@hclsoftware/secagent/src/Rules/BeforeRules/ToBufferRule.js

IAST agent

//IASTIGNORE
/*
 * ****************************************************
 * Licensed Materials - Property of HCL.
 * (c) Copyright HCL Technologies Ltd. 2017, 2025.
 * Note to U.S. Government Users *Restricted Rights.
 * ****************************************************
 */

const ConvertArgsRule = require("./ConvertArgsRule");
const TaintTracker = require("../../TaintTracker");
const IastProperties = require("../../Hooks/IastProperties");
module.exports = class ToBufferRule extends ConvertArgsRule{
    additionalChecks(input) {
        // check and run this covert only if it buffer object and tainted,
        // then it is converted to avoid any validity checks on buffer objects
        return TaintTracker.hasTaintedData(input) && Buffer.isBuffer(input)
    }

    convert(buffer) {
        // check for buffer[IastProperties.property.TAINTED_DATA] or buffer[IastProperties.property.SANITIZED_DATA]
        // and remove it
        // we can directly use origFrom method to create new buffer without Tainted data
        return Buffer.origFrom(buffer);
    }
}