UNPKG

solium-plugin-security

Version:

Official Solium Plugin for Security-related lint rules

github.com/duaraghav8/solium-plugin-security

duaraghav8/solium-plugin-security

106 lines (79 loc) 3.11 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
/** * @fileoverview Flag loops which don't have fixed bounds. This DOES NOT catch all kinds of potentially infinite loops. * @author Nicolas Feignon <nfeignon@gmail.com> */ "use strict"; // TODO: Examine test.argument.value (when test condition gets a negative number) function hasATruthyValue(test) { // If the test isn't a value, it means its a complicated expression which will be evaluated dynamically if (!test.hasOwnProperty("value")) { return false; } // We deliberately use double equals instead of triple because we need to test for all true-equivalent values! return (test.value == true || (Number.isInteger(test.value) && test.value !== 0)); } module.exports = { meta: { docs: { recommended: false, type: "off", description: "Flag all loops which don't have fixed bounds" }, schema: [] }, create: function(context) { // eslint-disable-next-line no-unused-vars function hasBreakStatement(expr, index, array) { return (expr.type === "BreakStatement" || (expr.type === "IfStatement" && inspectIfStatement(expr))); } function inspectIfStatement(node) { if ( node.consequent.type === "BreakStatement" || (node.consequent.type === "BlockStatement" && node.consequent.body.some(hasBreakStatement)) || (node.consequent.type === "IfStatement" && inspectIfStatement(node.consequent)) ) { return true; } if (node.alternate) { if ( node.alternate.type === "BreakStatement" || (node.alternate.type === "BlockStatement" && node.alternate.body.some(hasBreakStatement)) || (node.alternate.type === "IfStatement" && inspectIfStatement(node.alternate)) ) { return true; } } return false; } function inspectLoopStatement(emitted) { const { node } = emitted; if (emitted.exit) { return; } let loopBody; if (node.body.type === "BlockStatement") { loopBody = node.body.body; } else { loopBody = [node.body]; } let hasBreak = false; for (let expr of loopBody) { if (expr.type === "BreakStatement" || (expr.type === "IfStatement" && inspectIfStatement(expr))) { hasBreak = true; break; } } if ((node.test === null || hasATruthyValue(node.test)) && !hasBreak) { context.report({ node: node, message: "Loop should have fixed bounds." }); } } return { ForStatement: inspectLoopStatement, WhileStatement: inspectLoopStatement, DoWhileStatement: inspectLoopStatement }; } };