@hclsoftware/secagent/src/Rules/BeforeRules/WrapCallbackRule.js

IAST agent

//IASTIGNORE
/*
 * ****************************************************
 * Licensed Materials - Property of HCL.
 * (c) Copyright HCL Technologies Ltd. 2017, 2025.
 * Note to U.S. Government Users *Restricted Rights.
 * ****************************************************
 */

const BeforeRule = require('./BeforeRule')

// used for adding propagators on methods that return the value to a callback
// provided by the user
// it wraps the user's callback with our method
// the method itself provided in extending classes, and it depends on the expected signature

module.exports = class WrapCallbackRule extends BeforeRule {

  doRule (hookValues) {
    const newArgs = new Array(hookValues.args.length)
    for (let i = 0; i < hookValues.args.length; i++) {
      // assume there is one function parameter. location may vary
      if (typeof hookValues.args[i] === 'function') {
        // wrap user callback with out function that execute rules first, then pass the tainted argument to the callback
        newArgs[i] = this.wrapCallbackMethod(hookValues, i)
      } else {
        newArgs[i] = hookValues.args[i]
      }
    }
    hookValues.updatedArgs = newArgs
  }

  // abstract-like method.
  // noinspection JSUnusedLocalSymbols
  wrapCallbackMethod(hookValues, i) {
    console.origLog('should not be called. Implement additionalChecks method in each specific WrapCallback rule')
  }

}