Last active
December 5, 2020 04:17
-
-
Save inkz/e47012e205735d1fd173aad5a0c822ff to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| rules: | |
| - id: find-aws-service-python | |
| pattern: | | |
| boto3.client($SERVICE) | |
| message: $SERVICE | |
| severity: ERROR | |
| languages: | |
| - python | |
| - id: find-aws-service-js1 | |
| pattern: | | |
| $AWS = require('aws-sdk'); | |
| ... | |
| new $AWS.$SERVICE(); | |
| message: $SERVICE | |
| severity: ERROR | |
| languages: | |
| - javascript | |
| - typescript | |
| - id: find-aws-service-js2 | |
| pattern-either: | |
| - pattern: | | |
| import $SERVICE from "=~/^aws-sdk\/clients.*/i"; | |
| - pattern: | | |
| import {$SERVICE} from "=~/^aws-sdk\/clients.*/i"; | |
| message: $SERVICE | |
| severity: ERROR | |
| languages: | |
| - javascript | |
| - typescript | |
| - id: find-dependencies-js | |
| pattern-either: | |
| - pattern: import $X | |
| - patterns: | |
| - pattern: require($X) | |
| - pattern: require("...") | |
| message: $X | |
| languages: | |
| - javascript | |
| - typescript | |
| severity: ERROR | |
| - id: find-dependencies-python | |
| pattern: | | |
| import $X | |
| message: $X | |
| languages: | |
| - python | |
| severity: ERROR | |
| - id: find-event-props-js | |
| patterns: | |
| - pattern-either: | |
| - pattern: | | |
| $EVENT.$PROPERTY | |
| - pattern: | | |
| $EVENT.$PROPERTY.$SUBPROPERTY | |
| - pattern: | | |
| $EVENT.$PROPERTY.$SUBPROPERTY.$SUBSUBPROPERTY | |
| - pattern: | | |
| {..., $PROPERTY ,...} = $EVENT | |
| - pattern-either: | |
| - pattern-inside: | | |
| exports.$HANDLER = function ($EVENT) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| exports.$HANDLER = function ($EVENT, $CTX) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| exports.$HANDLER = function ($EVENT, $CTX, $CLB) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| module.exports.$HANDLER = function ($EVENT) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| module.exports.$HANDLER = function ($EVENT, $CTX) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| module.exports.$HANDLER = function ($EVENT, $CTX, $CLB) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| export function $HANDLER($EVENT) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| export function $HANDLER($EVENT, $CTX) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| export function $HANDLER($EVENT, $CTX, $CLB) { | |
| ... | |
| } | |
| message: $EVENT.$PROPERTY.$SUBPROPERTY.$SUBSUBPROPERTY | |
| languages: | |
| - javascript | |
| - typescript | |
| severity: ERROR | |
| - id: find-event-props-python | |
| patterns: | |
| - pattern-inside: | | |
| def $HANDLER(event, context): | |
| ... | |
| - pattern-either: | |
| - pattern: event.$PROPERTY | |
| - pattern: event.$PROPERTY.$SUBPROPERTY | |
| - pattern: event.$PROPERTY.$SUBPROPERTY.$SUBSUBPROPERTY | |
| message: event.$PROPERTY.$SUBPROPERTY.$SUBSUBPROPERTY | |
| languages: | |
| - python | |
| severity: ERROR | |
| - id: find-return-props-js1 | |
| patterns: | |
| - pattern-either: | |
| - patterns: | |
| - pattern: | | |
| $CLB($ERR, $RETURN) | |
| - pattern: | | |
| $CLB($ERR, {...}) | |
| - patterns: | |
| - pattern: | | |
| $X = $RETURN | |
| ... | |
| $CLB($ERR, $X) | |
| - pattern: | | |
| $X = {...} | |
| ... | |
| $CLB($ERR, $X) | |
| - pattern-either: | |
| - pattern-inside: | | |
| exports.$HANDLER = function ($EVENT, $CTX, $CLB) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| module.exports.$HANDLER = function ($EVENT, $CTX, $CLB) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| export function $HANDLER($EVENT, $CTX, $CLB) { | |
| ... | |
| } | |
| message: $RETURN | |
| languages: | |
| - javascript | |
| - typescript | |
| severity: ERROR | |
| - id: find-return-props-js2 | |
| patterns: | |
| - pattern-either: | |
| - patterns: | |
| - pattern: | | |
| return $RETURN | |
| - pattern: | | |
| return {...} | |
| - patterns: | |
| - pattern: | | |
| $VAR = $RETURN; | |
| ... | |
| return $VAR; | |
| - pattern: | | |
| $VAR = {...}; | |
| ... | |
| return $VAR; | |
| - pattern-either: | |
| - pattern-inside: | | |
| exports.$HANDLER = function ($EVENT) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| exports.$HANDLER = function ($EVENT, $CTX) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| module.exports.$HANDLER = function ($EVENT) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| module.exports.$HANDLER = function ($EVENT, $CTX) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| export function $HANDLER($EVENT) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| export function $HANDLER($EVENT, $CTX) { | |
| ... | |
| } | |
| message: $RETURN | |
| languages: | |
| - javascript | |
| - typescript | |
| severity: ERROR | |
| - id: find-return-props-python | |
| patterns: | |
| - pattern: | | |
| return $RETURN | |
| - pattern: | | |
| return {...} | |
| - pattern-inside: | | |
| def $HANDLER(...): | |
| ... | |
| message: | | |
| $RETURN | |
| languages: | |
| - python | |
| severity: ERROR | |
| - id: find-sink-python | |
| pattern: | | |
| def $HANDLER(event, context): | |
| ... | |
| $SINK(...,<... event ...>,...) | |
| message: $SINK | |
| languages: | |
| - python | |
| severity: ERROR | |
| - id: find-sink-js-1 | |
| patterns: | |
| - pattern-either: | |
| - pattern-inside: | | |
| exports.$HANDLER = function ($EVENT) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| exports.$HANDLER = function ($EVENT, $CTX) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| exports.$HANDLER = function ($EVENT, $CTX, $CLB) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| module.exports.$HANDLER = function ($EVENT) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| module.exports.$HANDLER = function ($EVENT, $CTX) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| module.exports.$HANDLER = function ($EVENT, $CTX, $CLB) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| export function $HANDLER($EVENT) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| export function $HANDLER($EVENT, $CTX) { | |
| ... | |
| } | |
| - pattern-inside: | | |
| export function $HANDLER($EVENT, $CTX, $CLB) { | |
| ... | |
| } | |
| - pattern-either: | |
| - pattern: $SINK(...,<... $EVENT ...>,...) | |
| - pattern: $SINK(...,<... $EVENT.$ONE ...>,...) | |
| - pattern: $SINK(...,<... $EVENT.$ONE.$TWO ...>,...) | |
| - pattern: $SINK(...,<... $EVENT.$ONE.$TWO.$THREE ...>,...) | |
| message: $SINK ($EVENT.$ONE.$TWO.$THREE) | |
| languages: | |
| - javascript | |
| - typescript | |
| severity: ERROR | |
| - id: find-sink-js-2 | |
| pattern-either: | |
| - pattern: | | |
| exports.$HANDLER = function ($E) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $SINK(...,<... $R ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| exports.$HANDLER = function ($E) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $K = <... $R ...>; | |
| ... | |
| $SINK(...,<... $K ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| module.exports.$HANDLER = function ($E) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $SINK(...,<... $R ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| module.exports.$HANDLER = function ($E) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $K = <... $R ...>; | |
| ... | |
| $SINK(...,<... $K ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| exports.$HANDLER = function ($E, $CTX) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $SINK(...,<... $R ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| exports.$HANDLER = function ($E, $CTX) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $K = <... $R ...>; | |
| ... | |
| $SINK(...,<... $K ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| module.exports.$HANDLER = function ($E, $CTX) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $SINK(...,<... $R ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| module.exports.$HANDLER = function ($E, $CTX) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $K = <... $R ...>; | |
| ... | |
| $SINK(...,<... $K ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| exports.$HANDLER = function ($E, $CTX, $CB) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $SINK(...,<... $R ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| exports.$HANDLER = function ($E, $CTX, $CB) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $K = <... $R ...>; | |
| ... | |
| $SINK(...,<... $K ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| module.exports.$HANDLER = function ($E, $CTX, $CB) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $SINK(...,<... $R ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| module.exports.$HANDLER = function ($E, $CTX, $CB) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $K = <... $R ...>; | |
| ... | |
| $SINK(...,<... $K ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| export function $HANDLER($E) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $SINK(...,<... $R ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| export function $HANDLER($E) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $K = <... $R ...>; | |
| ... | |
| $SINK(...,<... $K ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| export function $HANDLER($E, $CTX) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $SINK(...,<... $R ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| export function $HANDLER($E, $CTX) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $K = <... $R ...>; | |
| ... | |
| $SINK(...,<... $K ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| export function $HANDLER($E, $CTX, $CB) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $SINK(...,<... $R ...>,...); | |
| ... | |
| } | |
| - pattern: | | |
| export function $HANDLER($E, $CTX, $CB) { | |
| ... | |
| $R = <... $E ...>; | |
| ... | |
| $K = <... $R ...>; | |
| ... | |
| $SINK(...,<... $K ...>,...); | |
| ... | |
| } | |
| message: $SINK ($E) | |
| languages: | |
| - javascript | |
| - typescript | |
| severity: ERROR |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment