ajinabraham.njsscan.xml_entity_expansion_dos.node_entity_expansion

profile photo of ajinabrahamajinabraham
Author
1,129
Download Count*
GPLv3
License

User controlled data in XML Parsers can result in XML Internal Entity Processing vulnerabilities like in DoS.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: node_entity_expansion
    patterns:
      - pattern-either:
          - pattern-inside: function ($REQ, $RES, ...) {...}
          - pattern-inside: function $FUNC($REQ, $RES, ...) {...}
          - pattern-inside: $X = function $FUNC($REQ, $RES, ...) {...}
          - pattern-inside: var $X = function $FUNC($REQ, $RES, ...) {...};
          - pattern-inside: $APP.$METHOD(..., function $FUNC($REQ, $RES, ...) {...})
      - pattern-either:
          - pattern: |
              $PARSER = new expat.Parser()
              ...
              $PARSER.write(..., <... $REQ.$QUERY ...>, ...)
          - pattern: |
              $PARSER = new expat.Parser()
              ...
              $PARSER.write(..., <... $REQ.$QUERY.$FOO ...>, ...)
          - pattern: |
              $PARSER = new expat.Parser()
              ...
              $PARSER.write(..., <... $REQ.$QUERY.$FOO.$FILE ...>, ...)
    message: User controlled data in XML Parsers can result in XML Internal Entity
      Processing vulnerabilities like in DoS.
    languages:
      - javascript
    severity: ERROR
    metadata:
      owasp-web: a4
      cwe: cwe-776
      license: LGPL-3.0-or-later