UNPKG

@hclsoftware/secagent

Version:

IAST agent

68 lines (59 loc) 2.69 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
//IASTIGNORE /* * **************************************************** * Licensed Materials - Property of HCL. * (c) Copyright HCL Technologies Ltd. 2017, 2025. * Note to U.S. Government Users *Restricted Rights. * **************************************************** */ const {v4: uuidv4} = require("uuid") const IastProperties = require("./Hooks/IastProperties") const {keys} = require("./AdditionalInfo") const TaintTacker = require("./TaintTracker"); function getSenderTagsFromAdditionalInfoForObject(obj){ let updatedTagValues = new Set() for (const property in obj) { if (TaintTacker.hasTaintedData(obj[property])){ const currentTags = getSenderTagsFromAdditionalInfoForItem(obj[property]) currentTags.forEach(value => updatedTagValues.add(value)) } } return updatedTagValues } function getSenderTagsFromAdditionalInfoForItem(param) { // since the param is checked for tainted data, we need to get the IAST_TAG from the additionalInfo let flows = param[IastProperties.property.TAINTED_DATA].flows let updatedTagValues = new Set() if (flows){ for (let flow of flows) { // check if the flow additionalInfo has IAST_TAG key, if it does, add it the msg headers if (flow.additionalInfo[keys.IAST_TAG]) { const currentTags = flow.additionalInfo[keys.IAST_TAG].origSplit(", ") currentTags.forEach(value => updatedTagValues.add(value)) } } } return updatedTagValues } function addNewTagToFlows (flows) { for (const flow of flows) { let newValue = uuidv4() + "-0" flow.addAdditionalInfo({[keys.IAST_TAG]: newValue}) } } function getIncrementedHeaderTags(iastTags) { // split the uuvid with "-", get last array item, convert it to a number and increment it by 1, and then convert whole thing back to string with - in between // "IAST_header": "xx-xx-xx-xx-xx-c, xx-xx-xx-xx-xx-d" let uuids = iastTags.origSplit(", ") let newUuids = [] for (let uuid of uuids) { let uuidArr = uuid.trim().origSplit("-") uuidArr[uuidArr.length-1] = (parseInt(uuidArr[uuidArr.length - 1]) + 1).toString() newUuids.push(uuidArr.origJoin("-")) } return newUuids.origJoin(", ") } module.exports.getSenderTagsFromAdditionalInfoForItem = getSenderTagsFromAdditionalInfoForItem module.exports.getSenderTagsFromAdditionalInfoForObject = getSenderTagsFromAdditionalInfoForObject module.exports.getIncrementedHeaderTags = getIncrementedHeaderTags module.exports.addNewTagToFlows = addNewTagToFlows