snyk-labs · DefenderK · Mar 1, 2024 · Mar 1, 2024 · Mar 5, 2024 · Mar 5, 2024
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -0,0 +1,16 @@
+version: '2.1'
+orbs:
+  snyk: snyk/[email protected]
+jobs:
+  build:
+    docker:
+      - image: cimg/node:lts
+    steps:
+      - checkout
+      - run: npm ci
+      - snyk/scan:
+          fail-on-issues: false
+          monitor-on-build: true
+          severity-threshold: high
+          token-variable: SNYK_TOKEN
+workflows: null
diff --git a/.github/snyk-pr-diff-amd64-linux b/.github/snyk-pr-diff-amd64-linux
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
diff --git a/.github/workflows/full-with-diff.test b/.github/workflows/full-with-diff.test
@@ -0,0 +1,61 @@
+name: Snyk Code PR Diff Scan
+
+on:
+  pull_request:
+   branches: [ main ]
+
+jobs:
+  snyk-pipeline:
+    runs-on: ubuntu-latest
+    name: Snyk Code PR Diff Scan
+    env:
+      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+    steps:
+    # Checkout base ref branch
+    - uses: actions/checkout@v3
+      with:
+        ref: ${{ github.base_ref }}
+    - name: Download Snyk
+      run: |
+         wget -O snyk https://static.snyk.io/cli/latest/snyk-linux
+         chmod +x ./snyk
+         mv ./snyk /usr/local/bin/
+
+    - name: Authenticate Snyk
+      run: snyk auth ${SNYK_TOKEN}
+
+    - name: Run Snyk Code
+      run: snyk code test --json-file-output=${{ github.workspace }}/snyk_code_baseline.json
+      continue-on-error: true
+
+    # Upload the Snyk Code results from the main branch
+    - uses: actions/upload-artifact@v3
+      with:
+         name: snyk_code_baseline
+         path: ${{ github.workspace }}/snyk_code_baseline.json
+
+    # Checkout PR branch
+    - uses: actions/checkout@v3
+    - name: Authenticate Snyk
+      run: snyk auth ${SNYK_TOKEN}
+
+    - name: Run Snyk Code
+      run: |
+        sleep 10s
+        snyk code test --json-file-output=${{ github.workspace }}/snyk_code_pr.json || true
+      continue-on-error: true
+
+    # Upload the Snyk Code results from the PR scan
+    - uses: actions/upload-artifact@v3
+      with:
+          name: snyk_code_pr
+          path: ${{ github.workspace }}/snyk_code_pr.json
+
+    - uses: actions/download-artifact@v3
+      with:
+        name: snyk_code_baseline
+
+    - name: Check if new issues have been introduced via the PR
+      run: |
+        chmod +x "${{ github.workspace }}/.github/snyk-pr-diff-amd64-linux"
+        ${{ github.workspace }}/.github/snyk-pr-diff-amd64-linux code ${{ github.workspace }}/snyk_code_baseline.json ${{ github.workspace }}/snyk_code_pr.json
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -0,0 +1,36 @@
+name: "Snyk Scan"
+
+on:
+  push:
+    branches:
+      - 'demo*'  # Include any branch starting with demo
+
+jobs:
+  Pipeline-Job:
+    # Configure Environment
+    name: 'Snyk Scan'
+    runs-on: ubuntu-latest
+    env:
+      SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+
+    steps:
+      # Checkout Code
+      - name: Checkout Code
+        uses: actions/checkout@v1
+
+      # Install and Authenticate to Snyk
+      - name: Install Snyk & Authenticate
+        run: |
+          sudo npm install -g snyk
+          sudo npm install -g snyk-delta
+          snyk auth ${SNYK_TOKEN}
+      # Run Snyk Code
+      - name: Run Snyk Code
+        run: |
+          snyk code test --report --project-name="GH_ACTION_CI" --severity-threshold=high 
+        continue-on-error: true
+      # Run Snyk OS
+      - name: Run Snyk OS
+        run: |
+          snyk test --json --print-deps | snyk-delta --baselineOrg 6d36ac7a-c75b-4179-8e73-6dd4d3fc8343 --baselineProject c8cfc88f-7bc5-4fc4-8474-3fa716593d4a --setPassIfNoBaseline true
+        continue-on-error: true
diff --git a/.github/workflows/snyk-code-manual.yml b/.github/workflows/snyk-code-manual.yml
diff --git a/.github/workflows/snyk-code.yml b/.github/workflows/snyk-code.yml
diff --git a/.github/workflows/snyk-test-sarif.yml b/.github/workflows/snyk-test-sarif.yml
diff --git a/app.js b/app.js
@@ -40,7 +40,7 @@ app.set('view engine', 'ejs');
 app.use(logger('dev'));
 app.use(methodOverride());
 app.use(session({
-  secret: 'keyboard cat',
+  // secret: 'keyboard cat',
   name: 'connect.sid',
   cookie: { path: '/' }
 }))
@@ -79,9 +79,11 @@ app.locals.marked = marked;
 if (app.get('env') == 'development') {
   app.use(errorHandler());
 }
-
+// Introduce Token
+/*
 var token = 'SECRET_TOKEN_f8ed84e8f41e4146403dd4a6bbcea5e418d23a9';
 console.log('token: ' + token);
+*/
 
 http.createServer(app).listen(app.get('port'), function () {
   console.log('Express server listening on port ' + app.get('port'));

diff --git a/push.sh b/push.sh
@@ -0,0 +1,10 @@
+#!/bin/bash
+
+# Stage all modified files
+git add .
+
+# Commit with a prompt for your message
+git commit -m "Dylan Fixing Issues"
+
+# Push your changes to the remote branch
+git push origin $(git branch --show-current)
diff --git a/routes/index.js b/routes/index.js
@@ -34,6 +34,9 @@ exports.index = function (req, res, next) {
     });
 };
 
+// Insert new vulnerable code:
+
+
 exports.loginHandler = function (req, res, next) {
   if (validator.isEmail(req.body.username)) {
     User.find({ username: req.body.username, password: req.body.password }, function (err, users) {
@@ -51,6 +54,53 @@ exports.loginHandler = function (req, res, next) {
   }
 };
 
+
+if (validator.isEmail(req.body.username)) {
+  User.find({ username: req.body.username, password: req.body.password }, function (err, users) {
+    if (users.length > 0) {
+      const redirectPage = req.body.redirectPage
+      const session = req.session
+      const username = req.body.username
+      return adminLoginSuccess(redirectPage, session, username, res)
+    } else {
+      return res.status(401).send()
+    }
+  });
+} else {
+  return res.status(401).send()
+};
+
+// Fixed code: validator.escape() is used to sanitize the input parameters (username and password) before using them in the database query.
+/*
+exports.loginHandler = function (req, res, next) {
+  // Validate if the username is in email format
+  if (validator.isEmail(req.body.username)) {
+    // Sanitize the username and password inputs
+    const username = validator.escape(req.body.username);
+    const password = validator.escape(req.body.password);
+
+    // Find the user with the provided username and password
+    User.find({ username: username, password: password }, function (err, users) {
+      if (err) {
+        // Handle error
+        return res.status(500).send("Internal Server Error");
+      }
+      // Check if users array is not empty
+      if (users.length > 0) {
+        const redirectPage = req.body.redirectPage;
+        const session = req.session;
+        const username = username;
+        return adminLoginSuccess(redirectPage, session, username, res);
+      } else {
+        return res.status(401).send("Unauthorized");
+      }
+    });
+  } else {
+    return res.status(401).send("Unauthorized");
+  }
+};
+*/
+
 function adminLoginSuccess(redirectPage, session, username, res) {
   session.loggedIn = 1
 
@@ -187,6 +237,8 @@ exports.create = function (req, res, next) {
   });
 };
 
+// Insert new vulnerable code:
+
 exports.destroy = function (req, res, next) {
   Todo.findById(req.params.id, function (err, todo) {
 
@@ -228,6 +280,7 @@ exports.update = function (req, res, next) {
   });
 };
 
+
 // ** express turns the cookie key to lowercase **
 exports.current_user = function (req, res, next) {