This commit is contained in:
Eli Peter 2026-06-05 10:16:30 -05:00 committed by GitHub
parent 55247b7fcd
commit 991c84a1eb
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1464 changed files with 225448 additions and 1985 deletions

View file

@ -0,0 +1,11 @@
// Phase 21 — Express middleware benign control.
const _NYX_ADAPTER_MARKER = "require('express')";
function audit(req, res, next) {
const body = String(req.body || '');
if (body.length > 1024) return res.end('too large');
if (typeof next === 'function') next();
return 'ok';
}
module.exports = { audit };

View file

@ -0,0 +1,17 @@
// Phase 21 (Track M.3) — Express middleware vuln fixture.
//
// `audit(req, res, next)` is mounted via `app.use(audit)`. It splices
// the request body into a shell command via `execSync`.
const _NYX_ADAPTER_MARKER = "require('express')";
const _NYX_REGISTER_MARKER = "app.use(audit)";
const { execSync } = require('child_process');
function audit(req, res, next) {
// SINK: tainted req.body concatenated into shell command.
const out = execSync('echo ' + String(req.body || '')).toString();
if (typeof next === 'function') next();
return out;
}
module.exports = { audit };