UNPKG

@hclsoftware/secagent

Version:

IAST agent

96 lines (91 loc) 3.62 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
//IASTIGNORE /* * **************************************************** * Licensed Materials - Property of HCL. * (c) Copyright HCL Technologies Ltd. 2017, 2025. * Note to U.S. Government Users *Restricted Rights. * **************************************************** */ const ArgsToStringRule = require('./ArgsToStringRule') const ArgObjectsToStringRule = require('./ArgObjectsToStringRule') const ThatToStringRule = require('./ThatToStringRule') const ThatElementsToStringRule = require('./ThatElementsToStringRule') const AddHookValueNamesRule = require('./AddHookValueNamesRule') const SkipOrigMethodRule = require('./SkipOrigMethodRule') const WrapCallbackRealpathRule = require('./WrapCallbackRealpathRule') const NoOpRule = require('./NoOpRule') const RabbitMQSenderRule = require('./RabbitMQSenderRule') const RabbitMQReceiverRule = require("./RabbitMQReceiverRule") const RegisterTaintOnRabbitMQMessageRule = require('./RegisterTaintOnRabbitMQMessageRule') const AxiosSinkRule = require("./AxiosSinkRule"); const AxiosSenderRule = require("./AxiosSenderRule"); const AxiosGetTagsFromFieldsRule = require("./AxiosGetTagsFromFieldsRule"); const ToBufferRule = require("./ToBufferRule"); const CloneHookValuesRule = require('./CloneHookValuesRule') const Type = Object.freeze({ ARGS_TO_STRING: 'toString', ARG_OBJECTS_TO_STRING: 'objectElementsToString', THAT_TO_STRING: 'thatToString', THAT_ELEMENTS_TO_STRING: 'thatElementsToString', ADD_HOOK_VALUE_NAMES: 'addHookValueNames', SKIP_ORIG_METHOD: 'skipOrigMethod', WRAP_CALLBACK_REALPATH: 'wrapCallbackRealpath', NO_OP: "noOp", RABBITMQ_SENDER: "rabbitMQSender", RABBITMQ_RECEIVER: "rabbitMQReceiver", REGISTER_TAINT_ON_RABBITMQ_MESSAGE: "registerTaintOnRabbitMQMessage", AXIOS_SINK: 'axiosSink', AXIOS_SENDER: 'axiosSender', AXIOS_GET_TAGS_FROM_FIELDS: 'axiosGetTagsFromFields', TO_BUFFER: 'toBuffer', CLONE_HOOKS_VALUES: 'cloneHookValues' }) /** * Rule Factory to create before rules read from hookObj(hook) by HookParser * * @function createRule * @params ruleObj * @returns BeforeRule * @see HookParser.js * @see BeforeRule.js */ function createRule (ruleObj) { switch (ruleObj.type) { case Type.ARGS_TO_STRING: return new ArgsToStringRule(ruleObj) case Type.ARG_OBJECTS_TO_STRING: return new ArgObjectsToStringRule(ruleObj) case Type.THAT_TO_STRING: return new ThatToStringRule(ruleObj) case Type.THAT_ELEMENTS_TO_STRING: return new ThatElementsToStringRule(ruleObj) case Type.ADD_HOOK_VALUE_NAMES: return new AddHookValueNamesRule(ruleObj) case Type.SKIP_ORIG_METHOD: return new SkipOrigMethodRule(ruleObj) case Type.WRAP_CALLBACK_REALPATH: return new WrapCallbackRealpathRule(ruleObj) case Type.NO_OP: return new NoOpRule(ruleObj) case Type.RABBITMQ_SENDER: return new RabbitMQSenderRule(ruleObj) case Type.RABBITMQ_RECEIVER: return new RabbitMQReceiverRule(ruleObj) case Type.REGISTER_TAINT_ON_RABBITMQ_MESSAGE: return new RegisterTaintOnRabbitMQMessageRule(ruleObj) case Type.AXIOS_SINK: return new AxiosSinkRule(ruleObj) case Type.AXIOS_SENDER: return new AxiosSenderRule(ruleObj) case Type.AXIOS_GET_TAGS_FROM_FIELDS: return new AxiosGetTagsFromFieldsRule(ruleObj) case Type.TO_BUFFER: return new ToBufferRule(ruleObj) case Type.CLONE_HOOKS_VALUES: return new CloneHookValuesRule(ruleObj) default: throw new global.origError('unknown before rule type.') } } module.exports.createRule = createRule module.exports.Type = Type