eslint-plugin-secure-coding 2.2.4 → 2.2.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +33 -1
- package/package.json +1 -1
- package/src/rules/detect-child-process/index.js +5 -5
- package/src/rules/detect-child-process/index.js.map +1 -1
- package/src/rules/detect-non-literal-fs-filename/index.js +62 -18
- package/src/rules/detect-non-literal-fs-filename/index.js.map +1 -1
- package/src/rules/detect-object-injection/index.js +75 -28
- package/src/rules/detect-object-injection/index.js.map +1 -1
- package/src/rules/no-buffer-overread/index.d.ts +16 -1
- package/src/rules/no-buffer-overread/index.js +96 -83
- package/src/rules/no-buffer-overread/index.js.map +1 -1
- package/src/rules/no-missing-csrf-protection/index.js +8 -5
- package/src/rules/no-missing-csrf-protection/index.js.map +1 -1
- package/src/rules/no-timing-attack/index.js +36 -19
- package/src/rules/no-timing-attack/index.js.map +1 -1
- package/src/rules/no-unlimited-resource-allocation/index.js +18 -0
- package/src/rules/no-unlimited-resource-allocation/index.js.map +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,10 +1,42 @@
|
|
|
1
|
-
# Changelog
|
|
1
|
+
nx# Changelog
|
|
2
2
|
|
|
3
3
|
All notable changes to this project will be documented in this file.
|
|
4
4
|
|
|
5
5
|
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
|
6
6
|
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
|
|
7
7
|
|
|
8
|
+
## [3.0.2] - 2025-12-20
|
|
9
|
+
|
|
10
|
+
### Performance
|
|
11
|
+
|
|
12
|
+
- **detect-object-injection**: Replaced `getText()` + regex with AST-based validation (~4x faster)
|
|
13
|
+
- **detect-non-literal-fs-filename**: Replaced `getText()` + regex with AST-based validation
|
|
14
|
+
- **no-timing-attack**: Set-based O(1) lookups for sensitive variables and auth patterns
|
|
15
|
+
- **no-buffer-overread**: Set-based O(1) lookups for buffer methods and user-controlled keywords
|
|
16
|
+
- **no-missing-csrf-protection**: Set-based O(1) lookups for protected HTTP methods
|
|
17
|
+
- **detect-child-process**: Set-based O(1) lookups for dangerous child_process methods
|
|
18
|
+
|
|
19
|
+
## [3.0.1] - 2025-12-20
|
|
20
|
+
|
|
21
|
+
### Fixed
|
|
22
|
+
|
|
23
|
+
- **detect-object-injection**: Reduced false positives by detecting validation patterns:
|
|
24
|
+
- `includes()` checks in enclosing if-blocks
|
|
25
|
+
- `hasOwnProperty()` / `Object.hasOwn()` / `in` operator checks
|
|
26
|
+
- Preceding guard clauses with early exit (`if (!valid) throw`)
|
|
27
|
+
- Numeric index access (`items[0]`, `items[1]`) now recognized as safe
|
|
28
|
+
- **detect-non-literal-fs-filename**: Allow safe path patterns:
|
|
29
|
+
- `path.join(__dirname, ...literals)` with all literal arguments
|
|
30
|
+
- Paths validated with `startsWith()` checks (both inside if-blocks and after guard clauses)
|
|
31
|
+
- **no-timing-attack**: Skip false positives in timing-safe contexts:
|
|
32
|
+
- Length comparisons before `crypto.timingSafeEqual()`
|
|
33
|
+
- Early returns inside functions using `timingSafeEqual`
|
|
34
|
+
- Fixed file-level sensitive variable detection to be function-scoped
|
|
35
|
+
- **no-unsanitized-html**: Track sanitized variables:
|
|
36
|
+
- Variables assigned from `DOMPurify.sanitize()` now recognized as safe
|
|
37
|
+
- **no-unlimited-resource-allocation**: Allow safe static paths:
|
|
38
|
+
- `fs.readFileSync(path.join(__dirname, ...literals))` patterns now recognized as safe
|
|
39
|
+
|
|
8
40
|
## [3.0.0] - 2025-12-14
|
|
9
41
|
|
|
10
42
|
### Added
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "eslint-plugin-secure-coding",
|
|
3
|
-
"version": "2.2.
|
|
3
|
+
"version": "2.2.6",
|
|
4
4
|
"description": "Security-focused ESLint plugin with 89 AI-parseable rules for detecting and preventing vulnerabilities. OWASP Top 10 2021 + Mobile Top 10 2024 coverage, CWE references, and AI-assisted fix guidance.",
|
|
5
5
|
"type": "commonjs",
|
|
6
6
|
"main": "./src/index.js",
|
|
@@ -243,9 +243,9 @@ exports.detectChildProcess = (0, eslint_devkit_2.createRule)({
|
|
|
243
243
|
const options = context.options[0] || {};
|
|
244
244
|
const { allowLiteralStrings = false, allowLiteralSpawn = false, additionalMethods = [], } = options || {};
|
|
245
245
|
/**
|
|
246
|
-
* Child process methods that can be dangerous
|
|
246
|
+
* Child process methods that can be dangerous (Set for O(1) lookup)
|
|
247
247
|
*/
|
|
248
|
-
const
|
|
248
|
+
const dangerousMethodsSet = new Set([
|
|
249
249
|
'exec',
|
|
250
250
|
'execSync',
|
|
251
251
|
'execFile',
|
|
@@ -255,7 +255,7 @@ exports.detectChildProcess = (0, eslint_devkit_2.createRule)({
|
|
|
255
255
|
'fork',
|
|
256
256
|
'forkSync',
|
|
257
257
|
...additionalMethods
|
|
258
|
-
];
|
|
258
|
+
]);
|
|
259
259
|
/**
|
|
260
260
|
* Track imported child_process identifiers so we can flag calls like
|
|
261
261
|
* `exec()` or `cp.exec()` in addition to `child_process.exec()`.
|
|
@@ -397,7 +397,7 @@ exports.detectChildProcess = (0, eslint_devkit_2.createRule)({
|
|
|
397
397
|
if (node.callee.type === 'MemberExpression' &&
|
|
398
398
|
node.callee.property.type === 'Identifier') {
|
|
399
399
|
const methodName = node.callee.property.name;
|
|
400
|
-
if (!
|
|
400
|
+
if (!dangerousMethodsSet.has(methodName)) {
|
|
401
401
|
return null;
|
|
402
402
|
}
|
|
403
403
|
// child_process.exec(...) or alias.exec(...)
|
|
@@ -407,7 +407,7 @@ exports.detectChildProcess = (0, eslint_devkit_2.createRule)({
|
|
|
407
407
|
}
|
|
408
408
|
}
|
|
409
409
|
// exec(...) when imported directly from child_process
|
|
410
|
-
if (node.callee.type === 'Identifier' &&
|
|
410
|
+
if (node.callee.type === 'Identifier' && dangerousMethodsSet.has(node.callee.name)) {
|
|
411
411
|
if (importedMethods.has(node.callee.name)) {
|
|
412
412
|
return { method: node.callee.name, calleeNode: node.callee };
|
|
413
413
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/detect-child-process/index.ts"],"names":[],"mappings":";;;AASA,4DAA0E;AAC1E,4DAAsD;AAyCtD,MAAM,gBAAgB,GAAqB;IACzC;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,UAAU,EAAE,OAAO,CAAC;QACvC,OAAO,EAAE;YACP,GAAG,EAAE,8BAA8B;YACnC,IAAI,EAAE;gBACJ,yDAAyD;gBACzD,sDAAsD;aACvD;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE;gBACJ,mEAAmE;gBACnE,gEAAgE;aACjE;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,OAAO;QACf,SAAS,EAAE,KAAK;QAChB,aAAa,EAAE,oBAAoB;QACnC,gBAAgB,EAAE,CAAC,uBAAuB,CAAC;QAC3C,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE;gBACJ,wDAAwD;gBACxD,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE;YACP,GAAG,EAAE,2CAA2C;YAChD,IAAI,EAAE;gBACJ,wDAAwD;gBACxD,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,cAAc;QACtB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,OAAO,EAAE;YACP,GAAG,EAAE,qCAAqC;YAC1C,IAAI,EAAE;gBACJ,4DAA4D;gBAC5D,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,KAAK;QAChB,aAAa,EAAE,oBAAoB;QACnC,gBAAgB,EAAE,CAAC,2BAA2B,CAAC;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,4CAA4C;YACjD,IAAI,EAAE;gBACJ,4DAA4D;gBAC5D,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE;YACP,GAAG,EAAE,kBAAkB;YACvB,IAAI,EAAE;gBACJ,oDAAoD;gBACpD,+BAA+B;aAChC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,OAAO,EAAE;YACP,GAAG,EAAE,sBAAsB;YAC3B,IAAI,EAAE;gBACJ,4EAA4E;gBAC5E,+BAA+B;aAChC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;CACF,CAAC;AAEW,QAAA,kBAAkB,GAAG,IAAA,0BAAU,EAA0B;IACpE,IAAI,EAAE,sBAAsB;IAC5B,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,8DAA8D;SAC5E;QACD,QAAQ,EAAE;YACR,8EAA8E;YAC9E,4BAA4B,EAAE,IAAA,gCAAgB,EAAC;gBAC7C,IAAI,EAAE,4BAAY,CAAC,OAAO;gBAC1B,SAAS,EAAE,mBAAmB;gBAC9B,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,4BAA4B;gBACzC,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,WAAW,EAAE,IAAA,gCAAgB,EAAC;gBAC5B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,cAAc;gBACzB,WAAW,EAAE,oCAAoC;gBACjD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,2FAA2F;aAC/G,CAAC;YACF,QAAQ,EAAE,IAAA,gCAAgB,EAAC;gBACzB,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,WAAW;gBACtB,WAAW,EAAE,qCAAqC;gBAClD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4CAA4C;gBACjD,iBAAiB,EAAE,kFAAkF;aACtG,CAAC;YACF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uCAAuC;gBAC5C,iBAAiB,EAAE,uCAAuC;aAC3D,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,eAAe;gBAC1B,WAAW,EAAE,yBAAyB;gBACtC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kDAAkD;gBACvD,iBAAiB,EAAE,iFAAiF;aACrG,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,gCAAgC;gBAC7C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mDAAmD;gBACxD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,gDAAgD;gBACrD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,sCAAsC;gBACnD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,wCAAwC;gBAC7C,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,mBAAmB,EAAE;wBACnB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,mCAAmC;qBACjD;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,sCAAsC;qBACpD;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,2CAA2C;qBACzD;oBACD,QAAQ,EAAE;wBACR,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,CAAC;wBAClD,OAAO,EAAE,MAAM;wBACf,WAAW,EAAE,gEAAgE;qBAC9E;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,mBAAmB,EAAE,KAAK;YAC1B,iBAAiB,EAAE,KAAK;YACxB,iBAAiB,EAAE,EAAE;YACrB,QAAQ,EAAE,MAAM;SACjB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,mBAAmB,GAAG,KAAK,EAC3B,iBAAiB,GAAG,KAAK,EACzB,iBAAiB,GAAG,EAAE,GACvB,GAAY,OAAO,IAAI,EAAE,CAAC;QAE3B;;WAEG;QACH,MAAM,gBAAgB,GAAG;YACvB,MAAM;YACN,UAAU;YACV,UAAU;YACV,cAAc;YACd,OAAO;YACP,WAAW;YACX,MAAM;YACN,UAAU;YACV,GAAG,iBAAiB;SACrB,CAAC;QAEF;;;WAGG;QACH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAS,CAAC,eAAe,CAAC,CAAC,CAAC;QACzD,MAAM,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;QAE1C;;WAEG;QACH,MAAM,sBAAsB,GAAG,CAAC,IAAmB,EAAW,EAAE;YAC9D,IAAI,IAAI,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;gBACpC,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;YACrC,CAAC;YAED,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB,IAAI,IAAI,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;gBAC9D,OAAO,IAAI,CAAC;YACd,CAAC;YAED,gCAAgC;YAChC,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/B,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAAqB,EAAW,EAAE;YAC5D,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CACtB,GAAG,CAAC,IAAI,KAAK,SAAS;gBACtB,CAAC,GAAG,CAAC,IAAI,KAAK,iBAAiB;oBAC9B,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAwB,EAAE,EAAE,CAAC,EAAE,EAAE,IAAI,KAAK,SAAS,CAAC,CAAC,CAC3E,CAAC;QACJ,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAA6B,EAKvD,EAAE;YACF,IAAI,MAAM,GAAG,SAAS,CAAC;YACvB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/C,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACrC,CAAC;iBAAM,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC7C,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;YAC5B,CAAC;YAED,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAC5D,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAkB,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAE5F,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC;YAExE,6CAA6C;YAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,GAAkB,EAAE,EAAE,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC;YAE3F,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QAC9C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,OAAuB,EAAU,EAAE;YACnE,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC;gBACvB,KAAK,MAAM,CAAC;gBACZ,KAAK,UAAU;oBACb,OAAO;wBACL,iDAAiD;wBACjD,gEAAgE;wBAChE,iEAAiE;wBACjE,6CAA6C;wBAC7C,wDAAwD;qBACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,OAAO;oBACV,OAAO;wBACL,+DAA+D;wBAC/D,iDAAiD;wBACjD,qDAAqD;wBACrD,iDAAiD;wBACjD,4DAA4D;qBAC7D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,UAAU;oBACb,OAAO;wBACL,2DAA2D;wBAC3D,8CAA8C;wBAC9C,+CAA+C;wBAC/C,iCAAiC;wBACjC,oCAAoC;qBACrC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,cAAc;oBACjB,OAAO;wBACL,mEAAmE;wBACnE,8CAA8C;wBAC9C,+CAA+C;wBAC/C,iCAAiC;wBACjC,oCAAoC;qBACrC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,WAAW;oBACd,OAAO;wBACL,+DAA+D;wBAC/D,iDAAiD;wBACjD,qDAAqD;wBACrD,iDAAiD;wBACjD,6CAA6C;qBAC9C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,MAAM;oBACT,OAAO;wBACL,uDAAuD;wBACvD,mDAAmD;wBACnD,0DAA0D;wBAC1D,iCAAiC;wBACjC,kEAAkE;qBACnE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,UAAU;oBACb,OAAO;wBACL,+DAA+D;wBAC/D,mDAAmD;wBACnD,8DAA8D;wBAC9D,yDAAyD;wBACzD,sEAAsE;qBACvE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf;oBACE,OAAO;wBACL,oDAAoD;wBACpD,+CAA+C;wBAC/C,2DAA2D;wBAC3D,0CAA0C;wBAC1C,kCAAkC;qBACnC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,OAA8B,EAAE,SAAkB,EAAkC,EAAE;YAChH,IAAI,OAAO,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC;gBACpC,OAAO,UAAU,CAAC;YACpB,CAAC;YACD,IAAI,OAAO,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC;gBACpC,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAC1B,IAA6B,EACyB,EAAE;YACxD,0BAA0B;YAC1B,IACE,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAC1C,CAAC;gBACD,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAC7C,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC3C,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,6CAA6C;gBAC7C,IACE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACxC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAC1C,CAAC;oBACD,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACzD,CAAC;YACH,CAAC;YAED,sDAAsD;YACtD,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,IAAI,gBAAgB,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrF,IAAI,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1C,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;gBAC/D,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,IAA6B,EAAE,EAAE;YAC9D,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO;YACT,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;YAEtE,sCAAsC;YACtC,IAAI,mBAAmB,IAAI,MAAM,KAAK,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC3D,OAAO;YACT,CAAC;YAED,oCAAoC;YACpC,IAAI,iBAAiB,IAAI,MAAM,KAAK,OAAO,IAAI,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAClF,OAAO;YACT,CAAC;YAED,4BAA4B;YAC5B,MAAM,SAAS,GAAG,kBAAkB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YACzD,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,qCAAqC,CAAC;YAClG,MAAM,YAAY,GAAG,OAAO,EAAE,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,iCAAiC,CAAC;YAE/F,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,8BAA8B;gBACzC,IAAI,EAAE;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,mBAAmB;oBAC5D,YAAY;oBACZ,KAAK;oBACL,MAAM,EAAE,OAAO,EAAE,MAAM,IAAI,eAAe;iBAC3C;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,aAAa;wBACxB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,UAAU;wBACrB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,iBAAiB;wBAC5B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,uBAAuB,GAAG,CAAC,IAAgC,EAAE,EAAE;YACnE,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,KAAK,eAAe,EAAE,CAAC;gBAC1C,OAAO;YACT,CAAC;YAED,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACxC,IAAI,SAAS,CAAC,IAAI,KAAK,wBAAwB,IAAI,SAAS,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;oBACjG,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC1C,CAAC;gBAED,IAAI,SAAS,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;oBACzC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,IAAiC,EAAE,EAAE;YACrE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACf,OAAO;YACT,CAAC;YAED,uCAAuC;YACvC,IACE,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY;gBAC7B,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,gBAAgB;gBACnC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;gBACnC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS;gBACzC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,eAAe,EAChD,CAAC;gBACD,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;gBAChC,OAAO;YACT,CAAC;YAED,6CAA6C;YAC7C,IACE,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,eAAe;gBAChC,IAAI,CAAC,IAAI,EAAE,IAAI,KAAK,gBAAgB;gBACpC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;gBACnC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS;gBACzC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,eAAe,EAChD,CAAC;gBACD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,UAAU,EAAE,CAAC;oBACtC,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBAC/D,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBAC1F,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,OAAO;YACL,cAAc,EAAE,qBAAqB;YACrC,iBAAiB,EAAE,uBAAuB;YAC1C,kBAAkB,EAAE,wBAAwB;SAC7C,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/detect-child-process/index.ts"],"names":[],"mappings":";;;AASA,4DAA0E;AAC1E,4DAAsD;AAyCtD,MAAM,gBAAgB,GAAqB;IACzC;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,UAAU,EAAE,OAAO,CAAC;QACvC,OAAO,EAAE;YACP,GAAG,EAAE,8BAA8B;YACnC,IAAI,EAAE;gBACJ,yDAAyD;gBACzD,sDAAsD;aACvD;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE;gBACJ,mEAAmE;gBACnE,gEAAgE;aACjE;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,OAAO;QACf,SAAS,EAAE,KAAK;QAChB,aAAa,EAAE,oBAAoB;QACnC,gBAAgB,EAAE,CAAC,uBAAuB,CAAC;QAC3C,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE;gBACJ,wDAAwD;gBACxD,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE;YACP,GAAG,EAAE,2CAA2C;YAChD,IAAI,EAAE;gBACJ,wDAAwD;gBACxD,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,cAAc;QACtB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,OAAO,EAAE;YACP,GAAG,EAAE,qCAAqC;YAC1C,IAAI,EAAE;gBACJ,4DAA4D;gBAC5D,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,KAAK;QAChB,aAAa,EAAE,oBAAoB;QACnC,gBAAgB,EAAE,CAAC,2BAA2B,CAAC;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,4CAA4C;YACjD,IAAI,EAAE;gBACJ,4DAA4D;gBAC5D,oCAAoC;aACrC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,OAAO,CAAC;QAC3B,OAAO,EAAE;YACP,GAAG,EAAE,kBAAkB;YACvB,IAAI,EAAE;gBACJ,oDAAoD;gBACpD,+BAA+B;aAChC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,mBAAmB;QAClC,gBAAgB,EAAE,CAAC,WAAW,CAAC;QAC/B,OAAO,EAAE;YACP,GAAG,EAAE,sBAAsB;YAC3B,IAAI,EAAE;gBACJ,4EAA4E;gBAC5E,+BAA+B;aAChC;SACF;QACD,MAAM,EAAE,eAAe;KACxB;CACF,CAAC;AAEW,QAAA,kBAAkB,GAAG,IAAA,0BAAU,EAA0B;IACpE,IAAI,EAAE,sBAAsB;IAC5B,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,8DAA8D;SAC5E;QACD,QAAQ,EAAE;YACR,8EAA8E;YAC9E,4BAA4B,EAAE,IAAA,gCAAgB,EAAC;gBAC7C,IAAI,EAAE,4BAAY,CAAC,OAAO;gBAC1B,SAAS,EAAE,mBAAmB;gBAC9B,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,4BAA4B;gBACzC,QAAQ,EAAE,UAAU;gBACpB,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,WAAW,EAAE,IAAA,gCAAgB,EAAC;gBAC5B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,cAAc;gBACzB,WAAW,EAAE,oCAAoC;gBACjD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,2FAA2F;aAC/G,CAAC;YACF,QAAQ,EAAE,IAAA,gCAAgB,EAAC;gBACzB,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,WAAW;gBACtB,WAAW,EAAE,qCAAqC;gBAClD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4CAA4C;gBACjD,iBAAiB,EAAE,kFAAkF;aACtG,CAAC;YACF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,4CAA4C;gBACzD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uCAAuC;gBAC5C,iBAAiB,EAAE,uCAAuC;aAC3D,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,eAAe;gBAC1B,WAAW,EAAE,yBAAyB;gBACtC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kDAAkD;gBACvD,iBAAiB,EAAE,iFAAiF;aACrG,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,gCAAgC;gBAC7C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mDAAmD;gBACxD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,gDAAgD;gBACrD,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,sCAAsC;gBACnD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,wCAAwC;gBAC7C,iBAAiB,EAAE,2DAA2D;aAC/E,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,mBAAmB,EAAE;wBACnB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,mCAAmC;qBACjD;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,sCAAsC;qBACpD;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,2CAA2C;qBACzD;oBACD,QAAQ,EAAE;wBACR,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,CAAC;wBAClD,OAAO,EAAE,MAAM;wBACf,WAAW,EAAE,gEAAgE;qBAC9E;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,mBAAmB,EAAE,KAAK;YAC1B,iBAAiB,EAAE,KAAK;YACxB,iBAAiB,EAAE,EAAE;YACrB,QAAQ,EAAE,MAAM;SACjB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,mBAAmB,GAAG,KAAK,EAC3B,iBAAiB,GAAG,KAAK,EACzB,iBAAiB,GAAG,EAAE,GACvB,GAAY,OAAO,IAAI,EAAE,CAAC;QAE3B;;WAEG;QACH,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;YAClC,MAAM;YACN,UAAU;YACV,UAAU;YACV,cAAc;YACd,OAAO;YACP,WAAW;YACX,MAAM;YACN,UAAU;YACV,GAAG,iBAAiB;SACrB,CAAC,CAAC;QAEH;;;WAGG;QACH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAS,CAAC,eAAe,CAAC,CAAC,CAAC;QACzD,MAAM,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;QAE1C;;WAEG;QACH,MAAM,sBAAsB,GAAG,CAAC,IAAmB,EAAW,EAAE;YAC9D,IAAI,IAAI,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;gBACpC,OAAO,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;YACrC,CAAC;YAED,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB,IAAI,IAAI,CAAC,QAAQ,KAAK,GAAG,EAAE,CAAC;gBAC9D,OAAO,IAAI,CAAC;YACd,CAAC;YAED,gCAAgC;YAChC,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/B,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAAqB,EAAW,EAAE;YAC5D,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CACtB,GAAG,CAAC,IAAI,KAAK,SAAS;gBACtB,CAAC,GAAG,CAAC,IAAI,KAAK,iBAAiB;oBAC9B,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAwB,EAAE,EAAE,CAAC,EAAE,EAAE,IAAI,KAAK,SAAS,CAAC,CAAC,CAC3E,CAAC;QACJ,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,IAA6B,EAKvD,EAAE;YACF,IAAI,MAAM,GAAG,SAAS,CAAC;YACvB,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/C,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACrC,CAAC;iBAAM,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC7C,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC;YAC5B,CAAC;YAED,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAC5D,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,GAAkB,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAE5F,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC;YAExE,6CAA6C;YAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,GAAkB,EAAE,EAAE,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC;YAE3F,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QAC9C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,OAAuB,EAAU,EAAE;YACnE,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC;gBACvB,KAAK,MAAM,CAAC;gBACZ,KAAK,UAAU;oBACb,OAAO;wBACL,iDAAiD;wBACjD,gEAAgE;wBAChE,iEAAiE;wBACjE,6CAA6C;wBAC7C,wDAAwD;qBACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,OAAO;oBACV,OAAO;wBACL,+DAA+D;wBAC/D,iDAAiD;wBACjD,qDAAqD;wBACrD,iDAAiD;wBACjD,4DAA4D;qBAC7D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,UAAU;oBACb,OAAO;wBACL,2DAA2D;wBAC3D,8CAA8C;wBAC9C,+CAA+C;wBAC/C,iCAAiC;wBACjC,oCAAoC;qBACrC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,cAAc;oBACjB,OAAO;wBACL,mEAAmE;wBACnE,8CAA8C;wBAC9C,+CAA+C;wBAC/C,iCAAiC;wBACjC,oCAAoC;qBACrC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,WAAW;oBACd,OAAO;wBACL,+DAA+D;wBAC/D,iDAAiD;wBACjD,qDAAqD;wBACrD,iDAAiD;wBACjD,6CAA6C;qBAC9C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,MAAM;oBACT,OAAO;wBACL,uDAAuD;wBACvD,mDAAmD;wBACnD,0DAA0D;wBAC1D,iCAAiC;wBACjC,kEAAkE;qBACnE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,UAAU;oBACb,OAAO;wBACL,+DAA+D;wBAC/D,mDAAmD;wBACnD,8DAA8D;wBAC9D,yDAAyD;wBACzD,sEAAsE;qBACvE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf;oBACE,OAAO;wBACL,oDAAoD;wBACpD,+CAA+C;wBAC/C,2DAA2D;wBAC3D,0CAA0C;wBAC1C,kCAAkC;qBACnC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,OAA8B,EAAE,SAAkB,EAAkC,EAAE;YAChH,IAAI,OAAO,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC;gBACpC,OAAO,UAAU,CAAC;YACpB,CAAC;YACD,IAAI,OAAO,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC;gBACpC,OAAO,MAAM,CAAC;YAChB,CAAC;YACD,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAC1B,IAA6B,EACyB,EAAE;YACxD,0BAA0B;YAC1B,IACE,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAC1C,CAAC;gBACD,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAC7C,IAAI,CAAC,mBAAmB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;oBACzC,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,6CAA6C;gBAC7C,IACE,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;oBACxC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAC1C,CAAC;oBACD,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;gBACzD,CAAC;YACH,CAAC;YAED,sDAAsD;YACtD,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY,IAAI,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnF,IAAI,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1C,OAAO,EAAE,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,CAAC,MAAM,EAAE,CAAC;gBAC/D,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,IAA6B,EAAE,EAAE;YAC9D,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO;YACT,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,EAAE,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;YAEtE,sCAAsC;YACtC,IAAI,mBAAmB,IAAI,MAAM,KAAK,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;gBAC3D,OAAO;YACT,CAAC;YAED,oCAAoC;YACpC,IAAI,iBAAiB,IAAI,MAAM,KAAK,OAAO,IAAI,kBAAkB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;gBAClF,OAAO;YACT,CAAC;YAED,4BAA4B;YAC5B,MAAM,SAAS,GAAG,kBAAkB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YACzD,MAAM,KAAK,GAAG,OAAO,CAAC,CAAC,CAAC,wBAAwB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,qCAAqC,CAAC;YAClG,MAAM,YAAY,GAAG,OAAO,EAAE,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,iCAAiC,CAAC;YAE/F,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,8BAA8B;gBACzC,IAAI,EAAE;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,mBAAmB;oBAC5D,YAAY;oBACZ,KAAK;oBACL,MAAM,EAAE,OAAO,EAAE,MAAM,IAAI,eAAe;iBAC3C;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,aAAa;wBACxB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,UAAU;wBACrB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,iBAAiB;wBAC5B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,uBAAuB,GAAG,CAAC,IAAgC,EAAE,EAAE;YACnE,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,KAAK,eAAe,EAAE,CAAC;gBAC1C,OAAO;YACT,CAAC;YAED,KAAK,MAAM,SAAS,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACxC,IAAI,SAAS,CAAC,IAAI,KAAK,wBAAwB,IAAI,SAAS,CAAC,IAAI,KAAK,0BAA0B,EAAE,CAAC;oBACjG,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC1C,CAAC;gBAED,IAAI,SAAS,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;oBACzC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC5C,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,IAAiC,EAAE,EAAE;YACrE,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;gBACf,OAAO;YACT,CAAC;YAED,uCAAuC;YACvC,IACE,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY;gBAC7B,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,gBAAgB;gBACnC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;gBACnC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS;gBACzC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,eAAe,EAChD,CAAC;gBACD,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;gBAChC,OAAO;YACT,CAAC;YAED,6CAA6C;YAC7C,IACE,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,eAAe;gBAChC,IAAI,CAAC,IAAI,EAAE,IAAI,KAAK,gBAAgB;gBACpC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACtC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,SAAS;gBACnC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;gBACtB,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS;gBACzC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,eAAe,EAChD,CAAC;gBACD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,EAAE,CAAC,UAAU,EAAE,CAAC;oBACtC,IAAI,IAAI,CAAC,IAAI,KAAK,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;wBAC/D,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;oBAC1F,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,OAAO;YACL,cAAc,EAAE,qBAAqB;YACrC,iBAAiB,EAAE,uBAAuB;YAC1C,kBAAkB,EAAE,wBAAwB;SAC7C,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
|
|
@@ -176,8 +176,8 @@ exports.detectNonLiteralFsFilename = (0, eslint_devkit_2.createRule)({
|
|
|
176
176
|
* Extract path argument from fs call
|
|
177
177
|
*/
|
|
178
178
|
const extractPathArgument = (node) => {
|
|
179
|
-
const method = node.callee.type ===
|
|
180
|
-
node.callee.property.type ===
|
|
179
|
+
const method = node.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
|
|
180
|
+
node.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier
|
|
181
181
|
? node.callee.property.name
|
|
182
182
|
: 'unknown';
|
|
183
183
|
const operation = FS_OPERATIONS.find(op => op.method === method) || null;
|
|
@@ -259,33 +259,77 @@ exports.detectNonLiteralFsFilename = (0, eslint_devkit_2.createRule)({
|
|
|
259
259
|
/**
|
|
260
260
|
* Check if the path variable has been validated with startsWith()
|
|
261
261
|
*
|
|
262
|
-
* Safe
|
|
263
|
-
* if (safePath.startsWith(SAFE_DIR)) {
|
|
264
|
-
*
|
|
265
|
-
* }
|
|
262
|
+
* Safe patterns:
|
|
263
|
+
* 1. Inside if-block: if (safePath.startsWith(SAFE_DIR)) { fs.readFileSync(safePath); }
|
|
264
|
+
* 2. After guard clause: if (!safePath.startsWith(SAFE_DIR)) { throw }; fs.readFileSync(safePath);
|
|
266
265
|
*/
|
|
267
266
|
const hasPathValidation = (pathNode) => {
|
|
268
267
|
if (pathNode.type !== eslint_devkit_1.AST_NODE_TYPES.Identifier) {
|
|
269
268
|
return false;
|
|
270
269
|
}
|
|
271
270
|
const varName = pathNode.name;
|
|
272
|
-
|
|
273
|
-
|
|
271
|
+
// AST-based validation detection (faster than getText + regex)
|
|
272
|
+
const isStartsWithOrIncludesCall = (testNode) => {
|
|
273
|
+
// Handle negation: !path.startsWith(...)
|
|
274
|
+
if (testNode.type === eslint_devkit_1.AST_NODE_TYPES.UnaryExpression &&
|
|
275
|
+
testNode.operator === '!' &&
|
|
276
|
+
testNode.argument.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression) {
|
|
277
|
+
testNode = testNode.argument;
|
|
278
|
+
}
|
|
279
|
+
// Pattern: varName.startsWith(...) or varName.includes(...)
|
|
280
|
+
if (testNode.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression &&
|
|
281
|
+
testNode.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
|
|
282
|
+
testNode.callee.object.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
|
|
283
|
+
testNode.callee.object.name === varName &&
|
|
284
|
+
testNode.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
|
|
285
|
+
(testNode.callee.property.name === 'startsWith' ||
|
|
286
|
+
testNode.callee.property.name === 'includes')) {
|
|
287
|
+
return true;
|
|
288
|
+
}
|
|
289
|
+
return false;
|
|
290
|
+
};
|
|
291
|
+
const hasEarlyExit = (consequent) => {
|
|
292
|
+
if (consequent.type === eslint_devkit_1.AST_NODE_TYPES.BlockStatement) {
|
|
293
|
+
return consequent.body.some(stmt => stmt.type === eslint_devkit_1.AST_NODE_TYPES.ThrowStatement ||
|
|
294
|
+
stmt.type === eslint_devkit_1.AST_NODE_TYPES.ReturnStatement);
|
|
295
|
+
}
|
|
296
|
+
return consequent.type === eslint_devkit_1.AST_NODE_TYPES.ThrowStatement ||
|
|
297
|
+
consequent.type === eslint_devkit_1.AST_NODE_TYPES.ReturnStatement;
|
|
298
|
+
};
|
|
299
|
+
// Walk up to find enclosing IfStatement or BlockStatement
|
|
274
300
|
let current = pathNode.parent;
|
|
275
|
-
|
|
301
|
+
let foundFunctionBody = false;
|
|
302
|
+
while (current && !foundFunctionBody) {
|
|
303
|
+
// Check 1: Inside an if-block with validation
|
|
276
304
|
if (current.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement) {
|
|
277
|
-
|
|
278
|
-
// Check for pathVar.startsWith(SAFE_DIR) pattern
|
|
279
|
-
const startsWithPattern = new RegExp(`${varName}\\.startsWith\\s*\\(`, 'i');
|
|
280
|
-
if (startsWithPattern.test(testText)) {
|
|
305
|
+
if (isStartsWithOrIncludesCall(current.test)) {
|
|
281
306
|
return true;
|
|
282
307
|
}
|
|
283
|
-
|
|
284
|
-
|
|
285
|
-
|
|
286
|
-
|
|
308
|
+
}
|
|
309
|
+
// Check 2: In a function body, look for preceding sibling if-statements with guard clause
|
|
310
|
+
if (current.type === eslint_devkit_1.AST_NODE_TYPES.BlockStatement && current.parent && (current.parent.type === eslint_devkit_1.AST_NODE_TYPES.FunctionDeclaration ||
|
|
311
|
+
current.parent.type === eslint_devkit_1.AST_NODE_TYPES.FunctionExpression ||
|
|
312
|
+
current.parent.type === eslint_devkit_1.AST_NODE_TYPES.ArrowFunctionExpression)) {
|
|
313
|
+
foundFunctionBody = true;
|
|
314
|
+
const blockBody = current.body;
|
|
315
|
+
const nodeIndex = blockBody.findIndex((stmt) => {
|
|
316
|
+
let check = pathNode;
|
|
317
|
+
while (check) {
|
|
318
|
+
if (check === stmt)
|
|
319
|
+
return true;
|
|
320
|
+
check = check.parent;
|
|
321
|
+
}
|
|
322
|
+
return false;
|
|
323
|
+
});
|
|
324
|
+
// Look at preceding statements for validation patterns with early exit
|
|
325
|
+
for (let i = 0; i < nodeIndex; i++) {
|
|
326
|
+
const stmt = blockBody[i];
|
|
327
|
+
if (stmt.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement &&
|
|
328
|
+
isStartsWithOrIncludesCall(stmt.test) &&
|
|
329
|
+
hasEarlyExit(stmt.consequent)) {
|
|
330
|
+
return true;
|
|
331
|
+
}
|
|
287
332
|
}
|
|
288
|
-
break;
|
|
289
333
|
}
|
|
290
334
|
current = current.parent;
|
|
291
335
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/detect-non-literal-fs-filename/index.ts"],"names":[],"mappings":";;;AASA,4DAA0F;AAC1F,4DAAsD;AAgCtD,MAAM,aAAa,GAAkB;IACnC;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,iCAAiC;YACtC,IAAI,EAAE,wGAAwG;SAC/G;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE,8GAA8G;SACrH;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,gBAAgB;QAC/B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,6BAA6B;YAClC,IAAI,EAAE,0IAA0I;SACjJ;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,SAAS;QACjB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,qBAAqB;QACpC,WAAW,EAAE,4CAA4C;QACzD,OAAO,EAAE;YACP,GAAG,EAAE,+BAA+B;YACpC,IAAI,EAAE,iJAAiJ;SACxJ;QACD,MAAM,EAAE,eAAe;KACxB;CACF,CAAC;AAEW,QAAA,0BAA0B,GAAG,IAAA,0BAAU,EAA0B;IAC5E,IAAI,EAAE,gCAAgC;IACtC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,oHAAoH;SAClI;QACD,QAAQ,EAAE;YACR,sFAAsF;YACtF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,IAAI;gBACV,SAAS,EAAE,gBAAgB;gBAC3B,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,8BAA8B;gBAC3C,QAAQ,EAAE,eAAe;gBACzB,GAAG,EAAE,iBAAiB;gBACtB,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,cAAc,EAAE,IAAA,gCAAgB,EAAC;gBAC/B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,kBAAkB;gBAC7B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mCAAmC;gBACxC,iBAAiB,EAAE,mDAAmD;aACvE,CAAC;YACF,YAAY,EAAE,IAAA,gCAAgB,EAAC;gBAC7B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,eAAe;gBAC1B,WAAW,EAAE,iDAAiD;gBAC9D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,WAAW,EAAE,IAAA,gCAAgB,EAAC;gBAC5B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,mDAAmD;gBAChE,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,0BAA0B;gBAC/B,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,uBAAuB;gBAClC,WAAW,EAAE,0BAA0B;gBACvC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,qDAAqD;gBAC1D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,sBAAsB;gBACjC,WAAW,EAAE,mCAAmC;gBAChD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6EAA6E;gBAClF,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,aAAa,EAAE;wBACb,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,4BAA4B;qBAC1C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,gCAAgC;qBAC9C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,mDAAmD;qBACjE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,aAAa,EAAE,KAAK;YACpB,iBAAiB,EAAE,EAAE;SACtB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACV,aAAa,GAAG,KAAK,EACf,iBAAiB,GAAG,EAAE,EAE3B,GAAY,OAAO,IAAI,EAAE,CAAC;QAEvB;;WAEG;QACH,MAAM,gBAAgB,GAAG;YACvB,UAAU,EAAE,cAAc;YAC1B,WAAW,EAAE,eAAe;YAC5B,YAAY,EAAE,gBAAgB;YAC9B,MAAM,EAAE,UAAU;YAClB,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,aAAa;YACxB,QAAQ,EAAE,YAAY;YACtB,OAAO,EAAE,WAAW;YACpB,OAAO,EAAE,WAAW;YACpB,QAAQ,EAAE,YAAY;YACtB,kBAAkB,EAAE,mBAAmB;YACvC,GAAG,iBAAiB;SACrB,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,IAAmB,EAAW,EAAE;YACvD,OAAO,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;QACnE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,oBAAoB,GAAG,CAAC,OAAe,EAAW,EAAE;YACxD,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACjE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAAC,IAA6B,EAKxD,EAAE;YACF,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACxC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;gBACxC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI;gBAC3B,CAAC,CAAC,SAAS,CAAC;YAE5B,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC;YAEzE,qCAAqC;YACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACtE,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAC5D,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAE1D,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;QAC/C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,QAA8B,EAAE,OAAe,EAAW,EAAE;YACnF,+BAA+B;YAC/B,IAAI,aAAa,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3D,OAAO,KAAK,CAAC;YACf,CAAC;YAED,mDAAmD;YACnD,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3E,OAAO,IAAI,CAAC;YACd,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC5C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,+BAA+B;YAC/B,OAAO,CAAC,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACjD,CAAC,CAAC;QAEF;;;;;;WAMG;QACH,MAAM,sBAAsB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAClE,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;gBACpD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;YAC/B,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBAC/C,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBAChD,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,MAAM;gBAC7B,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBACvD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACpC,IAAI,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC;YAChC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,6CAA6C;YAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,cAAc,GAClB,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,IAAI,QAAQ,CAAC,IAAI,KAAK,WAAW,CAAC;gBAC9E,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC;YAEnF,IAAI,CAAC,cAAc,EAAE,CAAC;gBACpB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,wCAAwC;YACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;gBACpB,IAAI,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACzE,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,gDAAgD;gBAChD,IAAI,oBAAoB,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBAC5C,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;;;;;;WAOG;QACH,MAAM,iBAAiB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAC7D,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBAChD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC9B,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAE5D,wCAAwC;YACxC,IAAI,OAAO,GAA8B,QAAQ,CAAC,MAAM,CAAC;YACzD,OAAO,OAAO,EAAE,CAAC;gBACf,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW,EAAE,CAAC;oBAChD,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBAElD,iDAAiD;oBACjD,MAAM,iBAAiB,GAAG,IAAI,MAAM,CAAC,GAAG,OAAO,sBAAsB,EAAE,GAAG,CAAC,CAAC;oBAC5E,IAAI,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACrC,OAAO,IAAI,CAAC;oBACd,CAAC;oBAED,8DAA8D;oBAC9D,MAAM,eAAe,GAAG,IAAI,MAAM,CAAC,GAAG,OAAO,oBAAoB,EAAE,GAAG,CAAC,CAAC;oBACxE,IAAI,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACnC,OAAO,IAAI,CAAC;oBACd,CAAC;oBAED,MAAM;gBACR,CAAC;gBACD,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;YAC3B,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,SAAsB,EAAU,EAAE;YAClE,QAAQ,SAAS,CAAC,MAAM,EAAE,CAAC;gBACzB,KAAK,UAAU,CAAC;gBAChB,KAAK,WAAW;oBACd,OAAO;wBACL,yDAAyD;wBACzD,yDAAyD;wBACzD,2EAA2E;wBAC3E,2CAA2C;wBAC3C,4CAA4C;qBAC7C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,MAAM;oBACT,OAAO;wBACL,gDAAgD;wBAChD,iEAAiE;wBACjE,yDAAyD;wBACzD,qDAAqD;wBACrD,0CAA0C;qBAC3C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,SAAS;oBACZ,OAAO;wBACL,uEAAuE;wBACvE,uDAAuD;wBACvD,8CAA8C;wBAC9C,iDAAiD;wBACjD,wDAAwD;qBACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf;oBACE,OAAO;wBACL,mDAAmD;wBACnD,mDAAmD;wBACnD,mDAAmD;wBACnD,4DAA4D;wBAC5D,wCAAwC;qBACzC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,SAAsB,EAAE,OAAe,EAAU,EAAE;YAC7E,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClC,OAAO,UAAU,CAAC;YACpB,CAAC;YAED,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;gBACxB,OAAO,MAAM,CAAC;YAChB,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,WAAW,GAAG,CAAC,IAA6B,EAAE,EAAE;YACpD,kCAAkC;YAClC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACxC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI;gBAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/C,OAAO;YACT,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YAE7C,iCAAiC;YACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC3C,OAAO;YACT,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAExE,0CAA0C;YAC1C,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC;gBACrC,OAAO;YACT,CAAC;YAED,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,IAAI,aAAa,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAC1E,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,oCAAoC,CAAC;YACrG,MAAM,WAAW,GAAG,SAAS,EAAE,WAAW,IAAI,oCAAoC,CAAC;YAEnF,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,iBAAiB;gBAC5B,IAAI,EAAE;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,aAAa,EAAE,SAAS,EAAE,aAAa,IAAI,gBAAgB;oBAC3D,WAAW;oBACX,KAAK;oBACL,MAAM,EAAE,SAAS,EAAE,MAAM,IAAI,eAAe;iBAC7C;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,cAAc;wBACzB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,aAAa;wBACxB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,qBAAqB;wBAChC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,OAAO;YACL,cAAc,EAAE,WAAW;SAC5B,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/detect-non-literal-fs-filename/index.ts"],"names":[],"mappings":";;;AASA,4DAA0F;AAC1F,4DAAsD;AAgCtD,MAAM,aAAa,GAAkB;IACnC;QACE,MAAM,EAAE,UAAU;QAClB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,iCAAiC;YACtC,IAAI,EAAE,wGAAwG;SAC/G;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,WAAW;QACnB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,aAAa;QAC5B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,wCAAwC;YAC7C,IAAI,EAAE,8GAA8G;SACrH;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,MAAM;QACd,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,gBAAgB;QAC/B,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE;YACP,GAAG,EAAE,6BAA6B;YAClC,IAAI,EAAE,0IAA0I;SACjJ;QACD,MAAM,EAAE,eAAe;KACxB;IACD;QACE,MAAM,EAAE,SAAS;QACjB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,qBAAqB;QACpC,WAAW,EAAE,4CAA4C;QACzD,OAAO,EAAE;YACP,GAAG,EAAE,+BAA+B;YACpC,IAAI,EAAE,iJAAiJ;SACxJ;QACD,MAAM,EAAE,eAAe;KACxB;CACF,CAAC;AAEW,QAAA,0BAA0B,GAAG,IAAA,0BAAU,EAA0B;IAC5E,IAAI,EAAE,gCAAgC;IACtC,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,oHAAoH;SAClI;QACD,QAAQ,EAAE;YACR,sFAAsF;YACtF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,IAAI;gBACV,SAAS,EAAE,gBAAgB;gBAC3B,GAAG,EAAE,QAAQ;gBACb,WAAW,EAAE,8BAA8B;gBAC3C,QAAQ,EAAE,eAAe;gBACzB,GAAG,EAAE,iBAAiB;gBACtB,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,cAAc,EAAE,IAAA,gCAAgB,EAAC;gBAC/B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,kBAAkB;gBAC7B,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mCAAmC;gBACxC,iBAAiB,EAAE,mDAAmD;aACvE,CAAC;YACF,YAAY,EAAE,IAAA,gCAAgB,EAAC;gBAC7B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,eAAe;gBAC1B,WAAW,EAAE,iDAAiD;gBAC9D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,uDAAuD;gBAC5D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,WAAW,EAAE,IAAA,gCAAgB,EAAC;gBAC5B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,mDAAmD;gBAChE,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,0BAA0B;gBAC/B,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,uBAAuB;gBAClC,WAAW,EAAE,0BAA0B;gBACvC,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,qDAAqD;gBAC1D,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;YACF,mBAAmB,EAAE,IAAA,gCAAgB,EAAC;gBACpC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,sBAAsB;gBACjC,WAAW,EAAE,mCAAmC;gBAChD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6EAA6E;gBAClF,iBAAiB,EAAE,wDAAwD;aAC5E,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,aAAa,EAAE;wBACb,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,4BAA4B;qBAC1C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,gCAAgC;qBAC9C;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,mDAAmD;qBACjE;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,aAAa,EAAE,KAAK;YACpB,iBAAiB,EAAE,EAAE;SACtB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACV,aAAa,GAAG,KAAK,EACf,iBAAiB,GAAG,EAAE,EAE3B,GAAY,OAAO,IAAI,EAAE,CAAC;QAEvB;;WAEG;QACH,MAAM,gBAAgB,GAAG;YACvB,UAAU,EAAE,cAAc;YAC1B,WAAW,EAAE,eAAe;YAC5B,YAAY,EAAE,gBAAgB;YAC9B,MAAM,EAAE,UAAU;YAClB,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,aAAa;YACxB,QAAQ,EAAE,YAAY;YACtB,OAAO,EAAE,WAAW;YACpB,OAAO,EAAE,WAAW;YACpB,QAAQ,EAAE,YAAY;YACtB,kBAAkB,EAAE,mBAAmB;YACvC,GAAG,iBAAiB;SACrB,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,IAAmB,EAAW,EAAE;YACvD,OAAO,IAAI,CAAC,IAAI,KAAK,SAAS,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;QACnE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,oBAAoB,GAAG,CAAC,OAAe,EAAW,EAAE;YACxD,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACjE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,mBAAmB,GAAG,CAAC,IAA6B,EAKxD,EAAE;YACF,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBACrD,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBACrD,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI;gBAC3B,CAAC,CAAC,SAAS,CAAC;YAE5B,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,MAAM,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC;YAEzE,qCAAqC;YACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;YACtE,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAC5D,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAE1D,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;QAC/C,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,QAA8B,EAAE,OAAe,EAAW,EAAE;YACnF,+BAA+B;YAC/B,IAAI,aAAa,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC3D,OAAO,KAAK,CAAC;YACf,CAAC;YAED,mDAAmD;YACnD,IAAI,QAAQ,IAAI,eAAe,CAAC,QAAQ,CAAC,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3E,OAAO,IAAI,CAAC;YACd,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,sBAAsB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,sEAAsE;YACtE,IAAI,QAAQ,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC5C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,+BAA+B;YAC/B,OAAO,CAAC,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;QACjD,CAAC,CAAC;QAEF;;;;;;WAMG;QACH,MAAM,sBAAsB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAClE,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;gBACpD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;YAC/B,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;gBAC/C,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;gBAChD,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,MAAM;gBAC7B,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBACvD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YACpC,IAAI,CAAC,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC1C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC;YAChC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACtB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,6CAA6C;YAC7C,MAAM,QAAQ,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,cAAc,GAClB,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,IAAI,QAAQ,CAAC,IAAI,KAAK,WAAW,CAAC;gBAC9E,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,QAAQ,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC;YAEnF,IAAI,CAAC,cAAc,EAAE,CAAC;gBACpB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,wCAAwC;YACxC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACrC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;gBACpB,IAAI,GAAG,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;oBACzE,OAAO,KAAK,CAAC;gBACf,CAAC;gBACD,gDAAgD;gBAChD,IAAI,oBAAoB,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;oBAC5C,OAAO,KAAK,CAAC;gBACf,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;;;;;WAMG;QACH,MAAM,iBAAiB,GAAG,CAAC,QAAuB,EAAW,EAAE;YAC7D,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBAChD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC;YAE9B,+DAA+D;YAC/D,MAAM,0BAA0B,GAAG,CAAC,QAAuB,EAAW,EAAE;gBACtE,yCAAyC;gBACzC,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe;oBAChD,QAAQ,CAAC,QAAQ,KAAK,GAAG;oBACzB,QAAQ,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBAC7D,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC;gBAC/B,CAAC;gBAED,4DAA4D;gBAC5D,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBAC/C,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACxD,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBACzD,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,OAAO;oBACvC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC3D,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;wBAC9C,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU,CAAC,EAAE,CAAC;oBACnD,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC;YAEF,MAAM,YAAY,GAAG,CAAC,UAA8B,EAAW,EAAE;gBAC/D,IAAI,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBACtD,OAAO,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;wBAC3C,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAC7C,CAAC;gBACJ,CAAC;gBACD,OAAO,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBACjD,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAAC;YAC5D,CAAC,CAAC;YAEF,0DAA0D;YAC1D,IAAI,OAAO,GAA8B,QAAQ,CAAC,MAAM,CAAC;YACzD,IAAI,iBAAiB,GAAG,KAAK,CAAC;YAE9B,OAAO,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACrC,8CAA8C;gBAC9C,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW,EAAE,CAAC;oBAChD,IAAI,0BAA0B,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC7C,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBAED,0FAA0F;gBAC1F,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,IAAI,OAAO,CAAC,MAAM,IAAI,CACpE,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,mBAAmB;oBAC1D,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,kBAAkB;oBACzD,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,uBAAuB,CAAC,EAAE,CAAC;oBAEpE,iBAAiB,GAAG,IAAI,CAAC;oBACzB,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;oBAC/B,MAAM,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,IAAwB,EAAE,EAAE;wBACjE,IAAI,KAAK,GAA8B,QAAQ,CAAC;wBAChD,OAAO,KAAK,EAAE,CAAC;4BACb,IAAI,KAAK,KAAK,IAAI;gCAAE,OAAO,IAAI,CAAC;4BAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;wBACvB,CAAC;wBACD,OAAO,KAAK,CAAC;oBACf,CAAC,CAAC,CAAC;oBAEH,uEAAuE;oBACvE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;wBACnC,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;wBAC1B,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW;4BACxC,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC;4BACrC,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;4BAClC,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;YAC3B,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,wBAAwB,GAAG,CAAC,SAAsB,EAAU,EAAE;YAClE,QAAQ,SAAS,CAAC,MAAM,EAAE,CAAC;gBACzB,KAAK,UAAU,CAAC;gBAChB,KAAK,WAAW;oBACd,OAAO;wBACL,yDAAyD;wBACzD,yDAAyD;wBACzD,2EAA2E;wBAC3E,2CAA2C;wBAC3C,4CAA4C;qBAC7C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,MAAM;oBACT,OAAO;wBACL,gDAAgD;wBAChD,iEAAiE;wBACjE,yDAAyD;wBACzD,qDAAqD;wBACrD,0CAA0C;qBAC3C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf,KAAK,SAAS;oBACZ,OAAO;wBACL,uEAAuE;wBACvE,uDAAuD;wBACvD,8CAA8C;wBAC9C,iDAAiD;wBACjD,wDAAwD;qBACzD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEf;oBACE,OAAO;wBACL,mDAAmD;wBACnD,mDAAmD;wBACnD,mDAAmD;wBACnD,4DAA4D;wBAC5D,wCAAwC;qBACzC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjB,CAAC;QACH,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,SAAsB,EAAE,OAAe,EAAU,EAAE;YAC7E,IAAI,oBAAoB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClC,OAAO,UAAU,CAAC;YACpB,CAAC;YAED,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;gBACxB,OAAO,MAAM,CAAC;YAChB,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,WAAW,GAAG,CAAC,IAA6B,EAAE,EAAE;YACpD,kCAAkC;YAClC,IAAI,IAAI,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBACvC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,YAAY;gBACxC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI;gBAChC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC/C,OAAO;YACT,CAAC;YAED,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;YAE7C,iCAAiC;YACjC,IAAI,CAAC,gBAAgB,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC3C,OAAO;YACT,CAAC;YAED,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAExE,0CAA0C;YAC1C,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,IAAI,CAAC,EAAE,CAAC;gBACrC,OAAO;YACT,CAAC;YAED,MAAM,SAAS,GAAG,kBAAkB,CAAC,SAAS,IAAI,aAAa,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC;YAC1E,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,oCAAoC,CAAC;YACrG,MAAM,WAAW,GAAG,SAAS,EAAE,WAAW,IAAI,oCAAoC,CAAC;YAEnF,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,iBAAiB;gBAC5B,IAAI,EAAE;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,aAAa,EAAE,SAAS,EAAE,aAAa,IAAI,gBAAgB;oBAC3D,WAAW;oBACX,KAAK;oBACL,MAAM,EAAE,SAAS,EAAE,MAAM,IAAI,eAAe;iBAC7C;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,gBAAgB;wBAC3B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,cAAc;wBACzB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,aAAa;wBACxB,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,qBAAqB;wBAChC,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,OAAO;YACL,cAAc,EAAE,WAAW;SAC5B,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
|
|
@@ -261,36 +261,88 @@ exports.detectObjectInjection = (0, eslint_devkit_3.createRule)({
|
|
|
261
261
|
return false;
|
|
262
262
|
}
|
|
263
263
|
const keyName = propertyNode.name;
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
|
|
269
|
-
|
|
270
|
-
|
|
271
|
-
|
|
264
|
+
// AST-based validation detection (faster than getText + regex)
|
|
265
|
+
const isIncludesCall = (testNode) => {
|
|
266
|
+
// Pattern: ARRAY.includes(keyName)
|
|
267
|
+
if (testNode.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression &&
|
|
268
|
+
testNode.callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
|
|
269
|
+
testNode.callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
|
|
270
|
+
testNode.callee.property.name === 'includes' &&
|
|
271
|
+
testNode.arguments.length > 0 &&
|
|
272
|
+
testNode.arguments[0].type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
|
|
273
|
+
testNode.arguments[0].name === keyName) {
|
|
274
|
+
return true;
|
|
275
|
+
}
|
|
276
|
+
// Handle negation: !ARRAY.includes(key)
|
|
277
|
+
if (testNode.type === eslint_devkit_1.AST_NODE_TYPES.UnaryExpression &&
|
|
278
|
+
testNode.operator === '!' &&
|
|
279
|
+
testNode.argument.type === eslint_devkit_1.AST_NODE_TYPES.CallExpression) {
|
|
280
|
+
return isIncludesCall(testNode.argument);
|
|
281
|
+
}
|
|
282
|
+
return false;
|
|
283
|
+
};
|
|
284
|
+
const isHasOwnPropertyCall = (testNode) => {
|
|
285
|
+
// Pattern: Object.prototype.hasOwnProperty.call(obj, key) OR obj.hasOwnProperty(key) OR Object.hasOwn(obj, key)
|
|
286
|
+
if (testNode.type !== eslint_devkit_1.AST_NODE_TYPES.CallExpression)
|
|
287
|
+
return false;
|
|
288
|
+
const callee = testNode.callee;
|
|
289
|
+
const args = testNode.arguments;
|
|
290
|
+
// Object.prototype.hasOwnProperty.call(obj, key)
|
|
291
|
+
if (callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
|
|
292
|
+
callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
|
|
293
|
+
callee.property.name === 'call' &&
|
|
294
|
+
args.length >= 2 &&
|
|
295
|
+
args[1].type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
|
|
296
|
+
args[1].name === keyName) {
|
|
297
|
+
return true;
|
|
298
|
+
}
|
|
299
|
+
// obj.hasOwnProperty(key) OR Object.hasOwn(obj, key)
|
|
300
|
+
if (callee.type === eslint_devkit_1.AST_NODE_TYPES.MemberExpression &&
|
|
301
|
+
callee.property.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
|
|
302
|
+
(callee.property.name === 'hasOwnProperty' || callee.property.name === 'hasOwn')) {
|
|
303
|
+
const keyArg = callee.property.name === 'hasOwn' ? args[1] : args[0];
|
|
304
|
+
if (keyArg?.type === eslint_devkit_1.AST_NODE_TYPES.Identifier && keyArg.name === keyName) {
|
|
305
|
+
return true;
|
|
306
|
+
}
|
|
307
|
+
}
|
|
308
|
+
return false;
|
|
309
|
+
};
|
|
310
|
+
const isInOperator = (testNode) => {
|
|
311
|
+
// Pattern: key in obj
|
|
312
|
+
return testNode.type === eslint_devkit_1.AST_NODE_TYPES.BinaryExpression &&
|
|
313
|
+
testNode.operator === 'in' &&
|
|
314
|
+
testNode.left.type === eslint_devkit_1.AST_NODE_TYPES.Identifier &&
|
|
315
|
+
testNode.left.name === keyName;
|
|
316
|
+
};
|
|
317
|
+
const hasValidation = (testNode) => {
|
|
318
|
+
return isIncludesCall(testNode) || isHasOwnPropertyCall(testNode) || isInOperator(testNode);
|
|
319
|
+
};
|
|
320
|
+
const hasEarlyExit = (consequent) => {
|
|
321
|
+
// Check if block contains throw or return
|
|
322
|
+
if (consequent.type === eslint_devkit_1.AST_NODE_TYPES.BlockStatement) {
|
|
323
|
+
return consequent.body.some(stmt => stmt.type === eslint_devkit_1.AST_NODE_TYPES.ThrowStatement ||
|
|
324
|
+
stmt.type === eslint_devkit_1.AST_NODE_TYPES.ReturnStatement);
|
|
325
|
+
}
|
|
326
|
+
return consequent.type === eslint_devkit_1.AST_NODE_TYPES.ThrowStatement ||
|
|
327
|
+
consequent.type === eslint_devkit_1.AST_NODE_TYPES.ReturnStatement;
|
|
328
|
+
};
|
|
272
329
|
// Walk up to find enclosing IfStatement with validation
|
|
273
330
|
let current = node.parent;
|
|
274
331
|
let foundFunctionBody = false;
|
|
275
332
|
while (current && !foundFunctionBody) {
|
|
276
333
|
// Check if we're inside an if-block with validation in the condition
|
|
277
334
|
if (current.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement) {
|
|
278
|
-
|
|
279
|
-
if (includesPattern.test(testText) ||
|
|
280
|
-
hasOwnPropertyPattern.test(testText) ||
|
|
281
|
-
inOperatorPattern.test(testText)) {
|
|
335
|
+
if (hasValidation(current.test)) {
|
|
282
336
|
return true;
|
|
283
337
|
}
|
|
284
338
|
}
|
|
285
339
|
// Check for function body - look for preceding sibling if-statements with early exit
|
|
286
|
-
// Pattern: if (!ALLOWED.includes(key)) { throw }; obj[key] = value;
|
|
287
340
|
if (current.type === eslint_devkit_1.AST_NODE_TYPES.BlockStatement && current.parent && (current.parent.type === eslint_devkit_1.AST_NODE_TYPES.FunctionDeclaration ||
|
|
288
341
|
current.parent.type === eslint_devkit_1.AST_NODE_TYPES.FunctionExpression ||
|
|
289
342
|
current.parent.type === eslint_devkit_1.AST_NODE_TYPES.ArrowFunctionExpression)) {
|
|
290
343
|
foundFunctionBody = true;
|
|
291
344
|
const blockBody = current.body;
|
|
292
345
|
const nodeIndex = blockBody.findIndex((stmt) => {
|
|
293
|
-
// Find the statement containing our node
|
|
294
346
|
let check = node;
|
|
295
347
|
while (check) {
|
|
296
348
|
if (check === stmt)
|
|
@@ -299,22 +351,13 @@ exports.detectObjectInjection = (0, eslint_devkit_3.createRule)({
|
|
|
299
351
|
}
|
|
300
352
|
return false;
|
|
301
353
|
});
|
|
302
|
-
// Look at preceding statements for validation patterns
|
|
354
|
+
// Look at preceding statements for validation patterns with early exit
|
|
303
355
|
for (let i = 0; i < nodeIndex; i++) {
|
|
304
356
|
const stmt = blockBody[i];
|
|
305
|
-
if (stmt.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement
|
|
306
|
-
|
|
307
|
-
|
|
308
|
-
|
|
309
|
-
hasOwnPropertyPattern.test(testText) ||
|
|
310
|
-
inOperatorPattern.test(testText)) {
|
|
311
|
-
// Check if the if-block throws or returns (early exit pattern)
|
|
312
|
-
const consequentText = sourceCode.getText(stmt.consequent);
|
|
313
|
-
if (consequentText.includes('throw') ||
|
|
314
|
-
consequentText.includes('return')) {
|
|
315
|
-
return true;
|
|
316
|
-
}
|
|
317
|
-
}
|
|
357
|
+
if (stmt.type === eslint_devkit_1.AST_NODE_TYPES.IfStatement &&
|
|
358
|
+
hasValidation(stmt.test) &&
|
|
359
|
+
hasEarlyExit(stmt.consequent)) {
|
|
360
|
+
return true;
|
|
318
361
|
}
|
|
319
362
|
}
|
|
320
363
|
}
|
|
@@ -326,6 +369,10 @@ exports.detectObjectInjection = (0, eslint_devkit_3.createRule)({
|
|
|
326
369
|
* Check if property access is potentially dangerous
|
|
327
370
|
*/
|
|
328
371
|
const isDangerousPropertyAccess = (propertyNode) => {
|
|
372
|
+
// SAFE: Numeric literals (array index access like items[0], items[1])
|
|
373
|
+
if (propertyNode.type === eslint_devkit_1.AST_NODE_TYPES.Literal && typeof propertyNode.value === 'number') {
|
|
374
|
+
return false;
|
|
375
|
+
}
|
|
329
376
|
// Check if it's a literal string first
|
|
330
377
|
if (isLiteralString(propertyNode)) {
|
|
331
378
|
const propName = String(propertyNode.value);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/detect-object-injection/index.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;;;;GAYG;AACH,4DAA8E;AAC9E,4DAQkC;AAClC,4DAAsD;AA0CtD,MAAM,yBAAyB,GAA6B;IAC1D;QACE,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,qBAAqB;QACpC,eAAe,EAAE,4BAA4B;QAC7C,OAAO,EAAE;YACP,GAAG,EAAE,wDAAwD;YAC7D,IAAI,EAAE,mDAAmD;SAC1D;QACD,MAAM,EAAE,eAAe;QACvB,SAAS,EAAE,UAAU;KACtB;IACD;QACE,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,qBAAqB;QACpC,eAAe,EAAE,8BAA8B;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,wDAAwD;YAC7D,IAAI,EAAE,6DAA6D;SACpE;QACD,MAAM,EAAE,eAAe;QACvB,SAAS,EAAE,MAAM;KAClB;IACD;QACE,OAAO,EAAE,aAAa;QACtB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,kBAAkB;QACjC,eAAe,EAAE,2CAA2C;QAC5D,OAAO,EAAE;YACP,GAAG,EAAE,0DAA0D;YAC/D,IAAI,EAAE,oHAAoH;SAC3H;QACD,MAAM,EAAE,eAAe;QACvB,SAAS,EAAE,QAAQ;KACpB;CACF,CAAC;AAEW,QAAA,qBAAqB,GAAG,IAAA,0BAAU,EAA0B;IACvE,IAAI,EAAE,yBAAyB;IAC/B,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,mEAAmE;SACjF;QACD,QAAQ,EAAE;YACR,+FAA+F;YAC/F,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,4BAAY,CAAC,OAAO;gBAC1B,SAAS,EAAE,kBAAkB;gBAC7B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,iEAAiE;gBAC9E,QAAQ,EAAE,eAAe;gBACzB,GAAG,EAAE,qBAAqB;gBAC1B,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,SAAS;gBACpB,WAAW,EAAE,kCAAkC;gBAC/C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6CAA6C;gBAClD,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;YACF,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,oBAAoB;gBAC/B,WAAW,EAAE,oDAAoD;gBACjE,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,oDAAoD;gBACzD,iBAAiB,EAAE,wGAAwG;aAC5H,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,WAAW,EAAE,kCAAkC;gBAC/C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4HAA4H;gBACjI,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,yBAAyB;gBACpC,WAAW,EAAE,yCAAyC;gBACtD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kCAAkC;gBACvC,iBAAiB,EAAE,gGAAgG;aACpH,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,8CAA8C;gBAC3D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kCAAkC;gBACvC,iBAAiB,EAAE,gGAAgG;aACpH,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,gBAAgB;gBAC3B,WAAW,EAAE,6CAA6C;gBAC1D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mDAAmD;gBACxD,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,sBAAsB;gBACjC,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,cAAc,EAAE,IAAA,gCAAgB,EAAC;gBAC/B,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,wCAAwC;gBACrD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,gDAAgD;gBACrD,iBAAiB,EAAE,gGAAgG;aACpH,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,aAAa,EAAE;wBACb,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,6CAA6C;qBAC3D;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,kDAAkD;qBAChE;oBACD,mBAAmB,EAAE;wBACnB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC;wBAClD,WAAW,EAAE,kCAAkC;qBAChD;oBACD,QAAQ,EAAE;wBACR,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,CAAC;wBACjD,OAAO,EAAE,MAAM;wBACf,WAAW,EAAE,+DAA+D;qBAC7E;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,aAAa,EAAE,KAAK;YACpB,iBAAiB,EAAE,EAAE;YACrB,mBAAmB,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC;YAC9D,QAAQ,EAAE,MAAM;SACjB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,aAAa,GAAG,KAAK,EACrB,mBAAmB,GAAG,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC,GAChE,GAAY,OAAO,IAAI,EAAE,CAAC;QAE3B,2FAA2F;QAC3F,MAAM,wBAAwB,GAAG,IAAI,OAAO,EAA6B,CAAC;QAE1E,4EAA4E;QAC5E,MAAM,WAAW,GAAG,IAAA,iCAAiB,EAAC,OAAO,CAAC,CAAC;QAC/C,MAAM,cAAc,GAAG,WAAW,CAAC,CAAC,CAAC,IAAA,iCAAiB,EAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAEvE;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,IAAmB,EAAW,EAAE;YACvD,OAAO,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;QAChF,CAAC,CAAC;QAEF;;;;;;;;;;;;;;;;WAgBG;QACH,MAAM,kBAAkB,GAAG,CAAC,YAA2B,EAAW,EAAE;YAClE,wEAAwE;YACxE,IAAI,eAAe,CAAC,YAAY,CAAC,EAAE,CAAC;gBAClC,OAAO,IAAI,CAAC,CAAC,2DAA2D;YAC1E,CAAC;YAED,yEAAyE;YACzE,iEAAiE;YACjE,mFAAmF;YACnF,IAAI,cAAc,IAAI,YAAY,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBACtE,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,IAAA,6BAAa,EAAC,YAAY,EAAE,cAAc,CAAC,CAAC;oBAEzD,uDAAuD;oBACvD,qDAAqD;oBACrD,IAAI,IAAA,2CAA2B,EAAC,IAAI,EAAE,mBAAmB,CAAC,EAAE,CAAC;wBAC3D,OAAO,IAAI,CAAC,CAAC,+CAA+C;oBAC9D,CAAC;oBAED,4EAA4E;oBAC5E,MAAM,aAAa,GAAG,IAAA,sCAAsB,EAAC,IAAI,CAAC,CAAC;oBACnD,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAChD,yCAAyC;wBACzC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;4BACpD,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,yEAAyE;oBACzE,iEAAiE;gBACnE,CAAC;YACH,CAAC;YACD,oBAAoB;YAEpB,2EAA2E;YAC3E,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;;;;;;;;;;WAWG;QACH,MAAM,sBAAsB,GAAG,CAAC,YAA2B,EAAE,IAAmB,EAAW,EAAE;YAC3F,oEAAoE;YACpE,IAAI,YAAY,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBACpD,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC;YAClC,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAE5D,gDAAgD;YAChD,uFAAuF;YACvF,MAAM,eAAe,GAAG,IAAI,MAAM,CAAC,gCAAgC,OAAO,SAAS,EAAE,GAAG,CAAC,CAAC;YAE1F,mEAAmE;YACnE,MAAM,qBAAqB,GAAG,IAAI,MAAM,CACtC,wGAAwG,OAAO,SAAS,EACxH,GAAG,CACJ,CAAC;YAEF,+BAA+B;YAC/B,MAAM,iBAAiB,GAAG,IAAI,MAAM,CAAC,GAAG,OAAO,gBAAgB,EAAE,GAAG,CAAC,CAAC;YAEtE,wDAAwD;YACxD,IAAI,OAAO,GAA8B,IAAI,CAAC,MAAM,CAAC;YACrD,IAAI,iBAAiB,GAAG,KAAK,CAAC;YAE9B,OAAO,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACrC,qEAAqE;gBACrE,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW,EAAE,CAAC;oBAChD,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBAElD,IAAI,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC;wBAC9B,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC;wBACpC,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACrC,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBAED,qFAAqF;gBACrF,oEAAoE;gBACpE,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,IAAI,OAAO,CAAC,MAAM,IAAI,CACpE,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,mBAAmB;oBAC1D,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,kBAAkB;oBACzD,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,uBAAuB,CAAC,EAAE,CAAC;oBAEpE,iBAAiB,GAAG,IAAI,CAAC;oBACzB,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;oBAC/B,MAAM,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,IAAwB,EAAE,EAAE;wBACjE,yCAAyC;wBACzC,IAAI,KAAK,GAA8B,IAAI,CAAC;wBAC5C,OAAO,KAAK,EAAE,CAAC;4BACb,IAAI,KAAK,KAAK,IAAI;gCAAE,OAAO,IAAI,CAAC;4BAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;wBACvB,CAAC;wBACD,OAAO,KAAK,CAAC;oBACf,CAAC,CAAC,CAAC;oBAEH,uDAAuD;oBACvD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;wBACnC,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;wBAC1B,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW,EAAE,CAAC;4BAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;4BAE/C,kEAAkE;4BAClE,IAAI,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC;gCAC9B,qBAAqB,CAAC,IAAI,CAAC,QAAQ,CAAC;gCACpC,iBAAiB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gCACrC,+DAA+D;gCAC/D,MAAM,cAAc,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gCAC3D,IAAI,cAAc,CAAC,QAAQ,CAAC,OAAO,CAAC;oCAChC,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oCACtC,OAAO,IAAI,CAAC;gCACd,CAAC;4BACH,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;YAC3B,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,yBAAyB,GAAG,CAAC,YAA2B,EAAW,EAAE;YACzE,uCAAuC;YACvC,IAAI,eAAe,CAAC,YAAY,CAAC,EAAE,CAAC;gBAClC,MAAM,QAAQ,GAAG,MAAM,CAAE,YAAiC,CAAC,KAAK,CAAC,CAAC;gBAElE,iFAAiF;gBACjF,gDAAgD;gBAChD,IAAI,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC3C,OAAO,IAAI,CAAC;gBACd,CAAC;gBAEH,qFAAqF;gBACnF,6CAA6C;gBAC/C,IAAI,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC;oBACrC,OAAO,KAAK,CAAC;gBACf,CAAC;gBAEC,qFAAqF;gBACrF,IAAI,aAAa,EAAE,CAAC;oBAClB,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,qFAAqF;gBACrF,6CAA6C;gBAC7C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,wEAAwE;YACxE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,IAA+D,EAM5F,EAAE;YACF,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAE5D,IAAI,MAAc,CAAC;YACnB,IAAI,QAAgB,CAAC;YACrB,IAAI,YAA2B,CAAC;YAChC,IAAI,YAAY,GAAG,KAAK,CAAC;YAEzB,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,oBAAoB,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB,EAAE,CAAC;gBAC5G,+BAA+B;gBAC/B,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBAC9C,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAClD,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAClC,YAAY,GAAG,IAAI,CAAC;YACtB,CAAC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB,EAAE,CAAC;gBACzD,mBAAmB;gBACnB,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACzC,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAC7C,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC;gBAC7B,YAAY,GAAG,KAAK,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC9F,CAAC;YAED,+CAA+C;YAC/C,MAAM,OAAO,GAAG,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CACjD,IAAI,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACzC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAC5D,IAAI,IAAI,CAAC;YAEV,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC;QACnE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,oBAAoB,GAAG,CAAC,IAAmC,EAAW,EAAE;YAC5E,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;gBAC1C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,uDAAuD;YACvD,kCAAkC;YAClC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACxB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,EAAE,YAAY,EAAE,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;YAErD,gFAAgF;YAChF,IAAI,sBAAsB,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC;gBAC/C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,oDAAoD;YACpD,OAAO,yBAAyB,CAAC,YAAY,CAAC,CAAC;QACjD,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,sBAAsB,GAAG,CAAC,IAA+B,EAAW,EAAE;YAC1E,uDAAuD;YACvD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,EAAE,YAAY,EAAE,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;YAErD,gFAAgF;YAChF,IAAI,sBAAsB,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC;gBAC/C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,sCAAsC;YACtC,OAAO,yBAAyB,CAAC,YAAY,CAAC,CAAC;QACjD,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,OAAsC,EAAE,YAAqB,EAAU,EAAE;YACnG,IAAI,OAAO,EAAE,SAAS,KAAK,UAAU,IAAI,CAAC,OAAO,IAAI,YAAY,CAAC,EAAE,CAAC;gBACnE,OAAO,UAAU,CAAC;YACpB,CAAC;YAED,IAAI,OAAO,EAAE,SAAS,KAAK,MAAM,IAAI,YAAY,EAAE,CAAC;gBAClD,OAAO,MAAM,CAAC;YAChB,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,yBAAyB,GAAG,CAAC,IAAmC,EAAE,EAAE;YACxE,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChC,OAAO;YACT,CAAC;YAED,iEAAiE;YACjE,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB,EAAE,CAAC;gBACvD,wBAAwB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1C,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;YAEhF,MAAM,SAAS,GAAG,kBAAkB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAE5D,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,iBAAiB;gBAC5B,IAAI,EAAE;oBACJ,OAAO,EAAE,GAAG,MAAM,IAAI,QAAQ,GAAG;oBACjC,SAAS;oBACT,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,kBAAkB;oBAC3D,eAAe,EAAE,OAAO,EAAE,eAAe,IAAI,kCAAkC;iBAChF;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,mBAAmB;wBAC9B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,iBAAiB;wBAC5B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,kBAAkB;wBAC7B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,IAA+B,EAAE,EAAE;YAChE,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClC,OAAO;YACT,CAAC;YAED,uFAAuF;YACvF,IAAI,wBAAwB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,OAAO;YACT,CAAC;YAED,2FAA2F;YAC3F,4EAA4E;YAC5E,MAAM,MAAM,GAAG,IAAI,CAAC,MAAmC,CAAC;YACxD,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,oBAAoB,IAAI,MAAM,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;gBAC1F,OAAO;YACT,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;YAEhF,MAAM,SAAS,GAAG,kBAAkB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAE5D,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,iBAAiB;gBAC5B,IAAI,EAAE;oBACJ,OAAO,EAAE,GAAG,MAAM,IAAI,QAAQ,GAAG;oBACjC,SAAS;oBACT,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,kBAAkB;oBAC3D,eAAe,EAAE,OAAO,EAAE,eAAe,IAAI,kCAAkC;iBAChF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,OAAO;YACL,oBAAoB,EAAE,yBAAyB;YAC/C,gBAAgB,EAAE,qBAAqB;SACxC,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../../packages/eslint-plugin-secure-coding/src/rules/detect-object-injection/index.ts"],"names":[],"mappings":";;;AAAA;;;;;;;;;;;;GAYG;AACH,4DAA8E;AAC9E,4DAQkC;AAClC,4DAAsD;AA0CtD,MAAM,yBAAyB,GAA6B;IAC1D;QACE,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,qBAAqB;QACpC,eAAe,EAAE,4BAA4B;QAC7C,OAAO,EAAE;YACP,GAAG,EAAE,wDAAwD;YAC7D,IAAI,EAAE,mDAAmD;SAC1D;QACD,MAAM,EAAE,eAAe;QACvB,SAAS,EAAE,UAAU;KACtB;IACD;QACE,OAAO,EAAE,WAAW;QACpB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,qBAAqB;QACpC,eAAe,EAAE,8BAA8B;QAC/C,OAAO,EAAE;YACP,GAAG,EAAE,wDAAwD;YAC7D,IAAI,EAAE,6DAA6D;SACpE;QACD,MAAM,EAAE,eAAe;QACvB,SAAS,EAAE,MAAM;KAClB;IACD;QACE,OAAO,EAAE,aAAa;QACtB,SAAS,EAAE,IAAI;QACf,aAAa,EAAE,kBAAkB;QACjC,eAAe,EAAE,2CAA2C;QAC5D,OAAO,EAAE;YACP,GAAG,EAAE,0DAA0D;YAC/D,IAAI,EAAE,oHAAoH;SAC3H;QACD,MAAM,EAAE,eAAe;QACvB,SAAS,EAAE,QAAQ;KACpB;CACF,CAAC;AAEW,QAAA,qBAAqB,GAAG,IAAA,0BAAU,EAA0B;IACvE,IAAI,EAAE,yBAAyB;IAC/B,IAAI,EAAE;QACJ,IAAI,EAAE,SAAS;QACf,IAAI,EAAE;YACJ,WAAW,EAAE,mEAAmE;SACjF;QACD,QAAQ,EAAE;YACR,+FAA+F;YAC/F,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,4BAAY,CAAC,OAAO;gBAC1B,SAAS,EAAE,kBAAkB;gBAC7B,GAAG,EAAE,SAAS;gBACd,WAAW,EAAE,iEAAiE;gBAC9E,QAAQ,EAAE,eAAe;gBACzB,GAAG,EAAE,qBAAqB;gBAC1B,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,SAAS;gBACpB,WAAW,EAAE,kCAAkC;gBAC/C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,6CAA6C;gBAClD,iBAAiB,EAAE,sFAAsF;aAC1G,CAAC;YACF,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,oBAAoB;gBAC/B,WAAW,EAAE,oDAAoD;gBACjE,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,oDAAoD;gBACzD,iBAAiB,EAAE,wGAAwG;aAC5H,CAAC;YACF,aAAa,EAAE,IAAA,gCAAgB,EAAC;gBAC9B,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,gBAAgB;gBAC3B,WAAW,EAAE,kCAAkC;gBAC/C,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,4HAA4H;gBACjI,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,eAAe,EAAE,IAAA,gCAAgB,EAAC;gBAChC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,yBAAyB;gBACpC,WAAW,EAAE,yCAAyC;gBACtD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kCAAkC;gBACvC,iBAAiB,EAAE,gGAAgG;aACpH,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,IAAI;gBACvB,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,8CAA8C;gBAC3D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,kCAAkC;gBACvC,iBAAiB,EAAE,gGAAgG;aACpH,CAAC;YACF,gBAAgB,EAAE,IAAA,gCAAgB,EAAC;gBACjC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,gBAAgB;gBAC3B,WAAW,EAAE,6CAA6C;gBAC1D,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,mDAAmD;gBACxD,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,iBAAiB,EAAE,IAAA,gCAAgB,EAAC;gBAClC,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,sBAAsB;gBACjC,WAAW,EAAE,uCAAuC;gBACpD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,+CAA+C;gBACpD,iBAAiB,EAAE,0DAA0D;aAC9E,CAAC;YACF,cAAc,EAAE,IAAA,gCAAgB,EAAC;gBAC/B,IAAI,EAAE,4BAAY,CAAC,QAAQ;gBAC3B,SAAS,EAAE,mBAAmB;gBAC9B,WAAW,EAAE,wCAAwC;gBACrD,QAAQ,EAAE,KAAK;gBACf,GAAG,EAAE,gDAAgD;gBACrD,iBAAiB,EAAE,gGAAgG;aACpH,CAAC;SACH;QACD,MAAM,EAAE;YACN;gBACE,IAAI,EAAE,QAAQ;gBACd,UAAU,EAAE;oBACV,aAAa,EAAE;wBACb,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,KAAK;wBACd,WAAW,EAAE,6CAA6C;qBAC3D;oBACD,iBAAiB,EAAE;wBACjB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,EAAE;wBACX,WAAW,EAAE,kDAAkD;qBAChE;oBACD,mBAAmB,EAAE;wBACnB,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBACzB,OAAO,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC;wBAClD,WAAW,EAAE,kCAAkC;qBAChD;oBACD,QAAQ,EAAE;wBACR,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,CAAC;wBACjD,OAAO,EAAE,MAAM;wBACf,WAAW,EAAE,+DAA+D;qBAC7E;iBACF;gBACD,oBAAoB,EAAE,KAAK;aAC5B;SACF;KACF;IACD,cAAc,EAAE;QACd;YACE,aAAa,EAAE,KAAK;YACpB,iBAAiB,EAAE,EAAE;YACrB,mBAAmB,EAAE,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC;YAC9D,QAAQ,EAAE,MAAM;SACjB;KACF;IACD,MAAM,CAAC,OAAsD;QAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACzC,MAAM,EACJ,aAAa,GAAG,KAAK,EACrB,mBAAmB,GAAG,CAAC,WAAW,EAAE,WAAW,EAAE,aAAa,CAAC,GAChE,GAAY,OAAO,IAAI,EAAE,CAAC;QAE3B,2FAA2F;QAC3F,MAAM,wBAAwB,GAAG,IAAI,OAAO,EAA6B,CAAC;QAE1E,4EAA4E;QAC5E,MAAM,WAAW,GAAG,IAAA,iCAAiB,EAAC,OAAO,CAAC,CAAC;QAC/C,MAAM,cAAc,GAAG,WAAW,CAAC,CAAC,CAAC,IAAA,iCAAiB,EAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAEvE;;WAEG;QACH,MAAM,eAAe,GAAG,CAAC,IAAmB,EAAW,EAAE;YACvD,OAAO,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;QAChF,CAAC,CAAC;QAEF;;;;;;;;;;;;;;;;WAgBG;QACH,MAAM,kBAAkB,GAAG,CAAC,YAA2B,EAAW,EAAE;YAClE,wEAAwE;YACxE,IAAI,eAAe,CAAC,YAAY,CAAC,EAAE,CAAC;gBAClC,OAAO,IAAI,CAAC,CAAC,2DAA2D;YAC1E,CAAC;YAED,yEAAyE;YACzE,iEAAiE;YACjE,mFAAmF;YACnF,IAAI,cAAc,IAAI,YAAY,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBACtE,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,IAAA,6BAAa,EAAC,YAAY,EAAE,cAAc,CAAC,CAAC;oBAEzD,uDAAuD;oBACvD,qDAAqD;oBACrD,IAAI,IAAA,2CAA2B,EAAC,IAAI,EAAE,mBAAmB,CAAC,EAAE,CAAC;wBAC3D,OAAO,IAAI,CAAC,CAAC,+CAA+C;oBAC9D,CAAC;oBAED,4EAA4E;oBAC5E,MAAM,aAAa,GAAG,IAAA,sCAAsB,EAAC,IAAI,CAAC,CAAC;oBACnD,IAAI,aAAa,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAChD,yCAAyC;wBACzC,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;4BACpD,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,yEAAyE;oBACzE,iEAAiE;gBACnE,CAAC;YACH,CAAC;YACD,oBAAoB;YAEpB,2EAA2E;YAC3E,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QAEF;;;;;;;;;;;WAWG;QACH,MAAM,sBAAsB,GAAG,CAAC,YAA2B,EAAE,IAAmB,EAAW,EAAE;YAC3F,oEAAoE;YACpE,IAAI,YAAY,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU,EAAE,CAAC;gBACpD,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC;YAElC,+DAA+D;YAC/D,MAAM,cAAc,GAAG,CAAC,QAAuB,EAAW,EAAE;gBAC1D,mCAAmC;gBACnC,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBAC/C,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACxD,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC3D,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU;oBAC5C,QAAQ,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;oBAC7B,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBACxD,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBAC3C,OAAO,IAAI,CAAC;gBACd,CAAC;gBACD,wCAAwC;gBACxC,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe;oBAChD,QAAQ,CAAC,QAAQ,KAAK,GAAG;oBACzB,QAAQ,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBAC7D,OAAO,cAAc,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC3C,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC;YAEF,MAAM,oBAAoB,GAAG,CAAC,QAAuB,EAAW,EAAE;gBAChE,gHAAgH;gBAChH,IAAI,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBAAE,OAAO,KAAK,CAAC;gBAClE,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;gBAC/B,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC;gBAEhC,iDAAiD;gBACjD,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBAC/C,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAClD,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,MAAM;oBAC/B,IAAI,CAAC,MAAM,IAAI,CAAC;oBAChB,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAC1C,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;oBAC7B,OAAO,IAAI,CAAC;gBACd,CAAC;gBAED,qDAAqD;gBACrD,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBAC/C,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAClD,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,gBAAgB,IAAI,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;oBACrF,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;oBACrE,IAAI,MAAM,EAAE,IAAI,KAAK,8BAAc,CAAC,UAAU,IAAI,MAAM,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;wBAC1E,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC;YAEF,MAAM,YAAY,GAAG,CAAC,QAAuB,EAAW,EAAE;gBACxD,sBAAsB;gBACtB,OAAO,QAAQ,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB;oBACjD,QAAQ,CAAC,QAAQ,KAAK,IAAI;oBAC1B,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,UAAU;oBAChD,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,CAAC;YACxC,CAAC,CAAC;YAEF,MAAM,aAAa,GAAG,CAAC,QAAuB,EAAW,EAAE;gBACzD,OAAO,cAAc,CAAC,QAAQ,CAAC,IAAI,oBAAoB,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,CAAC;YAC9F,CAAC,CAAC;YAEF,MAAM,YAAY,GAAG,CAAC,UAA8B,EAAW,EAAE;gBAC/D,0CAA0C;gBAC1C,IAAI,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,EAAE,CAAC;oBACtD,OAAO,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;wBAC3C,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAC7C,CAAC;gBACJ,CAAC;gBACD,OAAO,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc;oBACjD,UAAU,CAAC,IAAI,KAAK,8BAAc,CAAC,eAAe,CAAC;YAC5D,CAAC,CAAC;YAEF,wDAAwD;YACxD,IAAI,OAAO,GAA8B,IAAI,CAAC,MAAM,CAAC;YACrD,IAAI,iBAAiB,GAAG,KAAK,CAAC;YAE9B,OAAO,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACrC,qEAAqE;gBACrE,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW,EAAE,CAAC;oBAChD,IAAI,aAAa,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;wBAChC,OAAO,IAAI,CAAC;oBACd,CAAC;gBACH,CAAC;gBAED,qFAAqF;gBACrF,IAAI,OAAO,CAAC,IAAI,KAAK,8BAAc,CAAC,cAAc,IAAI,OAAO,CAAC,MAAM,IAAI,CACpE,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,mBAAmB;oBAC1D,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,kBAAkB;oBACzD,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,uBAAuB,CAAC,EAAE,CAAC;oBAEpE,iBAAiB,GAAG,IAAI,CAAC;oBACzB,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC;oBAC/B,MAAM,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,CAAC,IAAwB,EAAE,EAAE;wBACjE,IAAI,KAAK,GAA8B,IAAI,CAAC;wBAC5C,OAAO,KAAK,EAAE,CAAC;4BACb,IAAI,KAAK,KAAK,IAAI;gCAAE,OAAO,IAAI,CAAC;4BAChC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;wBACvB,CAAC;wBACD,OAAO,KAAK,CAAC;oBACf,CAAC,CAAC,CAAC;oBAEH,uEAAuE;oBACvE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;wBACnC,MAAM,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;wBAC1B,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,WAAW;4BACxC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC;4BACxB,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;4BAClC,OAAO,IAAI,CAAC;wBACd,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC;YAC3B,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC,CAAC;QACF;;WAEG;QACH,MAAM,yBAAyB,GAAG,CAAC,YAA2B,EAAW,EAAE;YACzE,sEAAsE;YACtE,IAAI,YAAY,CAAC,IAAI,KAAK,8BAAc,CAAC,OAAO,IAAI,OAAO,YAAY,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC3F,OAAO,KAAK,CAAC;YACf,CAAC;YAED,uCAAuC;YACvC,IAAI,eAAe,CAAC,YAAY,CAAC,EAAE,CAAC;gBAClC,MAAM,QAAQ,GAAG,MAAM,CAAE,YAAiC,CAAC,KAAK,CAAC,CAAC;gBAElE,iFAAiF;gBACjF,gDAAgD;gBAChD,IAAI,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC3C,OAAO,IAAI,CAAC;gBACd,CAAC;gBAEH,qFAAqF;gBACnF,6CAA6C;gBAC/C,IAAI,kBAAkB,CAAC,YAAY,CAAC,EAAE,CAAC;oBACrC,OAAO,KAAK,CAAC;gBACf,CAAC;gBAEC,qFAAqF;gBACrF,IAAI,aAAa,EAAE,CAAC;oBAClB,OAAO,KAAK,CAAC;gBACf,CAAC;gBAED,qFAAqF;gBACrF,6CAA6C;gBAC7C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,wEAAwE;YACxE,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,IAA+D,EAM5F,EAAE;YACF,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,UAAU,CAAC;YAE5D,IAAI,MAAc,CAAC;YACnB,IAAI,QAAgB,CAAC;YACrB,IAAI,YAA2B,CAAC;YAChC,IAAI,YAAY,GAAG,KAAK,CAAC;YAEzB,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,oBAAoB,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB,EAAE,CAAC;gBAC5G,+BAA+B;gBAC/B,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBAC9C,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAClD,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC;gBAClC,YAAY,GAAG,IAAI,CAAC;YACtB,CAAC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB,EAAE,CAAC;gBACzD,mBAAmB;gBACnB,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACzC,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBAC7C,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC;gBAC7B,YAAY,GAAG,KAAK,CAAC;YACvB,CAAC;iBAAM,CAAC;gBACN,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC;YAC9F,CAAC;YAED,+CAA+C;YAC/C,MAAM,OAAO,GAAG,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CACjD,IAAI,MAAM,CAAC,CAAC,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACzC,mBAAmB,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAC5D,IAAI,IAAI,CAAC;YAEV,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC;QACnE,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,oBAAoB,GAAG,CAAC,IAAmC,EAAW,EAAE;YAC5E,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;gBAC1C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,uDAAuD;YACvD,kCAAkC;YAClC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACxB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,EAAE,YAAY,EAAE,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;YAErD,gFAAgF;YAChF,IAAI,sBAAsB,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC;gBAC/C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,oDAAoD;YACpD,OAAO,yBAAyB,CAAC,YAAY,CAAC,CAAC;QACjD,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,sBAAsB,GAAG,CAAC,IAA+B,EAAW,EAAE;YAC1E,uDAAuD;YACvD,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACnB,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,EAAE,YAAY,EAAE,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;YAErD,gFAAgF;YAChF,IAAI,sBAAsB,CAAC,YAAY,EAAE,IAAI,CAAC,EAAE,CAAC;gBAC/C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,sCAAsC;YACtC,OAAO,yBAAyB,CAAC,YAAY,CAAC,CAAC;QACjD,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,kBAAkB,GAAG,CAAC,OAAsC,EAAE,YAAqB,EAAU,EAAE;YACnG,IAAI,OAAO,EAAE,SAAS,KAAK,UAAU,IAAI,CAAC,OAAO,IAAI,YAAY,CAAC,EAAE,CAAC;gBACnE,OAAO,UAAU,CAAC;YACpB,CAAC;YAED,IAAI,OAAO,EAAE,SAAS,KAAK,MAAM,IAAI,YAAY,EAAE,CAAC;gBAClD,OAAO,MAAM,CAAC;YAChB,CAAC;YAED,OAAO,QAAQ,CAAC;QAClB,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,yBAAyB,GAAG,CAAC,IAAmC,EAAE,EAAE;YACxE,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChC,OAAO;YACT,CAAC;YAED,iEAAiE;YACjE,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,8BAAc,CAAC,gBAAgB,EAAE,CAAC;gBACvD,wBAAwB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1C,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;YAEhF,MAAM,SAAS,GAAG,kBAAkB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAE5D,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,iBAAiB;gBAC5B,IAAI,EAAE;oBACJ,OAAO,EAAE,GAAG,MAAM,IAAI,QAAQ,GAAG;oBACjC,SAAS;oBACT,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,kBAAkB;oBAC3D,eAAe,EAAE,OAAO,EAAE,eAAe,IAAI,kCAAkC;iBAChF;gBACD,OAAO,EAAE;oBACP;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,mBAAmB;wBAC9B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,eAAe;wBAC1B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,iBAAiB;wBAC5B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;oBACD;wBACE,SAAS,EAAE,kBAAkB;wBAC7B,GAAG,EAAE,GAAG,EAAE,CAAC,IAAI;qBAChB;iBACF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF;;WAEG;QACH,MAAM,qBAAqB,GAAG,CAAC,IAA+B,EAAE,EAAE;YAChE,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClC,OAAO;YACT,CAAC;YAED,uFAAuF;YACvF,IAAI,wBAAwB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,OAAO;YACT,CAAC;YAED,2FAA2F;YAC3F,4EAA4E;YAC5E,MAAM,MAAM,GAAG,IAAI,CAAC,MAAmC,CAAC;YACxD,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,KAAK,8BAAc,CAAC,oBAAoB,IAAI,MAAM,CAAC,IAAI,KAAK,IAAI,EAAE,CAAC;gBAC1F,OAAO;YACT,CAAC;YAED,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC;YAEhF,MAAM,SAAS,GAAG,kBAAkB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YAE5D,OAAO,CAAC,MAAM,CAAC;gBACb,IAAI;gBACJ,SAAS,EAAE,iBAAiB;gBAC5B,IAAI,EAAE;oBACJ,OAAO,EAAE,GAAG,MAAM,IAAI,QAAQ,GAAG;oBACjC,SAAS;oBACT,aAAa,EAAE,OAAO,EAAE,aAAa,IAAI,kBAAkB;oBAC3D,eAAe,EAAE,OAAO,EAAE,eAAe,IAAI,kCAAkC;iBAChF;aACF,CAAC,CAAC;QACL,CAAC,CAAC;QAEF,OAAO;YACL,oBAAoB,EAAE,yBAAyB;YAC/C,gBAAgB,EAAE,qBAAqB;SACxC,CAAC;IACJ,CAAC;CACF,CAAC,CAAC"}
|
|
@@ -1,4 +1,19 @@
|
|
|
1
|
-
|
|
1
|
+
/**
|
|
2
|
+
* ESLint Rule: no-buffer-overread
|
|
3
|
+
* Detects buffer access beyond bounds (CWE-126)
|
|
4
|
+
*
|
|
5
|
+
* Buffer overread occurs when reading from buffers beyond their allocated
|
|
6
|
+
* length, potentially leading to information disclosure, crashes, or
|
|
7
|
+
* other security issues.
|
|
8
|
+
*
|
|
9
|
+
* False Positive Reduction:
|
|
10
|
+
* This rule uses security utilities to reduce false positives by detecting:
|
|
11
|
+
* - Safe buffer access patterns
|
|
12
|
+
* - Bounds checking operations
|
|
13
|
+
* - JSDoc annotations (@safe, @validated)
|
|
14
|
+
* - Input validation functions
|
|
15
|
+
*/
|
|
16
|
+
import type { SecurityRuleOptions } from '@interlace/eslint-devkit';
|
|
2
17
|
export interface Options extends SecurityRuleOptions {
|
|
3
18
|
/** Buffer methods to check for bounds safety */
|
|
4
19
|
bufferMethods?: string[];
|