javascript.lang.security.detect-buffer-noassert.detect-buffer-noassert

Community Favorite
profile photo of semgrepsemgrep
Author
32,881
Download Count*
LGPL Commons Clause
License

Detected usage of noassert in Buffer API, which allows the offset the be beyond the end of the buffer. This could result in writing or reading beyond the end of the buffer.

Run Locally

Run in CI

Semgrep CI docs

Defintion

Edit RuleView Source
Open in Playground 
rules:
  - id: detect-buffer-noassert
    message: Detected usage of noassert in Buffer API, which allows the offset the
      be beyond the end of the buffer. This could result in writing or reading
      beyond the end of the buffer.
    metadata:
      cwe:
        - "CWE-119: Improper Restriction of Operations within the Bounds of a
          Memory Buffer"
      source-rule-url: https://github.com/nodesecurity/eslint-plugin-security/blob/master/rules/detect-buffer-noassert.js
      category: security
      technology:
        - javascript
      cwe2022-top25: true
      cwe2021-top25: true
      subcategory:
        - audit
      likelihood: LOW
      impact: HIGH
      confidence: LOW
      references:
        - https://cwe.mitre.org/data/definitions/119.html
      license: Commons Clause License Condition v1.0[LGPL-2.1-only]
      vulnerability_class:
        - Memory Issues
    languages:
      - javascript
      - typescript
    severity: WARNING
    patterns:
      - pattern: $OBJ.$API(..., true)
      - metavariable-regex:
          metavariable: $API
          regex: (read|write)(U?Int8|(U?Int(16|32)|Float|Double)(LE|BE))

Examples

detect-buffer-noassert.js

// ok:detect-buffer-noassert
a.readUInt8(0)

// ok:detect-buffer-noassert
a.readUInt8(0, false)

// ruleid:detect-buffer-noassert
a.readUInt8(0, true)

// ruleid:detect-buffer-noassert
a.writeFloatLE(0, true)