diff --git a/rules/detect-buffer-noassert.js b/rules/detect-buffer-noassert.js
index c08c592..9beb984 100644
--- a/rules/detect-buffer-noassert.js
+++ b/rules/detect-buffer-noassert.js
@@ -47,11 +47,6 @@ module.exports = function(context) {
"writeDoubleBE"
];
-
- var getSource = function (token) {
- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
- }
-
return {
"MemberExpression": function (node) {
var index;
@@ -63,7 +58,7 @@ module.exports = function(context) {
if (index && node.parent && node.parent.arguments && node.parent.arguments[index] && node.parent.arguments[index].value) {
var token = context.getTokens(node)[0];
- return context.report(node, 'Found Buffer.' + node.property.name + ' with noAssert flag set true:\n\t' + getSource(token));
+ return context.report(node, 'Found Buffer.' + node.property.name + ' with noAssert flag set true');
}
}
diff --git a/rules/detect-child-process.js b/rules/detect-child-process.js
index 6bbcc11..f15839e 100644
--- a/rules/detect-child-process.js
+++ b/rules/detect-child-process.js
@@ -13,10 +13,6 @@ module.exports = function(context) {
"use strict";
- var getSource = function (token) {
- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
- }
-
return {
"CallExpression": function (node) {
var token = context.getTokens(node)[0];
@@ -28,7 +24,7 @@ module.exports = function(context) {
} else if (node.parent.type === 'AssignmentExpression' && node.parent.operator === '=') {
names.push(node.parent.left.name);
}
- return context.report(node, 'Found require("child_process")\n\t' + getSource(token));
+ return context.report(node, 'Found require("child_process")');
}
}
},
@@ -36,7 +32,7 @@ module.exports = function(context) {
var token = context.getTokens(node)[0];
if (node.property.name === 'exec' && names.indexOf(node.object.name) > -1) {
if (node.parent && node.parent.arguments && node.parent.arguments[0].type !== 'Literal') {
- return context.report(node, 'Found child_process.exec() with non Literal first argument\n\t' + getSource(token));
+ return context.report(node, 'Found child_process.exec() with non Literal first argument');
}
}
}
diff --git a/rules/detect-new-buffer.js b/rules/detect-new-buffer.js
index 0db07fe..6235cac 100644
--- a/rules/detect-new-buffer.js
+++ b/rules/detect-new-buffer.js
@@ -1,11 +1,4 @@
module.exports = function (context) {
-
- var getSource = function (node) {
- var token = context.getTokens(node)[0];
- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
- }
-
-
// Detects instances of new Buffer(argument)
// where argument is any non literal value.
return {
@@ -14,7 +7,7 @@ module.exports = function (context) {
node.arguments[0] &&
node.arguments[0].type != 'Literal') {
- return context.report(node, "Found new Buffer\n\t" + getSource(node));
+ return context.report(node, "Found new Buffer");
}
diff --git a/rules/detect-non-literal-fs-filename.js b/rules/detect-non-literal-fs-filename.js
index 772f26c..08c7322 100644
--- a/rules/detect-non-literal-fs-filename.js
+++ b/rules/detect-non-literal-fs-filename.js
@@ -15,10 +15,6 @@ module.exports = function(context) {
"use strict";
- var getSource = function (token) {
- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
- }
-
return {
"MemberExpression": function (node) {
var result = [];
@@ -36,13 +32,13 @@ module.exports = function(context) {
if (result.length > 0) {
var token = context.getTokens(node)[0];
- return context.report(node, 'Found fs.' + node.property.name + ' with non literal argument at index ' + result.join(',') + '\n\t' + getSource(token));
+ return context.report(node, 'Found fs.' + node.property.name + ' with non literal argument at index ' + result.join(','));
}
/*
if (node.parent && node.parent.arguments && node.parent.arguments[index].value) {
- return context.report(node, 'found Buffer.' + node.property.name + ' with noAssert flag set true:\n\t' + getSource(token));
+ return context.report(node, 'found Buffer.' + node.property.name + ' with noAssert flag set true');
}
*/
diff --git a/rules/detect-non-literal-regexp.js b/rules/detect-non-literal-regexp.js
index a160594..fd13975 100644
--- a/rules/detect-non-literal-regexp.js
+++ b/rules/detect-non-literal-regexp.js
@@ -12,16 +12,13 @@ module.exports = function(context) {
"use strict";
- var getSource = function(token) {
- return token.loc.start.line + ': ' + context.getSourceLines().slice(token.loc.start.line - 1, token.loc.end.line).join('\n\t');
- }
return {
"NewExpression": function(node) {
if (node.callee.name === 'RegExp') {
var args = node.arguments;
if (args && args.length > 0 && args[0].type !== 'Literal') {
var token = context.getTokens(node)[0];
- return context.report(node, 'Found non-literal argument to RegExp Constructor\n\t' + getSource(token));
+ return context.report(node, 'Found non-literal argument to RegExp Constructor');
}
}
diff --git a/rules/detect-non-literal-require.js b/rules/detect-non-literal-require.js
index 152ff40..24f827c 100644
--- a/rules/detect-non-literal-require.js
+++ b/rules/detect-non-literal-require.js
@@ -11,17 +11,13 @@ module.exports = function(context) {
"use strict";
- var getSource = function (token) {
- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
- }
-
return {
"CallExpression": function (node) {
if (node.callee.name === 'require') {
var args = node.arguments;
if (args && args.length > 0 && args[0].type !== 'Literal') {
var token = context.getTokens(node)[0];
- return context.report(node, 'Found non-literal argument in require\n\t' + getSource(token));
+ return context.report(node, 'Found non-literal argument in require');
}
}
diff --git a/rules/detect-object-injection.js b/rules/detect-object-injection.js
index 6318744..d2efdac 100644
--- a/rules/detect-object-injection.js
+++ b/rules/detect-object-injection.js
@@ -59,13 +59,13 @@ var isChanged = false;
var token = context.getTokens(node)[0];
if (node.property.type === 'Identifier') {
if (node.parent.type === 'VariableDeclarator') {
- context.report(node, 'Variable Assigned to Object Injection Sink: ' + context.getFilename() + ': ' + token.loc.start.line+ '\n\t' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t') + '\n\n');
+ context.report(node, 'Variable Assigned to Object Injection Sink');
} else if (node.parent.type === 'CallExpression') {
// console.log(node.parent)
- context.report(node, 'Function Call Object Injection Sink: ' + context.getFilename() + ': ' + token.loc.start.line+ '\n\t' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t') + '\n\n');
+ context.report(node, 'Function Call Object Injection Sink');
} else {
- context.report(node, 'Generic Object Injection Sink: ' + context.getFilename() + ': ' + token.loc.start.line+ '\n\t' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t') + '\n\n');
+ context.report(node, 'Generic Object Injection Sink');
}
diff --git a/rules/detect-possible-timing-attacks.js b/rules/detect-possible-timing-attacks.js
index 2386ffd..20faaf2 100644
--- a/rules/detect-possible-timing-attacks.js
+++ b/rules/detect-possible-timing-attacks.js
@@ -32,10 +32,6 @@ module.exports = function(context) {
"use strict";
- var getSource = function (token) {
- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
- }
-
return {
"IfStatement": function(node) {
if (node.test && node.test.type === 'BinaryExpression') {
@@ -46,14 +42,14 @@ module.exports = function(context) {
if (node.test.left) {
var left = containsKeyword(node.test.left);
if (left) {
- return context.report(node, "Potential timing attack, left side: " + left + '\n\t' + getSource(token));
+ return context.report(node, "Potential timing attack, left side: " + left);
}
}
if (node.test.right) {
var right = containsKeyword(node.test.right);
if (right) {
- return context.report(node, "Potential timing attack, right side: " + right + '\n\t' + getSource(token));
+ return context.report(node, "Potential timing attack, right side: " + right);
}
}
}
diff --git a/rules/detect-pseudoRandomBytes.js b/rules/detect-pseudoRandomBytes.js
index 8225399..c7ff56c 100644
--- a/rules/detect-pseudoRandomBytes.js
+++ b/rules/detect-pseudoRandomBytes.js
@@ -11,15 +11,11 @@ module.exports = function(context) {
"use strict";
- var getSource = function (token) {
- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
- }
-
return {
"MemberExpression": function (node) {
if (node.property.name === 'pseudoRandomBytes') {
var token = context.getTokens(node)[0];
- return context.report(node, 'Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers:\n\t' + getSource(token));
+ return context.report(node, 'Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers');
}
}
diff --git a/test/detect-buffer-noassert.js b/test/detect-buffer-noassert.js
index b27dfe3..d7b4524 100644
--- a/test/detect-buffer-noassert.js
+++ b/test/detect-buffer-noassert.js
@@ -14,7 +14,7 @@ tester.run(ruleName, Rule, {
invalid: [
{
code: invalid,
- errors: [{ message: `Found Buffer.readUInt8 with noAssert flag set true:\n\t1: ${invalid}` }]
+ errors: [{ message: 'Found Buffer.readUInt8 with noAssert flag set true' }]
}
]
});
@@ -24,7 +24,7 @@ tester.run(`${ruleName} (false)`, Rule, {
invalid: [
{
code: invalid,
- errors: [{ message: `Found Buffer.readUInt8 with noAssert flag set true:\n\t1: ${invalid}` }]
+ errors: [{ message: 'Found Buffer.readUInt8 with noAssert flag set true' }]
}
]
});
diff --git a/test/detect-child-process.js b/test/detect-child-process.js
index bb38357..5c07f68 100644
--- a/test/detect-child-process.js
+++ b/test/detect-child-process.js
@@ -16,7 +16,7 @@ tester.run(`${ruleName} (require("child_process"))`, Rule, {
invalid: [
{
code: invalidRequire,
- errors: [{ message: `Found require("child_process")\n\t1: ${invalidRequire}` }]
+ errors: [{ message: 'Found require("child_process")' }]
}
]
});
@@ -28,8 +28,8 @@ tester.run(`${ruleName} (child_process.exec() wih non literal 1st arg.)`, Rule,
{
code: invalidExec,
errors: [
- { message: `Found require("child_process")\n\t1: ${invalidExec}` },
- { message: `Found child_process.exec() with non Literal first argument\n\t1: ${invalidExec}` }]
+ { message: 'Found require("child_process")' },
+ { message: 'Found child_process.exec() with non Literal first argument' }]
}
]
});
diff --git a/test/detect-new-buffer.js b/test/detect-new-buffer.js
index 5405c9c..f35e272 100644
--- a/test/detect-new-buffer.js
+++ b/test/detect-new-buffer.js
@@ -12,7 +12,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
invalid: [
{
code: invalid,
- errors: [{ message: `Found new Buffer\n\t1: ${invalid}` }]
+ errors: [{ message: 'Found new Buffer' }]
}
]
});
diff --git a/test/detect-non-literal-fs-filename.js b/test/detect-non-literal-fs-filename.js
index 9b112d0..d3b874f 100644
--- a/test/detect-non-literal-fs-filename.js
+++ b/test/detect-non-literal-fs-filename.js
@@ -13,7 +13,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
invalid: [
{
code: invalid,
- errors: [{ message: `Found fs.open with non literal argument at index 0\n\t1: ${invalid}` }]
+ errors: [{ message: 'Found fs.open with non literal argument at index 0' }]
}
]
});
diff --git a/test/detect-non-literal-regexp.js b/test/detect-non-literal-regexp.js
index 254193d..142e793 100644
--- a/test/detect-non-literal-regexp.js
+++ b/test/detect-non-literal-regexp.js
@@ -12,7 +12,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
invalid: [
{
code: invalid,
- errors: [{ message: `Found non-literal argument to RegExp Constructor\n\t1: ${invalid}` }]
+ errors: [{ message: 'Found non-literal argument to RegExp Constructor' }]
}
]
});
diff --git a/test/detect-non-literal-require.js b/test/detect-non-literal-require.js
index 591af0a..aaf267e 100644
--- a/test/detect-non-literal-require.js
+++ b/test/detect-non-literal-require.js
@@ -12,7 +12,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
invalid: [
{
code: invalid,
- errors: [{ message: `Found non-literal argument in require\n\t1: ${invalid}` }]
+ errors: [{ message: 'Found non-literal argument in require' }]
}
]
});
diff --git a/test/detect-object-injection.js b/test/detect-object-injection.js
index b522f36..18ee457 100644
--- a/test/detect-object-injection.js
+++ b/test/detect-object-injection.js
@@ -19,7 +19,7 @@ const invalidGeneric = 'var a = {}; a[b] = 4';
// invalid: [
// {
// code: invalidVariable,
-// errors: [{ message: `Variable Assigned to Object Injection Sink: : 1\n\t${invalidVariable}\n\n` }]
+// errors: [{ message: 'Variable Assigned to Object Injection Sink' }]
// }
// ]
// });
@@ -41,7 +41,7 @@ tester.run(`${ruleName} (Generic)`, Rule, {
invalid: [
{
code: invalidGeneric,
- errors: [{ message: `Generic Object Injection Sink: : 1\n\t${invalidGeneric}\n\n` }]
+ errors: [{ message: 'Generic Object Injection Sink' }]
}
]
});
diff --git a/test/detect-possible-timing-attacks.js b/test/detect-possible-timing-attacks.js
index 40e5534..55708b7 100644
--- a/test/detect-possible-timing-attacks.js
+++ b/test/detect-possible-timing-attacks.js
@@ -19,7 +19,7 @@ tester.run(`${ruleName} (left side)`, Rule, {
invalid: [
{
code: invalidLeft,
- errors: [{ message: `Potential timing attack, left side: true\n\t1: ${invalidLeft}` }]
+ errors: [{ message: 'Potential timing attack, left side: true' }]
}
]
});
@@ -30,7 +30,7 @@ tester.run(`${ruleName} (right side)`, Rule, {
invalid: [
{
code: invalidRigth,
- errors: [{ message: `Potential timing attack, right side: true\n\t1: ${invalidRigth}` }]
+ errors: [{ message: 'Potential timing attack, right side: true' }]
}
]
});
diff --git a/test/detect-pseudoRandomBytes.js b/test/detect-pseudoRandomBytes.js
index 20f85e4..ca0c5a4 100644
--- a/test/detect-pseudoRandomBytes.js
+++ b/test/detect-pseudoRandomBytes.js
@@ -12,7 +12,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
invalid: [
{
code: invalid,
- errors: [{ message: `Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers:\n\t1: ${invalid}` }]
+ errors: [{ message: 'Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers' }]
}
]
});