apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-06 19:35:13 +02:00
Code Issues Projects Releases Packages Wiki Activity
nyx/tests/fixtures/go_server/server.go
Eli Peter f96a89e7c1
Feat/full cfg (#30) 
* feat: Enhance control flow analysis with function summaries and taint analysis

* feat: Update taint analysis to utilize function summaries for enhanced tracking

* Refactor `walk.rs` batch processing and override handling:

- Renamed `Batcher` to `BatchSender` for clarity.
- Added `BatchSender::new` constructor for cleaner initialization.
- Simplified batch size management in `BatchSender`.
- Extracted `build_overrides` function for reusable override construction.
- Improved error handling and validation in override building.
- Enhanced performance with directory and file type filtering in `walk`.

* Improve logging and streamline directory walk process:

- Added detailed `tracing` logs for debugging batch flushes, override construction, and walk initialization/completion.
- Optimized and simplified `filter_entry` logic for directory and file type filters.
- Improved metadata checks and max file size enforcement during the scan.

* Refactor and optimize taint tracking, label rules, and directory walk process:

- Replaced `DefaultHasher` with `blake3::Hasher` for improved taint hashing.
- Enhanced sorting and hashing logic in `taint.rs` for consistency and efficiency.
- Removed unused `set_hash` function and redundant imports across files.
- Improved batch sender logic in `walk.rs`, renaming key components for clarity.
- Unified `spawn_senders` and `spawn_file_walker` with thread handling and channel tuple return.
- Expanded label rules with additional matchers for sources, sanitizers, and sinks.
- Deprecated `dump_cfg` and specific logging utilities in `cfg.rs` for code cleanup.

* fix: fixed let chains error in walk.rs

* fix: updated dependencies

* fix: updated dependencies

* chore: Remove standard error in scan.rs

* feat: Introduce function summaries for enhanced taint and control flow analysis

* feat: Enhance taint analysis with interop support and function summaries

* feat: Add configuration analysis module and enhance matcher rules

* feat: Add arity column to function_summaries and handle schema migration

* fix: fixed clippy &PathBuf warnings

* chore: Update dependencies and versioning in Cargo files

* docs: Update README to enhance clarity and detail on features and analysis modes

* chore: Update CHANGELOG for version 0.2.0 with new features, changes, and fixes

* docs: Update SECURITY.md to clarify version support status

---------

Co-authored-by: elipeter <eli.peter@es.fcm.travel>
2026-02-24 23:44:07 -05:00

107 lines
3.2 KiB
Go
Raw Permalink Blame History

package main
import (
"database/sql"
"fmt"
"html"
"html/template"
"log"
"net/http"
"os"
"os/exec"
)
// ───── Handler: Execute system command from env ─────
// GET /admin/run
// Reads a maintenance command from the environment and executes it.
// VULN: os.Getenv flows into exec.Command (command injection)
func handleAdminRun(w http.ResponseWriter, r *http.Request) {
maintenanceCmd := os.Getenv("MAINTENANCE_CMD")
out, err := exec.Command("bash", "-c", maintenanceCmd).Output()
if err != nil {
http.Error(w, "command failed: "+err.Error(), 500)
return
}
fmt.Fprintf(w, "Output: %s", out)
}
// ───── Handler: Deploy from env config ─────
// POST /admin/deploy
// Constructs a deploy command from multiple env vars.
// VULN: os.Getenv flows into exec.Command
func handleDeploy(w http.ResponseWriter, r *http.Request) {
target := os.Getenv("DEPLOY_TARGET")
branch := os.Getenv("DEPLOY_BRANCH")
cmd := fmt.Sprintf("cd /opt/app && git checkout %s && ./deploy.sh %s", branch, target)
out, err := exec.Command("sh", "-c", cmd).CombinedOutput()
if err != nil {
log.Printf("deploy failed: %s\n%s", err, out)
http.Error(w, "deploy failed", 500)
return
}
fmt.Fprintf(w, "Deployed %s to %s", branch, target)
}
// ───── Handler: Database query from env ─────
// GET /admin/db-check
// Runs a diagnostic SQL query read from environment.
// VULN: os.Getenv flows into db.Query (SQL injection)
func handleDBCheck(db *sql.DB) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
diagnosticQuery := os.Getenv("DIAGNOSTIC_QUERY")
rows, err := db.Query(diagnosticQuery)
if err != nil {
http.Error(w, "query failed: "+err.Error(), 500)
return
}
defer rows.Close()
fmt.Fprintln(w, "Query executed successfully")
}
}
// ───── Handler: Database exec from env ─────
// POST /admin/db-migrate
// Runs a migration statement from environment config.
// VULN: os.Getenv flows into db.Exec (SQL injection)
func handleDBMigrate(db *sql.DB) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
migration := os.Getenv("MIGRATION_SQL")
_, err := db.Exec(migration)
if err != nil {
http.Error(w, "migration failed: "+err.Error(), 500)
return
}
fmt.Fprintln(w, "Migration complete")
}
}
// ───── Handler: Safe output (HTML escaped) ─────
// GET /api/greet
// SAFE: user input properly escaped with html.EscapeString
func handleGreet(w http.ResponseWriter, r *http.Request) {
name := os.Getenv("DEFAULT_GREETING")
safeName := html.EscapeString(name)
fmt.Fprintf(w, "<h1>Hello, %s</h1>", safeName)
}
// ───── Handler: Safe URL encoding ─────
// GET /api/safe-redirect
// SAFE: URL properly escaped with url.QueryEscape before use
func handleSafeRedirect(w http.ResponseWriter, r *http.Request) {
// This would use url.QueryEscape in real code
target := os.Getenv("REDIRECT_URL")
safeTarget := template.HTMLEscapeString(target)
http.Redirect(w, r, "/go?url="+safeTarget, http.StatusFound)
}
func main() {
http.HandleFunc("/admin/run", handleAdminRun)
http.HandleFunc("/admin/deploy", handleDeploy)
log.Fatal(http.ListenAndServe(":8080", nil))
}
Reference in a new issue View git blame Copy permalink