Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

adding new code for snyk code scan #1

Open
wants to merge 6 commits into
base: master
Choose a base branch
from
Open

adding new code for snyk code scan #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
cceab5d
adding new code for snyk code scan
snyk-kevin Nov 29, 2023
6f4b9b2
adding new code for snyk code scan 2
snyk-kevin Dec 4, 2023
a4efa65
sanitized inputs based on code analysis
snyk-kevin Dec 4, 2023
6d923a6
sanitized inputs based on code analysis 2
snyk-kevin Dec 4, 2023
0488ff2
sanitized inputs with Number function
snyk-kevin Dec 4, 2023
4696dbd
added new file for snyk code scan
snyk-kevin Feb 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added .DS_Store
View file
Open in desktop
Binary file not shown.
1 change: 1 addition & 0 deletions .dccache
View file
Open in desktop

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions routes/.dccache
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
{"/Users/kevin/GitHub/juice-shop/routes/2fa.js":[4893,1701246684603.548,"9112992b9ea5a3aef3c457f02f28d6da75304fbb1b56146b51bad0729eedcb15"],"/Users/kevin/GitHub/juice-shop/routes/address.js":[1208,1701246684603.6248,"1d5c6b410824f3871ac3549d3df3d5f87117f0a642f7bebebac0677a3400fa62"],"/Users/kevin/GitHub/juice-shop/routes/angular.js":[473,1701246684603.6978,"0724d12369f545b4c0fb5857e5b2cc88f043af6a84cff58f4b9c5f69425329b5"],"/Users/kevin/GitHub/juice-shop/routes/appConfiguration.js":[231,1701246684603.789,"0990e24dab556ca9dc610a76a71e220d8fcac30136f82bafa44a0d142f2fe8c2"],"/Users/kevin/GitHub/juice-shop/routes/appVersion.js":[342,1701246684603.8557,"142195aa58ee315ae1844528b94567e02b0dd41e655ecd6c776db6b95f5193e9"],"/Users/kevin/GitHub/juice-shop/routes/authenticatedUsers.js":[783,1701246684603.9192,"625de8b47b442e2ffa53eee12ec587547036a9066f1fa26567b7619c76deca8d"],"/Users/kevin/GitHub/juice-shop/routes/b2bOrder.js":[1570,1701246684603.9873,"7777a98461a518aed3a37a9eee170ad49943c58776b88ed02c82fc70111fa5da"],"/Users/kevin/GitHub/juice-shop/routes/basket.js":[1153,1701246684604.0757,"30a1eb7cab3c100aaea8e3772df5988ca8e09e886bf6f35c1b71b84600cbc4b6"],"/Users/kevin/GitHub/juice-shop/routes/basketItems.js":[3318,1701246684604.1619,"ad520807a03f17b2348aeaa5eef2f200f656dc8e7bf3203eb9ce5d15b2bc896b"],"/Users/kevin/GitHub/juice-shop/routes/captcha.js":[1366,1701246684604.2544,"2dd70b6db7ee75767fd2037375ed8d02b8ee5273fa204aa28823ca4e660faca4"],"/Users/kevin/GitHub/juice-shop/routes/changePassword.js":[1764,1701246684604.3225,"9f406e923bd996f57cf34b6abd86510a9de508548cb2a02f2245c3ea221455e5"],"/Users/kevin/GitHub/juice-shop/routes/chatbot.js":[6081,1701246684604.4084,"643debe7d7934d6991734ab3e1bf9d13e9e8a1aaefd0ee509b9bd5261e9ce3fb"],"/Users/kevin/GitHub/juice-shop/routes/continueCode.js":[701,1701246684604.4692,"7679ef232d9d4dc7fefb08be45b7d7a7706748561de27f0e71091beaea2e5bb8"],"/Users/kevin/GitHub/juice-shop/routes/countryMapping.js":[702,1701246684604.5322,"2a0d0e41b89e80fe242641f3319f1eb822da366ae4c849d0dc8ef506cca47483"],"/Users/kevin/GitHub/juice-shop/routes/coupon.js":[925,1701246684604.6086,"d46281c81820c2ff9b18a11503dcd3271d718360fa714fcd10c73f75ccdfa118"],"/Users/kevin/GitHub/juice-shop/routes/createProductReviews.js":[808,1701246684604.6824,"d9f5ded2368a9d523beb07019effab6d4b21a56db2dc825b55800a78c7a32af4"],"/Users/kevin/GitHub/juice-shop/routes/currentUser.js":[1036,1701246684604.7395,"0618141caa7fd57e7fff183856cd893fa5bdd963ca7fcc2d7d345dd1e84532ea"],"/Users/kevin/GitHub/juice-shop/routes/dataExport.js":[2705,1701246684604.8032,"77d30929662a8980d45724f6b425716833060b877fdf8f3c85edd754782ab574"],"/Users/kevin/GitHub/juice-shop/routes/delikeProductReviews.js":[1907,1708715754048.6794,"3d6eeb210f8dc9c8166289c411533c096a65af2b8538863978e173792bc52db7"],"/Users/kevin/GitHub/juice-shop/routes/delivery.js":[1356,1701246684604.867,"942fc2ce8d725b8484e0ea6df50936efc6f917f516ddeaf1cef55fdb40e963cd"],"/Users/kevin/GitHub/juice-shop/routes/deluxe.js":[2550,1701246684604.9521,"169ad09de4347eb79694ae98b74789cdfbff687b9787de56923f19434f815d11"],"/Users/kevin/GitHub/juice-shop/routes/easterEgg.js":[473,1701246684605.0073,"21948377feb5e12f6f8ec3a0e5811ed864cc0dd5e7f7405f01cd4079fda46c3d"],"/Users/kevin/GitHub/juice-shop/routes/erasureRequest.js":[697,1701246684605.0703,"17f05b01946c688a96e5a62c33946dd55982e6095caadd8052054e8942a65cc5"],"/Users/kevin/GitHub/juice-shop/routes/fileServer.js":[2061,1701246684605.1445,"b0e87b665739241dc48b1c37d9f273421a99cd1665628c5d76f5d5a47f8b23cc"],"/Users/kevin/GitHub/juice-shop/routes/fileUpload.js":[4430,1701246684605.2495,"44d4294cb82ba23c1b454067711a605afa424b57bcbdffb88de230ef3c2c44f4"],"/Users/kevin/GitHub/juice-shop/routes/imageCaptcha.js":[1324,1701246684605.3152,"dd4cefc474845d66e74a48366c4c04415e2febfd49ff300bf08fc2635c33f448"],"/Users/kevin/GitHub/juice-shop/routes/keyServer.js":[446,1701246684605.3735,"76be0f64254476e006e066e51e2bb371d28738477574e53d8c05331950220e71"],"/Users/kevin/GitHub/juice-shop/routes/languages.js":[2848,1701246684605.46,"51776a752019ca2033334c4822cf027b889ae0fc11187b39568060a216d9e8f1"],"/Users/kevin/GitHub/juice-shop/routes/likeProductReviews.js":[1907,1701247194879.7227,"3d6eeb210f8dc9c8166289c411533c096a65af2b8538863978e173792bc52db7"],"/Users/kevin/GitHub/juice-shop/routes/logfileServer.js":[436,1701246684605.6008,"3f9ef835c5f629fe0c1ff9054bb9f0e843aeb6008d356997c37ceea9f2be27b6"],"/Users/kevin/GitHub/juice-shop/routes/login.js":[4340,1701246684605.6777,"4d5ea9a04d76496b890d06e99de591ad09626f6f7d58117613aa71013539b81d"],"/Users/kevin/GitHub/juice-shop/routes/memory.js":[738,1701246684605.74,"b80bf3fe1a2395d46225e7b23b9c5bfc26980214d99c95f62c0eb1228d0096b5"],"/Users/kevin/GitHub/juice-shop/routes/metrics.js":[5800,1701246684605.8337,"00a00bdfb645e86abaff5b1382d3ab7fe6e3df9e42d5abd99585c81a9c83f10e"],"/Users/kevin/GitHub/juice-shop/routes/order.js":[8461,1701246684605.9316,"a963c366bb31a99565fe9bbaf1ce06fe366e66dfc7111997f07bfd2c016705d3"],"/Users/kevin/GitHub/juice-shop/routes/orderHistory.js":[1386,1701246684605.9998,"fc2c4938bb6b95f297e98ccfa2d40bd942479119fed22fb3b13f9b0830500300"],"/Users/kevin/GitHub/juice-shop/routes/payment.js":[1519,1701246684606.057,"499d3f91076f7c2e1d72ca34728843dbdf6abc2989caca7cfc77bcf483faf8f8"],"/Users/kevin/GitHub/juice-shop/routes/premiumReward.js":[494,1701246684606.1333,"dab3e960322357304ac7cdaa491821e975d2a5d1202aebc6b33b4c96b7bc599f"],"/Users/kevin/GitHub/juice-shop/routes/privacyPolicyProof.js":[479,1701246684606.1897,"9dec2688a3be3538cceef9d50566c766b5039e3b8aa588b21610ac08a12106d5"],"/Users/kevin/GitHub/juice-shop/routes/profileImageFileUpload.js":[1771,1701246684606.2622,"762299332a36a99a1a0d91597d29feac15bb4d4cdfa664dd2b61efc8f1e27f3c"],"/Users/kevin/GitHub/juice-shop/routes/profileImageUrlUpload.js":[2018,1701246684606.3315,"782f9e42cd4432f213a8174fe2df9407f15ed3424753ff3c002b9a651b77abfd"],"/Users/kevin/GitHub/juice-shop/routes/quarantineServer.js":[460,1701246684606.4106,"8a129e8abeb79d55447c3ce22fe00e92ac57441ec88702430416546b883203f9"],"/Users/kevin/GitHub/juice-shop/routes/recycles.js":[569,1701246684606.5054,"207e8bea624591393cbb7b2c9851ca6560fcc5d1b5d72f95f5d931d557ae538b"],"/Users/kevin/GitHub/juice-shop/routes/redirect.js":[1180,1701246684606.5718,"b06b93d1b84d6d80cec746dfd6db5b0430d93f96bc48433dfed3de72014ccc13"],"/Users/kevin/GitHub/juice-shop/routes/relikeProductReviews.js":[1982,1701722964251.9607,"f925b7888924a5fa0867648ed2fbe0f61bf11725ea8bf9414a7a51a16297613d"],"/Users/kevin/GitHub/juice-shop/routes/repeatNotification.js":[449,1701246684607.0603,"7494191db0433e06317a2e693229e4d83edf09306823ae10bebf749a8c446600"],"/Users/kevin/GitHub/juice-shop/routes/resetPassword.js":[3355,1701246684607.2188,"b5df3ca242fece216100f095d41ff872de926a999d319b1a9458ee6dff620fd7"],"/Users/kevin/GitHub/juice-shop/routes/restoreProgress.js":[1091,1701246684607.2878,"86f14ecb8454f81a660d728d48347b231791e71b23e6f590b1ab4a52f1c777a9"],"/Users/kevin/GitHub/juice-shop/routes/saveLoginIp.js":[1226,1701246684607.3535,"59d0e9e7a3bb4880b2d59a469048a1b610a28b79014433d2c58f8c51776ded98"],"/Users/kevin/GitHub/juice-shop/routes/search.js":[2403,1701246684607.4194,"d1a3a2f7e2b8a7e80332899f8d931398284168a36db0181eed2daed5fceccf36"],"/Users/kevin/GitHub/juice-shop/routes/securityQuestion.js":[683,1701246684607.5054,"86bb03c43416aaec3696303cb9527e396546aaa1eabb643e6c1cfbe914f7b25d"],"/Users/kevin/GitHub/juice-shop/routes/showProductReviews.js":[1412,1701246684607.5732,"208f19babc0b3baeb4ba2c5b1fc6b0990aca32a8ca41a34f8a24eabd362337a8"],"/Users/kevin/GitHub/juice-shop/routes/trackOrder.js":[945,1701246684607.6372,"2d49c5033430a109305bbc659e8c1be420a3891cfc14b9ecdc091574ec20fa6b"],"/Users/kevin/GitHub/juice-shop/routes/updateProductReviews.js":[905,1701246684607.7012,"a838ce34acb4aba106ac85366121504daea92ea506766c9f2de22ea3b10c725e"],"/Users/kevin/GitHub/juice-shop/routes/updateUserProfile.js":[1448,1701246684607.7856,"1f6e8d001790dabb45cab98d381c111f50955ab664ae30561a579e416e74a9da"],"/Users/kevin/GitHub/juice-shop/routes/userProfile.js":[2917,1701246684607.8523,"ea7d96a3ebcad230d2e475894ae642aeba7883b95f19adec807c7ee75f1784b1"],"/Users/kevin/GitHub/juice-shop/routes/verify.js":[10782,1701246684607.9375,"0464bd4bc85293ee1d8531a953cfed56921fa6dc9bb886e5854866aa8de45461"],"/Users/kevin/GitHub/juice-shop/routes/videoHandler.js":[3342,1701246684608.0225,"6fa4b72e9ab9c0685e7db1d36bd6011af809a26416f3da16f499b6533b40a254"],"/Users/kevin/GitHub/juice-shop/routes/wallet.js":[866,1701246684608.1033,"b5b976cd5e51cec06b6e87be5cc928efc77f2c7c3d47431ee87c7c9972ae50cc"]}
58 changes: 58 additions & 0 deletions routes/delikeProductReviews.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
/*
* Copyright (c) 2014-2021 Bjoern Kimminich.
* SPDX-License-Identifier: MIT
*/

const utils = require('../lib/utils')
const challenges = require('../data/datacache').challenges
const db = require('../data/mongodb')
const insecurity = require('../lib/insecurity')

module.exports = function productReviews () {
return (req, res, next) => {
const id = req.body.id
const user = insecurity.authenticatedUsers.from(req)
db.reviews.findOne({ _id: id }).then(review => {
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  NoSQL Injection

Unsanitized input from the HTTP request body flows into findOne, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.

Line 15 | CWE-943 | Priority score 805 | Learn more about this vulnerability
Data flow: 8 steps

Step 1 - 4

juice-shop/routes/delikeProductReviews.js

Line 13 in 4696dbd

const id = req.body.id

Step 5 - 8

juice-shop/routes/delikeProductReviews.js

Line 15 in 4696dbd

db.reviews.findOne({ _id: id }).then(review => {

var likedBy = review.likedBy
if (!likedBy.includes(user.data.email)) {
db.reviews.update(
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  NoSQL Injection

Unsanitized input from the HTTP request body flows into update, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.

Line 18 | CWE-943 | Priority score 805 | Learn more about this vulnerability
Data flow: 10 steps

Step 1 - 4

juice-shop/routes/delikeProductReviews.js

Line 13 in 4696dbd

const id = req.body.id

Step 5 - 6 routes/delikeProductReviews.js#L15

Step 7 - 9 routes/delikeProductReviews.js#L19

Step 10

juice-shop/routes/delikeProductReviews.js

Line 18 in 4696dbd

db.reviews.update(

{ _id: id },
{ $inc: { likesCount: 1 } }
).then(
result => {
// Artificial wait for timing attack challenge
setTimeout(function () {
db.reviews.findOne({ _id: id }).then(review => {
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  NoSQL Injection

Unsanitized input from the HTTP request body flows into findOne, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.

Line 25 | CWE-943 | Priority score 805 | Learn more about this vulnerability
Data flow: 12 steps

Step 1 - 4

juice-shop/routes/delikeProductReviews.js

Line 13 in 4696dbd

const id = req.body.id

Step 5 - 6 routes/delikeProductReviews.js#L15

Step 7 - 8 routes/delikeProductReviews.js#L19

Step 9 - 12

juice-shop/routes/delikeProductReviews.js

Line 25 in 4696dbd

db.reviews.findOne({ _id: id }).then(review => {

var likedBy = review.likedBy
likedBy.push(user.data.email)
var count = 0
for (var i = 0; i < likedBy.length; i++) {
if (likedBy[i] === user.data.email) {
count++
}
}
utils.solveIf(challenges.timingAttackChallenge, () => { return count > 2 })
db.reviews.update(
Copy link
Owner Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  NoSQL Injection

Unsanitized input from the HTTP request body flows into update, where it is used in an NoSQL query. This may result in an NoSQL Injection vulnerability.

Line 35 | CWE-943 | Priority score 805 | Learn more about this vulnerability
Data flow: 14 steps

Step 1 - 4

juice-shop/routes/delikeProductReviews.js

Line 13 in 4696dbd

const id = req.body.id

Step 5 - 6 routes/delikeProductReviews.js#L15

Step 7 - 8 routes/delikeProductReviews.js#L19

Step 9 - 10 routes/delikeProductReviews.js#L25

Step 11 - 13 routes/delikeProductReviews.js#L36

Step 14

juice-shop/routes/delikeProductReviews.js

Line 35 in 4696dbd

db.reviews.update(

{ _id: id },
{ $set: { likedBy: likedBy } }
).then(
result => {
res.json(result)
}, err => {
res.status(500).json(err)
})
}, () => {
res.status(400).json({ error: 'Wrong Params' })
})
}, 150)
}, err => {
res.status(500).json(err)
})
} else {
res.status(403).json({ error: 'Not allowed' })
}
}, () => {
res.status(400).json({ error: 'Wrong Params' })
})
}
}
59 changes: 59 additions & 0 deletions routes/relikeProductReviews.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
/*
* Copyright (c) 2014-2021 Bjoern Kimminich.
* SPDX-License-Identifier: MIT
*/
//Adding comment
const utils = require('../lib/utils')
const challenges = require('../data/datacache').challenges
const db = require('../data/mongodb')
const insecurity = require('../lib/insecurity')
var sanitize = require('mongo-sanitize')

module.exports = function productReviews () {
return (req, res, next) => {
const id = Number(sanitize(req.body.id))
const user = insecurity.authenticatedUsers.from(req)
db.reviews.findOne({ _id: id }).then(review => {
var likedBy = review.likedBy
if (!likedBy.includes(user.data.email)) {
db.reviews.update(
{ _id: id },
{ $inc: { likesCount: 1 } }
).then(
result => {
// Artificial wait for timing attack challenge
setTimeout(function () {
db.reviews.findOne({ _id: id }).then(review => {
var likedBy = review.likedBy
likedBy.push(user.data.email)
var count = 0
for (var i = 0; i < likedBy.length; i++) {
if (likedBy[i] === user.data.email) {
count++
}
}
utils.solveIf(challenges.timingAttackChallenge, () => { return count > 2 })
db.reviews.update(
{ _id: id },
{ $set: { likedBy: likedBy } }
).then(
result => {
res.json(result)
}, err => {
res.status(500).json(err)
})
}, () => {
res.status(400).json({ error: 'Wrong Params' })
})
}, 150)
}, err => {
res.status(500).json(err)
})
} else {
res.status(403).json({ error: 'Not allowed' })
}
}, () => {
res.status(400).json({ error: 'Wrong Params' })
})
}
}
Loading