nyx/tests/fixtures/express_app/utils.js

var child_process = require("child_process");
var crypto = require("crypto");
var fs = require("fs");

// ───── Background job runner ─────

// Runs a job command read from environment.
// VULN: process.env flows into child_process.exec
function runScheduledJob() {
    var jobCmd = process.env.CRON_JOB_CMD;
    child_process.exec(jobCmd, function(err, stdout, stderr) {
        if (err) {
            console.error("Job failed:", stderr);
            return;
        }
        console.log("Job output:", stdout);
    });
}

// Spawns a worker process from environment config.
// VULN: process.env flows into child_process.spawn
function spawnWorker() {
    var workerBin = process.env.WORKER_BINARY;
    var workerArgs = process.env.WORKER_ARGS.split(" ");
    var proc = child_process.spawn(workerBin, workerArgs);
    proc.stdout.on("data", function(data) {
        console.log("Worker: " + data);
    });
}

// ───── Template rendering helper ─────

// Renders user-visible content by injecting location data.
// VULN: window.location flows into innerHTML
function renderBreadcrumb() {
    var currentPath = document.location.pathname;
    var parts = currentPath.split("/");
    var html = parts.map(function(p) {
        return "<a href='/" + p + "'>" + p + "</a>";
    }).join(" &gt; ");
    document.getElementById("breadcrumb").innerHTML = html;
}

// ───── URL redirect handler ─────

// VULN: location.href assignment from user-controlled data
function handleExternalRedirect() {
    var target = window.location.hash.substring(1);
    window.location.href = target;
}

// ───── Markdown rendering ─────

// Uses document.write to render parsed markdown.
// VULN: document.write with dynamic content
function renderMarkdown(markdownHtml) {
    document.write("<div class='markdown'>" + markdownHtml + "</div>");
}

// ───── Insecure hashing ─────

// Uses MD5 for password hashing.
// VULN: weak hash algorithm
function hashPassword(password) {
    return crypto.createHash("md5").update(password).digest("hex");
}

// ───── Dynamic regex from user input ─────

// VULN: RegExp with user-controlled pattern (ReDoS risk)
function searchLogs(pattern) {
    var re = new RegExp(pattern, "gi");
    return logs.filter(function(line) { return re.test(line); });
}

// ───── Safe utility ─────

// SAFE: no taint flows, pure computation
function calculateChecksum(data) {
    return crypto.createHash("sha256").update(data).digest("hex");
}
Feat/full cfg (#30) * feat: Enhance control flow analysis with function summaries and taint analysis * feat: Update taint analysis to utilize function summaries for enhanced tracking * Refactor `walk.rs` batch processing and override handling: - Renamed `Batcher` to `BatchSender` for clarity. - Added `BatchSender::new` constructor for cleaner initialization. - Simplified batch size management in `BatchSender`. - Extracted `build_overrides` function for reusable override construction. - Improved error handling and validation in override building. - Enhanced performance with directory and file type filtering in `walk`. * Improve logging and streamline directory walk process: - Added detailed `tracing` logs for debugging batch flushes, override construction, and walk initialization/completion. - Optimized and simplified `filter_entry` logic for directory and file type filters. - Improved metadata checks and max file size enforcement during the scan. * Refactor and optimize taint tracking, label rules, and directory walk process: - Replaced `DefaultHasher` with `blake3::Hasher` for improved taint hashing. - Enhanced sorting and hashing logic in `taint.rs` for consistency and efficiency. - Removed unused `set_hash` function and redundant imports across files. - Improved batch sender logic in `walk.rs`, renaming key components for clarity. - Unified `spawn_senders` and `spawn_file_walker` with thread handling and channel tuple return. - Expanded label rules with additional matchers for sources, sanitizers, and sinks. - Deprecated `dump_cfg` and specific logging utilities in `cfg.rs` for code cleanup. * fix: fixed let chains error in walk.rs * fix: updated dependencies * fix: updated dependencies * chore: Remove standard error in scan.rs * feat: Introduce function summaries for enhanced taint and control flow analysis * feat: Enhance taint analysis with interop support and function summaries * feat: Add configuration analysis module and enhance matcher rules * feat: Add arity column to function_summaries and handle schema migration * fix: fixed clippy &PathBuf warnings * chore: Update dependencies and versioning in Cargo files * docs: Update README to enhance clarity and detail on features and analysis modes * chore: Update CHANGELOG for version 0.2.0 with new features, changes, and fixes * docs: Update SECURITY.md to clarify version support status --------- Co-authored-by: elipeter <eli.peter@es.fcm.travel> 2026-02-24 23:44:07 -05:00			`var child_process = require("child_process");`
			`var crypto = require("crypto");`
			`var fs = require("fs");`

			`// ───── Background job runner ─────`

			`// Runs a job command read from environment.`
			`// VULN: process.env flows into child_process.exec`
			`function runScheduledJob() {`
			`var jobCmd = process.env.CRON_JOB_CMD;`
			`child_process.exec(jobCmd, function(err, stdout, stderr) {`
			`if (err) {`
			`console.error("Job failed:", stderr);`
			`return;`
			`}`
			`console.log("Job output:", stdout);`
			`});`
			`}`

			`// Spawns a worker process from environment config.`
			`// VULN: process.env flows into child_process.spawn`
			`function spawnWorker() {`
			`var workerBin = process.env.WORKER_BINARY;`
			`var workerArgs = process.env.WORKER_ARGS.split(" ");`
			`var proc = child_process.spawn(workerBin, workerArgs);`
			`proc.stdout.on("data", function(data) {`
			`console.log("Worker: " + data);`
			`});`
			`}`

			`// ───── Template rendering helper ─────`

			`// Renders user-visible content by injecting location data.`
			`// VULN: window.location flows into innerHTML`
			`function renderBreadcrumb() {`
			`var currentPath = document.location.pathname;`
			`var parts = currentPath.split("/");`
			`var html = parts.map(function(p) {`
			`return "<a href='/" + p + "'>" + p + "</a>";`
			`}).join(" > ");`
			`document.getElementById("breadcrumb").innerHTML = html;`
			`}`

			`// ───── URL redirect handler ─────`

			`// VULN: location.href assignment from user-controlled data`
			`function handleExternalRedirect() {`
			`var target = window.location.hash.substring(1);`
			`window.location.href = target;`
			`}`

			`// ───── Markdown rendering ─────`

			`// Uses document.write to render parsed markdown.`
			`// VULN: document.write with dynamic content`
			`function renderMarkdown(markdownHtml) {`
			`document.write("<div class='markdown'>" + markdownHtml + "</div>");`
			`}`

			`// ───── Insecure hashing ─────`

			`// Uses MD5 for password hashing.`
			`// VULN: weak hash algorithm`
			`function hashPassword(password) {`
			`return crypto.createHash("md5").update(password).digest("hex");`
			`}`

			`// ───── Dynamic regex from user input ─────`

			`// VULN: RegExp with user-controlled pattern (ReDoS risk)`
			`function searchLogs(pattern) {`
			`var re = new RegExp(pattern, "gi");`
			`return logs.filter(function(line) { return re.test(line); });`
			`}`

			`// ───── Safe utility ─────`

			`// SAFE: no taint flows, pure computation`
			`function calculateChecksum(data) {`
			`return crypto.createHash("sha256").update(data).digest("hex");`
			`}`