-
-
Notifications
You must be signed in to change notification settings - Fork 106
/
Copy pathdetect-buffer-noassert.js
77 lines (69 loc) · 1.85 KB
/
detect-buffer-noassert.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
/**
* Tries to detect buffer read / write calls that use noAssert set to true
* @author Adam Baldwin
*/
'use strict';
//------------------------------------------------------------------------------
// Rule Definition
//------------------------------------------------------------------------------
const names = [];
module.exports = {
meta: {
type: 'error',
docs: {
description: 'Detect calls to "buffer" with "noAssert" flag set.',
category: 'Possible Security Vulnerability',
recommended: true,
url: 'https://github.com/nodesecurity/eslint-plugin-security#detect-buffer-noassert'
}
},
create: function(context) {
const read = [
'readUInt8',
'readUInt16LE',
'readUInt16BE',
'readUInt32LE',
'readUInt32BE',
'readInt8',
'readInt16LE',
'readInt16BE',
'readInt32LE',
'readInt32BE',
'readFloatLE',
'readFloatBE',
'readDoubleL',
'readDoubleBE'
];
const write = [
'writeUInt8',
'writeUInt16LE',
'writeUInt16BE',
'writeUInt32LE',
'writeUInt32BE',
'writeInt8',
'writeInt16LE',
'writeInt16BE',
'writeInt32LE',
'writeInt32BE',
'writeFloatLE',
'writeFloatBE',
'writeDoubleLE',
'writeDoubleBE'
];
return {
'MemberExpression': function(node) {
let index;
if (read.indexOf(node.property.name) !== -1) {
index = 1;
}
else if (write.indexOf(node.property.name) !== -1) {
index = 2;
}
if (index && node.parent && node.parent.arguments && node.parent.arguments[index] && node.parent.arguments[index].value) {
const token = context.getTokens(node)[0];
return context.report(node, `Found Buffer.${node.property.name} with noAssert flag set true`);
}
}
};
}
};