This repository has been archived by the owner on Sep 6, 2021. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathtsrDetectBufferNoassertRule.ts
88 lines (78 loc) · 2.61 KB
/
tsrDetectBufferNoassertRule.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
import * as Lint from 'tslint';
import * as ts from 'typescript';
const readMethods: string[] = [
'readUInt8',
'readUInt16LE',
'readUInt16BE',
'readUInt32LE',
'readUInt32BE',
'readInt8',
'readInt16LE',
'readInt16BE',
'readInt32LE',
'readInt32BE',
'readFloatLE',
'readFloatBE',
'readDoubleL',
'readDoubleBE'
];
const writeMethods: string[] = [
'writeUInt8',
'writeUInt16LE',
'writeUInt16BE',
'writeUInt32LE',
'writeUInt32BE',
'writeInt8',
'writeInt16LE',
'writeInt16BE',
'writeInt32LE',
'writeInt32BE',
'writeFloatLE',
'writeFloatBE',
'writeDoubleLE',
'writeDoubleBE'
];
export class Rule extends Lint.Rules.AbstractRule {
static metadata: Lint.IRuleMetadata = {
ruleName: 'tsr-detect-buffer-noassert',
description: 'Warns when Buffer with noAssert flag is used',
descriptionDetails: Lint.Utils.dedent`Any usage of Buffer
with noAssert flag will trigger a warning.
See https://github.com/webschik/tslint-config-security#tsr-detect-buffer-noassert`,
optionsDescription: '',
options: null,
type: 'functionality',
requiresTypeInfo: false,
typescriptOnly: false
};
apply(sourceFile: ts.SourceFile): Lint.RuleFailure[] {
return this.applyWithFunction(sourceFile, walk);
}
}
function walk(ctx: Lint.WalkContext<void>) {
function visitNode(node: ts.Node): void {
if (node.kind === ts.SyntaxKind.PropertyAccessExpression) {
const {name, expression} = node as ts.PropertyAccessExpression;
const parent: ts.CallExpression = node.parent as ts.CallExpression;
if (parent && parent.kind === ts.SyntaxKind.CallExpression && expression && name) {
const methodName: string = name.text;
let argumentIndex: number = -1;
if (readMethods.indexOf(methodName) !== -1) {
argumentIndex = 1;
} else if (writeMethods.indexOf(methodName) !== -1) {
argumentIndex = 2;
}
if (
argumentIndex !== -1 &&
parent.arguments &&
parent.arguments[argumentIndex] &&
parent.arguments[argumentIndex].kind === ts.SyntaxKind.TrueKeyword
) {
ctx.addFailureAtNode(node, `Found Buffer.${methodName} with noAssert flag set true`);
}
}
}
return ts.forEachChild(node, visitNode);
}
return ts.forEachChild(ctx.sourceFile, visitNode);
}