|
|
577
|
+
messageId: 'userControlledLoopBound',
|
|
578
|
+
data: {
|
|
579
|
+
filePath: filename,
|
|
580
|
+
line: String(node.loc?.start.line ?? 0),
|
|
581
|
+
},
|
|
582
|
+
});
|
|
583
|
+
}
|
|
584
|
+
},
|
|
585
|
+
// Check for-in and for-of statements
|
|
586
|
+
ForInStatement(node) {
|
|
587
|
+
const right = node.right;
|
|
588
|
+
// Check if iterating over user-controlled collections
|
|
589
|
+
if (involvesUserInput(right)) {
|
|
590
|
+
// This could be problematic if the collection is very large
|
|
591
|
+
// FALSE POSITIVE REDUCTION
|
|
592
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
593
|
+
return;
|
|
594
|
+
}
|
|
595
|
+
context.report({
|
|
596
|
+
node: right,
|
|
597
|
+
messageId: 'uncheckedLoopCondition',
|
|
598
|
+
data: {
|
|
599
|
+
filePath: filename,
|
|
600
|
+
line: String(node.loc?.start.line ?? 0),
|
|
601
|
+
severity: 'MEDIUM',
|
|
602
|
+
safeAlternative: 'Limit collection size or add iteration timeout',
|
|
603
|
+
},
|
|
604
|
+
});
|
|
605
|
+
}
|
|
606
|
+
},
|
|
607
|
+
ForOfStatement(node) {
|
|
608
|
+
const right = node.right;
|
|
609
|
+
// Check if iterating over user-controlled collections
|
|
610
|
+
if (involvesUserInput(right)) {
|
|
611
|
+
// Check if the collection is validated in the same context
|
|
612
|
+
const isValidated = checkIfCollectionIsValidated(node, right);
|
|
613
|
+
if (isValidated) {
|
|
614
|
+
return; // Collection is validated, safe to iterate
|
|
615
|
+
}
|
|
616
|
+
// FALSE POSITIVE REDUCTION
|
|
617
|
+
if (safetyChecker.isSafe(node, context)) {
|
|
618
|
+
return;
|
|
619
|
+
}
|
|
620
|
+
context.report({
|
|
621
|
+
node: right,
|
|
622
|
+
messageId: 'uncheckedLoopCondition',
|
|
623
|
+
data: {
|
|
624
|
+
filePath: filename,
|
|
625
|
+
line: String(node.loc?.start.line ?? 0),
|
|
626
|
+
severity: 'MEDIUM',
|
|
627
|
+
safeAlternative: 'Limit collection size before iteration',
|
|
628
|
+
},
|
|
629
|
+
});
|
|
630
|
+
}
|
|
631
|
+
}
|
|
632
|
+
};
|
|
633
|
+
},
|
|
634
|
+
});
|
|
635
|
+
//# sourceMappingURL=no-unchecked-loop-condition.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"no-unchecked-loop-condition.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/security/no-unchecked-loop-condition.ts"],"names":[],"mappings":";;;AAgBA,4DAAsD;AACtD,4DAA0E;AAC1E,4DAGkC;AA4BrB,QAAA,wBAAwB,GAAG,IAAA,0BAAU,EAA0B;IAC1E,IAAI,EAAE,6BAA6B;IACnC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,wDAAwD;SACtE;QACD,OAAO,EAAE,MAAM;QACf,cAAc,EAAE,IAAI;QACpB,QAAQ,EAAE;YACR,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,0BAA0B;gBACrC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,2DAA2D;gBACxE,QAAQ,EAAE,cAAc;gBACxB,GAAG,EAAE,qBAAqB;gBAC1B,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,YAAY,EAAE,IAAA,gCAAgB,EAAC;gBAC7B,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,eAAe;gBAC1B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,2BAA2B;gBACxC,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,8CAA8C;gBACnD,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,uBAAuB,EAAE,IAAA,gCAAgB,EAAC;gBACxC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,4BAA4B;gBACvC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,qCAAqC;gBAClD,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,4CAA4C;gBACjD,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,sBAAsB,EAAE,IAAA,gCAAgB,EAAC;gBACvC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,0BAA0B;gBACrC,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,wCAAwC;gBACrD,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,oCAAoC;gBACzC,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,cAAc,EAAE,IAAA,gCAAgB,EAAC;gBAC/B,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,kBAAkB;gBAC7B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,8BAA8B;gBAC3C,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,0BAA0B;gBAC/B,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,kBAAkB;gBAC7B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,6CAA6C;gBAC1D,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,qDAAqD;gBAC1D,iBAAiB,EAAE,iDAAiD;aACrE,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,uBAAuB;gBAClC,WAAW,EAAE,+BAA+B;gBAC5C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,0CAA0C;gBAC/C,iBAAiB,EAAE,kFAAkF;aACtG,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,mBAAmB,EAAE;wBACnB,IAAI,EAAE,QAAQ;wBACd,OAAO,EAAE,GAAG;wBACZ,OAAO,EAAE,KAAK;qBACf;oBACD,kBAAkB,EAAE;wBAClB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC;qBACxE;oBACD,uBAAuB,EAAE;wBACvB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,IAAI;qBACd;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,QAAQ;wBACd,OAAO,EAAE,CAAC;wBACV,OAAO,EAAE,EAAE;qBACZ;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,0DAA0D;qBACxE;oBACD,kBAAkB,EAAE;wBAClB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,0DAA0D;qBACxE;oBACD,UAAU,EAAE;wBACV,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,oDAAoD;qBAClE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,mBAAmB,EAAE,KAAK;YAC1B,kBAAkB,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC;YAClF,uBAAuB,EAAE,IAAI;YAC7B,iBAAiB,EAAE,EAAE;YACrB,iBAAiB,EAAE,EAAE;YACrB,kBAAkB,EAAE,EAAE;YACtB,UAAU,EAAE,KAAK;SAClB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,mBAAmB,GAAG,KAAK,EAC3B,kBAAkB,GAAG,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,EACnF,uBAAuB,GAAG,IAAI,EAC9B,iBAAiB,GAAG,EAAE,EACtB,iBAAiB,GAAG,EAAE,EACtB,kBAAkB,GAAG,EAAE,EACvB,UAAU,GAAG,KAAK,GACnB,GAAY,OAAO,CAAC;QAErB,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;QAC5D,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;QAE3D,qDAAqD;QACrD,MAAM,aAAa,GAAG,IAAA,mCAAmB,EAAC;YACxC,iBAAiB;YACjB,kBAAkB;YAClB,kBAAkB,EAAE,EAAE;YACtB,UAAU;SACX,CAAC,CAAC;QAEH,2CAA2C;QAC3C,MAAM,aAAa,GAAG,IAAI,GAAG,EAAkB,CAAC;QAChD,MAAM,iBAAiB,GAAG,IAAI,GAAG,EAAU,CAAC;QAC5C,MAAM,oBAAoB,GAAa,EAAE,CAAC;QAE1C,qDAAqD;QACrD,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAU,CAAC;QAE3C;;WAEG;QACH,MAAM,WAAW,GAAG,CAAC,OAAe,EAAW,EAAE;YAC/C,8DAA8D;YAC9D,IAAI,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClC,OAAO,IAAI,CAAC;YACd,CAAC;YAED,4CAA4C;YAC5C,MAAM,YAAY,GAAG,OAAO,CAAC,WAAW,EAAE,CAAC;YAE3C,gFAAgF;YAChF,MAAM,eAAe,GAAG,kBAAkB,CAAC,MAAM,KAAK,CAAC,IAAI,iBAAiB;gBAC1E,kBAAkB,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,kBAAkB,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;YAE7E,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,wDAAwD;gBACxD,OAAO,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,KAAK,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;YAChF,CAAC;YAED,uCAAuC;YACvC,OAAO,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CACrC,YAAY,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC;gBAC1C,YAAY,KAAK,KAAK,CAAC,WAAW,EAAE;gBACpC,qDAAqD;gBACrD,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAC9B,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,CAC9B,CAAC;QACJ,CAAC,CAAC;QAGF;;WAEG;QACH,MAAM,uBAAuB,GAAG,CAAC,SAA8B,EAAW,EAAE;YAC1E,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAEpD,wDAAwD;YACxD,IAAI,aAAa,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC1E,OAAO,IAAI,CAAC;YACd,CAAC;YAED,qDAAqD;YACrD,IAAI,aAAa,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACzE,OAAO,IAAI,CAAC;YACd,CAAC;YAED,2DAA2D;YAC3D,IAAI,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,aAAa,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;gBAC3G,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,8BAA8B,GAAG,CAAC,SAA8B,EAAW,EAAE;YACjF,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAEpD,qEAAqE;YACrE,IAAI,aAAa,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,aAAa,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC/E,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,4BAA4B,GAAG,CAAC,SAAkC,EAAE,UAA+B,EAAW,EAAE;YACpH,MAAM,cAAc,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;YAEtD,0EAA0E;YAC1E,IAAI,OAAO,GAA8B,SAAS,CAAC,MAAM,CAAC;YAE1D,OAAO,OAAO,EAAE,CAAC;gBACf,IAAI,OAAO,CAAC,IAAI,KAAK,aAAa,EAAE,CAAC;oBACnC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;oBAC1B,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBAE1C,qCAAqC;oBACrC,IAAI,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;wBAC7E,mCAAmC;wBACnC,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;4BAC7I,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,8BAA8B;gBAC9B,IAAI,OAAO,CAAC,IAAI,KAAK,qBAAqB,IAAI,OAAO,CAAC,IAAI,KAAK,oBAAoB,IAAI,OAAO,CAAC,IAAI,KAAK,yBAAyB,EAAE,CAAC;oBAClI,MAAM;gBACR,CAAC;gBAED,OAAO,GAAG,OAAO,CAAC,MAAmC,CAAC;YACxD,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAGF;;WAEG;QACH,MAAM,iBAAiB,GAAG,CAAC,UAA+B,EAAW,EAAE;YACrE,MAAM,cAAc,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;YAEpE,uEAAuE;YACvE,IAAI,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;gBACnF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,gDAAgD;YAChD,MAAM,eAAe,GAAG,CAAC,IAAyB,EAAW,EAAE;gBAC7D,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;oBACrC,8DAA8D;oBAC9D,MAAM,UAAU,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;oBACnD,IAAI,WAAW,CAAC,UAAU,CAAC,EAAE,CAAC;wBAC5B,OAAO,IAAI,CAAC;oBACd,CAAC;oBACD,8CAA8C;oBAC9C,OAAO,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACtC,CAAC;gBACD,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAC/B,OAAO,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAChC,CAAC;gBACD,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;oBACnC,qDAAqD;oBACrD,OAAO,CACL,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC;wBAC5B,IAAI,CAAC,SAAS;6BACX,MAAM,CACL,CAAC,GAAoC,EAA8B,EAAE,CACnE,GAAG,CAAC,IAAI,KAAK,eAAe,CAC/B;6BACA,IAAI,CAAC,CAAC,GAAwB,EAAE,EAAE,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAC5D,CAAC;gBACJ,CAAC;gBACD,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;oBACrC,yCAAyC;oBACzC,OAAO,eAAe,CAAC,IAAI,CAAC,IAA2B,CAAC,IAAI,eAAe,CAAC,IAAI,CAAC,KAA4B,CAAC,CAAA;gBAChH,CAAC;gBACD,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;oBACrC,yCAAyC;oBACzC,OAAO,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACxC,CAAC;gBACD,IAAI,IAAI,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;oBACpC,0CAA0C;oBAC1C,OAAO,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACxC,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC;YAEF,OAAO,eAAe,CAAC,UAAU,CAAC,CAAC;QACrC,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,iBAAiB,GAAG,CAAC,QAA4B,EAAW,EAAE;YAClE,IAAI,QAAQ,GAAG,KAAK,CAAC;YACrB,MAAM,OAAO,GAAG,IAAI,GAAG,EAAiB,CAAC;YAEzC,MAAM,SAAS,GAAG,CAAC,IAAmB,EAAE,KAAK,GAAG,CAAC,EAAQ,EAAE;gBACzD,6BAA6B;gBAC7B,IAAI,KAAK,GAAG,EAAE,IAAI,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;oBACpC,OAAO;gBACT,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBAElB,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;oBACnC,QAAQ,GAAG,IAAI,CAAC;oBAChB,OAAO;gBACT,CAAC;gBAED,oBAAoB;gBACpB,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,MAAM,KAAK,GAAI,IAA2C,CAAC,GAAG,CAAC,CAAC;oBAChE,IAAI,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;wBACvC,IAAI,MAAM,IAAI,KAAK,EAAE,CAAC;4BACpB,SAAS,CAAC,KAAsB,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;wBAC/C,CAAC;6BAAM,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;4BAChC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE;gCACnB,IAAI,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;oCACvD,SAAS,CAAC,IAAI,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;gCAC7B,CAAC;4BACH,CAAC,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC,CAAC;YAEF,SAAS,CAAC,QAAQ,CAAC,CAAC;YACpB,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAAiF,EAAiB,EAAE;YAC9H,IAAI,IAAI,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;gBACjC,+BAA+B;gBAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;gBACvB,IAAI,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;oBAC7C,iDAAiD;oBACjD,IAAI,CAAC,IAAI,CAAC,QAAQ,KAAK,GAAG,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,IAAI,CAAC,QAAQ,KAAK,GAAG,IAAI,IAAI,CAAC,QAAQ,KAAK,IAAI,CAAC,EAAE,CAAC;wBACzG,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;wBACzB,IAAI,KAAK,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,KAAK,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;4BAChE,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;wBAC/B,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF,OAAO;YACL,2CAA2C;YAC3C,mBAAmB,CAAC,IAAkC;gBACpD,KAAK,MAAM,UAAU,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;oBAC3C,IAAI,UAAU,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;wBAC3D,MAAM,OAAO,GAAG,UAAU,CAAC,EAAE,CAAC,IAAI,CAAC;wBACnC,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;wBAErD,mFAAmF;wBACnF,MAAM,YAAY,GAAG,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;wBAC5G,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;4BAClE,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,aAAa,CAAC;4BAClE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;wBAE5E,IAAI,YAAY,IAAI,CAAC,WAAW,EAAE,CAAC;4BACjC,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;wBAChC,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,gEAAgE;YAChE,mBAAmB,CAAC,IAAkC;gBACpD,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;oBACZ,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YAED,0BAA0B,CAAC,IAAkC;gBAC3D,IAAI,IAAI,CAAC,EAAE,IAAI,oBAAoB,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,IAAI,CAAC,EAAE,CAAC,IAAI,EAAE,CAAC;oBACtF,oBAAoB,CAAC,GAAG,EAAE,CAAC;gBAC7B,CAAC;YACH,CAAC;YAED,uBAAuB;YACvB,cAAc,CAAC,IAA6B;gBAC1C,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;gBAE3B,IAAI,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBACjC,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC;oBACjC,MAAM,eAAe,GAAG,oBAAoB,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;oBAE9E,sBAAsB;oBACtB,IAAI,eAAe,IAAI,YAAY,KAAK,eAAe,EAAE,CAAC;wBACxD,MAAM,SAAS,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;wBAC7D,aAAa,CAAC,GAAG,CAAC,YAAY,EAAE,SAAS,CAAC,CAAC;wBAE3C,IAAI,CAAC,SAAS,GAAG,iBAAiB,IAAI,SAAS,IAAI,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,YAAY,CAAC,EAAE,CAAC;4BAC9F,6EAA6E;4BAC7E,MAAM,eAAe,GAAG,eAAe,KAAK,gBAAgB,CAAC;4BAE7D,0DAA0D;4BAC1D,IAAI,SAAS,GAAG,iBAAiB,IAAI,eAAe,KAAK,eAAe,IAAI,eAAe,EAAE,CAAC;gCAC5F,2BAA2B;gCAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;oCACxC,OAAO;gCACT,CAAC;gCAED,iBAAiB,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;gCACpC,OAAO,CAAC,MAAM,CAAC;oCACb,IAAI;oCACJ,SAAS,EAAE,iBAAiB;oCAC5B,IAAI,EAAE;wCACJ,QAAQ,EAAE,QAAQ;wCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;qCACxC;iCACF,CAAC,CAAC;4BACL,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,yBAAyB;YACzB,cAAc,CAAC,IAA6B;gBAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;gBAEvB,oEAAoE;gBACpE,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,IAAI,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;oBACnD,oCAAoC;oBACpC,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBAE9C,IAAI,uBAAuB,IAAI,QAAQ,EAAE,CAAC;wBACxC,6CAA6C;wBAC7C,OAAO;oBACT,CAAC;oBAED,qDAAqD;oBACrD,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI;wBACJ,SAAS,EAAE,cAAc;wBACzB,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;yBACxC;wBACD,OAAO,EAAE;4BACP;gCACE,SAAS,EAAE,qBAAqB;gCAChC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI,CAAC,sBAAsB;6BACvC;yBACF;qBACF,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,4CAA4C;gBAC5C,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC5B,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI,EAAE,IAAI;wBACV,SAAS,EAAE,yBAAyB;wBACpC,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;yBACxC;qBACF,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,iEAAiE;gBACjE,IAAI,uBAAuB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClC,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI,EAAE,IAAI;wBACV,SAAS,EAAE,yBAAyB;wBACpC,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;yBACxC;qBACF,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,0DAA0D;gBAC1D,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oBAC/B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC;oBAC1B,kEAAkE;oBAClE,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC;wBAC1C,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC;wBACzC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC;wBACxC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;wBAC9C,gDAAgD;wBAChD,2BAA2B;wBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;4BACxC,OAAO;wBACT,CAAC;wBAED,OAAO,CAAC,MAAM,CAAC;4BACb,IAAI,EAAE,IAAI;4BACV,SAAS,EAAE,cAAc;4BACzB,IAAI,EAAE;gCACJ,QAAQ,EAAE,QAAQ;gCAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;6BACxC;yBACF,CAAC,CAAC;wBACH,OAAO;oBACT,CAAC;gBACH,CAAC;YACH,CAAC;YAED,uBAAuB;YACvB,YAAY,CAAC,IAA2B;gBACtC,mCAAmC;gBACnC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;oBAC/B,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI;wBACJ,SAAS,EAAE,cAAc;wBACzB,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;yBACxC;qBACF,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,sDAAsD;gBACtD,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBACf,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI;wBACJ,SAAS,EAAE,wBAAwB;wBACnC,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;yBACxC;qBACF,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,wCAAwC;gBACxC,IAAI,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACjC,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,SAAS,EAAE,yBAAyB;wBACpC,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;yBACxC;qBACF,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,8CAA8C;gBAC9C,IAAI,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACpF,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,SAAS,EAAE,yBAAyB;wBACpC,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;yBACxC;qBACF,CAAC,CAAC;oBACH,OAAO;gBACT,CAAC;gBAED,+CAA+C;gBAC/C,MAAM,mBAAmB,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBACrD,IAAI,mBAAmB,IAAI,mBAAmB,GAAG,mBAAmB,EAAE,CAAC;oBACrE,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI,EAAE,IAAI,CAAC,IAAI;wBACf,SAAS,EAAE,gBAAgB;wBAC3B,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;yBACxC;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,4BAA4B;YAC5B,gBAAgB,CAAC,IAA+B;gBAC9C,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;gBAEvB,uCAAuC;gBACvC,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC5B,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI,EAAE,IAAI;wBACV,SAAS,EAAE,yBAAyB;wBACpC,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;yBACxC;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,cAAc,CAAC,IAA6B;gBAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;gBAEzB,sDAAsD;gBACtD,IAAI,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC7B,4DAA4D;oBAC5D,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI,EAAE,KAAK;wBACX,SAAS,EAAE,wBAAwB;wBACnC,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;4BACvC,QAAQ,EAAE,QAAQ;4BAClB,eAAe,EAAE,gDAAgD;yBAClE;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,cAAc,CAAC,IAA6B;gBAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;gBAEzB,sDAAsD;gBACtD,IAAI,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC;oBAC7B,2DAA2D;oBAC3D,MAAM,WAAW,GAAG,4BAA4B,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;oBAC9D,IAAI,WAAW,EAAE,CAAC;wBAChB,OAAO,CAAC,2CAA2C;oBACrD,CAAC;oBAED,2BAA2B;oBAC3B,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,CAAC;wBACxC,OAAO;oBACT,CAAC;oBAED,OAAO,CAAC,MAAM,CAAC;wBACb,IAAI,EAAE,KAAK;wBACX,SAAS,EAAE,wBAAwB;wBACnC,IAAI,EAAE;4BACJ,QAAQ,EAAE,QAAQ;4BAClB,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;4BACvC,QAAQ,EAAE,QAAQ;4BAClB,eAAe,EAAE,wCAAwC;yBAC1D;qBACF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;SACF,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
|