Amazon CodeGuruDetector Library Sign in to CodeGuru

CodeGuru

Detector Library

JSX detectors (78/78)

Protection mechanism failure Log injection Insecure connection using unencrypted protocol Use of a deprecated method AWS credentials logged Improper input validation Insecure cryptography Catch and swallow exception File and directory information exposure Origins-verified cross-origin communications SQL injection Non-literal regular expression Typeof expression Batch request with unchecked failures Pseudorandom number generators Cryptographic key generator Server-side request forgery Sensitive information leak File injection String passed to `setInterval` or `setTimeout`Cross-site request forgery Usage of an API that is not recommended Tainted input for Docker API Cross-site scripting Weak obfuscation of web requests Unauthenticated Amazon SNS unsubscribe requests might succeed Set SNS Return Subscription ARN XML external entity Resource leak Improper access control Loose file permissions OS command injection Client-side KMS reencryption Insecure CORS policy Inefficient polling of AWS resource New function detected Missing pagination Avoid nan in comparison Header injection Hardcoded credentials File extension validation NoSQL injection Missing Amazon S3 bucket owner condition Disabled HTML autoescape Least privilege violation URL redirection to untrusted site Insufficiently protected credentials Insecure hashing Unsanitized input is run as code Check failed records when using kinesis Untrusted Amazon Machine Images Session fixation Data loss in a batch request XPath injection Deserialization of untrusted object Invoke super appropriately Stack trace exposure Timing attack LDAP injection Insecure cookie Sensitive data stored unencrypted due to partial encryption Unvalidated expansion of archive files Integer overflow SNS don't bind subscribe and publish Unverified hostname Improper restriction of rendered UI layers or frames AWS client not reused in a Lambda function Path traversal Override of reserved variable names in a Lambda function Insecure temporary file or directory Logging of sensitive information Hardcoded IP address Insecure object attribute modification Numeric truncation error DNS prefetching Limit request length Sendfile injection Improper certificate validation

NoSQL injection High

Use of user-provided input that is not properly sanitized can lead to injection attacks. Injection of JSON code into an application can enable injection attacks against a NoSQL database.

Detector ID

jsx/nosql-injection@v1.0

Category

Common Weakness Enumeration (CWE)

Tags

# injection # top25-cwes

Noncompliant example

1var AWS = require('aws-sdk')
2var express = require("express")
3var app = express()
4function noSqlInjectionNoncompliant() {
5    app.get('/api/getallusers', function(req,res) {
6        var docClient = new AWS.DynamoDB.DocumentClient({region: "us-east-1"});
7        var params= req.body.params
8        // Noncompliant: external user input can be vulnerable to injection attacks.
9        docClient.scan(params, function(err, data) {
10            if (err) {
11                console.log("Error", err)
12            } else {
13                data.Items.forEach(function(element, index, array) {
14                    console.log(element.Title.S + " (" + element.Subtitle.S + ")")
15                })
16            }
17       })
18    })
19}

Compliant example

1var AWS = require('aws-sdk')
2var express = require("express")
3var app = express()
4function noSqlInjectionCompliant() {
5    app.get('/api/getallusers', function (req, res){
6       var docClient = new AWS.DynamoDB.DocumentClient({region: "us-east-1"});
7       var params = {
8            TableName: "dynamodb-example-node",
9            ProjectionExpression: "user_id, username, user_age",
10       }
11       // Compliant: should not use external input in `scan` API.
12       docClient.scan(params, function (err, data) {
13            if (err) {
14                console.log(err)
15            } else {
16                res.status(200).json({ "status": 1, "message": "user exists", "data": data.Items })
17            }
18       })
19    })
20}