sicua
Version:
A tool for analyzing project structure and dependencies
187 lines (186 loc) • 4.33 kB
JavaScript
;
/**
* SQL injection detection constants
*/
Object.defineProperty(exports, "__esModule", { value: true });
exports.STRING_CONCAT_PATTERNS = exports.SQL_VARIABLE_NAMES = exports.RAW_SQL_METHODS = exports.SAFE_ORM_METHODS = exports.SQL_INJECTION_INPUT_SOURCES = exports.SAFE_QUERY_PATTERNS = exports.DANGEROUS_SQL_PATTERNS = exports.SQL_EXECUTION_METHODS = exports.SQL_KEYWORDS = exports.SQL_LIBRARIES = void 0;
// Database libraries that support SQL operations
exports.SQL_LIBRARIES = [
// MySQL
"mysql",
"mysql2",
// PostgreSQL
"pg",
"postgres",
// SQLite
"sqlite3",
"better-sqlite3",
// Multi-database ORMs
"prisma",
"sequelize",
"typeorm",
"knex",
"drizzle-orm",
// MongoDB (NoSQL but supports SQL-like queries)
"mongodb",
"mongoose",
// Generic database connectors
"database",
"db-migrate",
"node-sql-parser",
];
// SQL keywords that indicate query construction
exports.SQL_KEYWORDS = [
"SELECT",
"INSERT",
"UPDATE",
"DELETE",
"DROP",
"CREATE",
"ALTER",
"UNION",
"WHERE",
"ORDER BY",
"GROUP BY",
"HAVING",
"JOIN",
"INNER JOIN",
"LEFT JOIN",
"RIGHT JOIN",
"FULL JOIN",
"FROM",
"INTO",
"VALUES",
"SET",
"LIMIT",
"OFFSET",
];
// Methods commonly used for executing SQL queries
exports.SQL_EXECUTION_METHODS = [
"query",
"execute",
"exec",
"run",
"all",
"get",
"prepare",
"raw",
"sql",
"findRaw",
"executeRaw",
];
// Dangerous SQL construction patterns (for string concatenation detection)
exports.DANGEROUS_SQL_PATTERNS = [
// Template literals with variables
/`[^`]*\$\{[^}]*\}[^`]*(?:SELECT|INSERT|UPDATE|DELETE|DROP|CREATE|ALTER|UNION|WHERE|ORDER\s+BY|GROUP\s+BY|HAVING|JOIN|FROM|INTO|VALUES|SET|LIMIT|OFFSET)/gi,
// String concatenation with SQL keywords
/['"][^'"]*(?:SELECT|INSERT|UPDATE|DELETE|DROP|CREATE|ALTER|UNION|WHERE|ORDER\s+BY|GROUP\s+BY|HAVING|JOIN|FROM|INTO|VALUES|SET|LIMIT|OFFSET)[^'"]*['"]\s*\+/gi,
// Plus operator with SQL-like strings
/\+\s*['"][^'"]*(?:SELECT|INSERT|UPDATE|DELETE|DROP|CREATE|ALTER|UNION|WHERE|ORDER\s+BY|GROUP\s+BY|HAVING|JOIN|FROM|INTO|VALUES|SET|LIMIT|OFFSET)/gi,
];
// Safe parameterized query patterns
exports.SAFE_QUERY_PATTERNS = [
// Prisma-style queries
/prisma\.\w+\.(?:findMany|findFirst|findUnique|create|update|delete|upsert|count|aggregate)/,
// Prepared statement placeholders
/\?/,
/\$\d+/,
/:[\w_]+/,
// Named parameters
/@[\w_]+/,
];
// User input sources that could lead to SQL injection
exports.SQL_INJECTION_INPUT_SOURCES = [
"req.query",
"req.params",
"req.body",
"request.query",
"request.params",
"request.body",
"searchParams",
"formData",
"input",
"userInput",
"query",
"params",
"filter",
"search",
"sort",
"orderBy",
"where",
"condition",
];
// ORM methods that are generally safe from SQL injection
exports.SAFE_ORM_METHODS = [
// Prisma
"findMany",
"findFirst",
"findUnique",
"create",
"update",
"delete",
"upsert",
"count",
"aggregate",
// Sequelize
"findAll",
"findOne",
"findByPk",
"findAndCountAll",
"create",
"update",
"destroy",
"bulkCreate",
"bulkUpdate",
// TypeORM
"find",
"findOne",
"findOneBy",
"save",
"remove",
"softRemove",
"recover",
"insert",
"update",
"delete",
];
// Raw SQL methods that require careful analysis
exports.RAW_SQL_METHODS = [
"raw",
"query",
"execute",
"exec",
"sql",
"findRaw",
"executeRaw",
"$queryRaw",
"$executeRaw",
"$queryRawUnsafe",
"$executeRawUnsafe",
];
// Variable names that commonly hold SQL queries
exports.SQL_VARIABLE_NAMES = [
"sql",
"query",
"sqlQuery",
"statement",
"sqlStatement",
"command",
"sqlCommand",
"rawQuery",
"selectQuery",
"insertQuery",
"updateQuery",
"deleteQuery",
];
// String concatenation operators and methods
exports.STRING_CONCAT_PATTERNS = [
// Template literals
/`[^`]*\$\{/,
// Plus operator
/\s*\+\s*/,
// String methods
/\.concat\(/,
/\.replace\(/,
/\.join\(/,
];