UNPKG

@hclsoftware/secagent

Version:

IAST agent

48 lines (43 loc) 2 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
//IASTIGNORE /* * **************************************************** * Licensed Materials - Property of HCL. * (c) Copyright HCL Technologies Ltd. 2017, 2025. * Note to U.S. Government Users *Restricted Rights. * **************************************************** */ const BeforeRule = require("./BeforeRule"); const {registerObjectTaint} = require("../../TaintTracker") const RequestInfo = require("../../RequestInfo") const StackInfo = require("../../StackInfo"); const {EntityType} = require("../../Entity"); /** * RegisterTaintOnRabbitMQMessageRule registers taint on the RabbitMQ message. * It is done here since express hooks doesn't handle the RabbitMQ message protocol * and also there is no request information in the message, there creating one here for message's TaintedObjectData * @class RegisterTaintOnRabbitMQMessageRule * @extends BeforeRule * @see BeforeRule */ module.exports = class RegisterTaintOnRabbitMQMessageRule extends BeforeRule { doRule(hookValues) { try { // receiver method signature: handleMessage (message) and message = {content: {}, fields: {}, properties: {}} const message = hookValues.args[0] message.content = this.getTaintedObject(message.content, message.fields, hookValues) } catch (err) { console.origLog("Cannot register taint. Exception:" + err); } } getTaintedObject(content, fields, hookValues) { let requestInfo = new RequestInfo( { uri : fields.routingKey, url : fields.routingKey, method: "RabbitMQ", queryString: "", secure: true }, null) const parameters = StackInfo.getParamsStringArray(hookValues.that, hookValues.simpleThat, hookValues.methodName, hookValues.simpleArgs, hookValues.simpleRet) return registerObjectTaint(content, requestInfo, "", content.toString(), EntityType.MESSAGE, parameters) } }