crash.software
Projects
Pull Requests
Issues
Builds
bearer
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY bearer Commits d63df395
🤬
  • ■ ■ ■ ■ ■ ■
    pkg/commands/process/settings/rules/javascript/lang/weak_encryption.yml
    skipped 6 lines
    7 7   - variable: DATA_TYPE
    8 8   detection: datatype
    9 9   - pattern: |
     10 + $<VAR>.update()
     11 + filters:
     12 + - variable: VAR
     13 + detection: create_hash
     14 + - pattern: |
    10 15   CryptoJS.$<METHOD>($<DATA_TYPE>)
    11 16   filters:
    12 17   - variable: METHOD
    skipped 29 lines
    42 47   - createHmac
    43 48   - createHash
    44 49   - variable: ALGORITHM
    45  - values:
    46  - - '"md5"'
    47  - - '"sha1"'
     50 + regex: (?i)['"]sha1|md5["']
    48 51  skip_data_types:
    49 52   - "Unique Identifier"
    50 53   - "Passwords" # see javascript_weak_password_encryption
    skipped 26 lines
  • ■ ■ ■ ■ ■ ■
    pkg/report/output/dataflow/risks/risks.go
    skipped 17 lines
    18 18  )
    19 19   
    20 20  type Holder struct {
    21  - detectors map[string]detectorHolder // group datatypeHolders by name
    22  - config settings.Config
    23  - isInternal bool
    24  - presentRisks map[string]*types.RiskDetection
     21 + detectors map[string]detectorHolder // group datatypeHolders by name
     22 + config settings.Config
     23 + isInternal bool
    25 24  }
    26 25   
    27 26  type detectorHolder struct {
    skipped 19 lines
    47 46   
    48 47  func New(config settings.Config, isInternal bool) *Holder {
    49 48   return &Holder{
    50  - detectors: make(map[string]detectorHolder),
    51  - config: config,
    52  - isInternal: isInternal,
    53  - presentRisks: make(map[string]*types.RiskDetection),
     49 + detectors: make(map[string]detectorHolder),
     50 + config: config,
     51 + isInternal: isInternal,
    54 52   }
    55 53  }
    56 54   
    57 55  func (holder *Holder) AddRiskPresence(detection detections.Detection) {
    58 56   // create entry if it doesn't exist
    59 57   ruleName := string(detection.DetectorType)
    60  - if _, exists := holder.presentRisks[ruleName]; !exists {
    61  - holder.presentRisks[ruleName] = &types.RiskDetection{
    62  - DetectorID: ruleName,
     58 + if _, exists := holder.detectors[ruleName]; !exists {
     59 + holder.detectors[ruleName] = detectorHolder{
     60 + id: ruleName,
     61 + datatypes: make(map[string]*datatypeHolder),
    63 62   }
    64 63   }
     64 + 
     65 + 
     66 + detector := holder.detectors[ruleName]
     67 + 
     68 + if _, exists := detector[]
    65 69   
    66 70   riskLocation := &types.RiskLocation{
    67 71   Filename: detection.Source.Filename,
    skipped 220 lines
  • ■ ■ ■ ■ ■ ■
    pkg/report/output/dataflow/types/risks.go
    skipped 3 lines
    4 4   
    5 5  type RiskDetector struct {
    6 6   DetectorID string `json:"detector_id" yaml:"detector_id"`
    7  - DataTypes []RiskDatatype `json:"data_types" yaml:"data_types"`
    8  -}
    9  - 
    10  -type RiskDatatype struct {
    11  - Name string `json:"name" yaml:"name"`
    12  - UUID string `json:"uuid,omitempty" yaml:"uuid,omitempty"`
    13  - CategoryUUID string `json:"category_uuid,omitempty" yaml:"category_uuid,omitempty"`
    14  - Stored bool `json:"stored" yaml:"stored"`
    15  - Locations []RiskLocation `json:"locations" yaml:"locations"`
     7 + Locations []RiskLocation `json:"locations" yaml:"locations"`
    16 8  }
    17 9   
    18 10  type RiskLocation struct {
    19  - Filename string `json:"filename" yaml:"filename"`
    20  - LineNumber int `json:"line_number" yaml:"line_number"`
    21  - Parent *schema.Parent `json:"parent,omitempty" yaml:"parent,omitempty"`
    22  - FieldName string `json:"field_name,omitempty" yaml:"field_name,omitempty"`
    23  - ObjectName string `json:"object_name,omitempty" yaml:"object_name,omitempty"`
    24  - SubjectName *string `json:"subject_name,omitempty" yaml:"subject_name,omitempty"`
     11 + Filename string `json:"filename" yaml:"filename"`
     12 + LineNumber int `json:"line_number" yaml:"line_number"`
     13 + Parent *schema.Parent `json:"parent,omitempty" yaml:"parent,omitempty"`
     14 + Datatypes []RiskDatatype `json:"data_types,omitempty" yaml:"data_types,omitempty"`
    25 15  }
    26 16   
    27  -type RiskDetectionLocation struct {
    28  - *RiskLocation `json:",inline" yaml:",inline"`
    29  - Content string `json:"content" yaml:"content"`
    30  -}
    31  - 
    32  -type RiskDetection struct {
    33  - DetectorID string `json:"detector_id" yaml:"detector_id"`
    34  - Locations []RiskDetectionLocation `json:"locations" yaml:"locations"`
     17 +type RiskDatatype struct {
     18 + Content string `json:"content,omitempty" yaml:"content,omitempty"`
     19 + FieldName string `json:"field_name,omitempty" yaml:"field_name,omitempty"`
     20 + ObjectName string `json:"object_name,omitempty" yaml:"object_name,omitempty"`
     21 + SubjectName *string `json:"subject_name,omitempty" yaml:"subject_name,omitempty"`
     22 + Name string `json:"name,omitempty" yaml:"name,omitempty"`
     23 + UUID string `json:"uuid,omitempty" yaml:"uuid,omitempty"`
     24 + CategoryUUID string `json:"category_uuid,omitempty" yaml:"category_uuid,omitempty"`
     25 + Stored bool `json:"stored" yaml:"stored"`
    35 26  }
    36 27   
Please wait...
Page is in error, reload to recover