From d70e30d667914e13b3f52d9c8cbdb09dc3aae815 Mon Sep 17 00:00:00 2001 From: David Roe Date: Tue, 10 Oct 2023 14:44:34 +0100 Subject: [PATCH] feat: add symfony cookies rule --- rules/php/symfony/cookies.yml | 38 ++++++++ .../cookies/__snapshots__/test.js.snap | 96 +++++++++++++++++++ tests/php/symfony/cookies/test.js | 16 ++++ tests/php/symfony/cookies/testdata/bad.php | 6 ++ tests/php/symfony/cookies/testdata/ok.php | 6 ++ 5 files changed, 162 insertions(+) create mode 100644 rules/php/symfony/cookies.yml create mode 100644 tests/php/symfony/cookies/__snapshots__/test.js.snap create mode 100644 tests/php/symfony/cookies/test.js create mode 100644 tests/php/symfony/cookies/testdata/bad.php create mode 100644 tests/php/symfony/cookies/testdata/ok.php diff --git a/rules/php/symfony/cookies.yml b/rules/php/symfony/cookies.yml new file mode 100644 index 000000000..483d667e1 --- /dev/null +++ b/rules/php/symfony/cookies.yml @@ -0,0 +1,38 @@ +patterns: + - pattern: | + $::create($<_>, $$<...>) + filters: + - variable: CLASS + regex: \A(Symfony\\Component\\HttpFoundation\\)?Cookie\z + - variable: DATA_TYPE + detection: datatype + scope: result + - pattern: | + new $($<_>, $$<...>) + filters: + - variable: CLASS + regex: \A(Symfony\\Component\\HttpFoundation\\)?Cookie\z + - variable: DATA_TYPE + detection: datatype + scope: result +languages: + - php +metadata: + description: "Sensitive data stored in a cookie detected." + remediation_message: | + ## Description + + Storing sensitive data in cookies can lead to a data breach. This rule looks for instances where sensitive data is stored in browser cookies. + + ## Remediations + + āŒ Avoid storing sensitive data in unencrypted cookies: + + ```php + $cookie = Cookie::create("user_email", $user->email); + ``` + cwe_id: + - 315 + - 539 + id: php_symfony_cookies + documentation_url: https://docs.bearer.com/reference/rules/php_symfony_cookies diff --git a/tests/php/symfony/cookies/__snapshots__/test.js.snap b/tests/php/symfony/cookies/__snapshots__/test.js.snap new file mode 100644 index 000000000..7443c3a75 --- /dev/null +++ b/tests/php/symfony/cookies/__snapshots__/test.js.snap @@ -0,0 +1,96 @@ +// Jest Snapshot v1, https://goo.gl/fbAQLP + +exports[`php_symfony_cookies bad 1`] = ` +"{ + "high": [ + { + "cwe_ids": [ + "315", + "539" + ], + "id": "php_symfony_cookies", + "title": "Sensitive data stored in a cookie detected.", + "description": "## Description\\n\\nStoring sensitive data in cookies can lead to a data breach. This rule looks for instances where sensitive data is stored in browser cookies.\\n\\n## Remediations\\n\\nāŒ Avoid storing sensitive data in unencrypted cookies:\\n\\n\`\`\`php\\n$cookie = Cookie::create(\\"user_email\\", $user->email);\\n\`\`\`\\n", + "documentation_url": "https://docs.bearer.com/reference/rules/php_symfony_cookies", + "line_number": 5, + "full_filename": "/tmp/bearer-scan/bad.php", + "filename": ".", + "data_type": { + "category_uuid": "cef587dd-76db-430b-9e18-7b031e1a193b", + "name": "Email Address" + }, + "category_groups": [ + "PII", + "Personal Data" + ], + "source": { + "start": 5, + "end": 5, + "column": { + "start": 53, + "end": 65 + } + }, + "sink": { + "start": 5, + "end": 5, + "column": { + "start": 31, + "end": 66 + }, + "content": "Cookie::create('foo', $user->email)" + }, + "parent_line_number": 5, + "snippet": "Cookie::create('foo', $user->email)", + "fingerprint": "535bbb3f15a98ed2e1531ccacf6d0165_0", + "old_fingerprint": "52064a029f9879585df19320e29f6653_0", + "code_extract": "$response->headers->setCookie(Cookie::create('foo', $user->email));" + }, + { + "cwe_ids": [ + "315", + "539" + ], + "id": "php_symfony_cookies", + "title": "Sensitive data stored in a cookie detected.", + "description": "## Description\\n\\nStoring sensitive data in cookies can lead to a data breach. This rule looks for instances where sensitive data is stored in browser cookies.\\n\\n## Remediations\\n\\nāŒ Avoid storing sensitive data in unencrypted cookies:\\n\\n\`\`\`php\\n$cookie = Cookie::create(\\"user_email\\", $user->email);\\n\`\`\`\\n", + "documentation_url": "https://docs.bearer.com/reference/rules/php_symfony_cookies", + "line_number": 6, + "full_filename": "/tmp/bearer-scan/bad.php", + "filename": ".", + "data_type": { + "category_uuid": "cef587dd-76db-430b-9e18-7b031e1a193b", + "name": "Email Address" + }, + "category_groups": [ + "PII", + "Personal Data" + ], + "source": { + "start": 6, + "end": 6, + "column": { + "start": 49, + "end": 61 + } + }, + "sink": { + "start": 6, + "end": 6, + "column": { + "start": 31, + "end": 62 + }, + "content": "new Cookie('foo', $user->email)" + }, + "parent_line_number": 6, + "snippet": "new Cookie('foo', $user->email)", + "fingerprint": "535bbb3f15a98ed2e1531ccacf6d0165_1", + "old_fingerprint": "52064a029f9879585df19320e29f6653_1", + "code_extract": "$response->headers->setCookie(new Cookie('foo', $user->email));" + } + ] +}" +`; + +exports[`php_symfony_cookies ok 1`] = `"{}"`; diff --git a/tests/php/symfony/cookies/test.js b/tests/php/symfony/cookies/test.js new file mode 100644 index 000000000..bca0fa61e --- /dev/null +++ b/tests/php/symfony/cookies/test.js @@ -0,0 +1,16 @@ +const { createInvoker, getEnvironment } = require("../../../helper.js") +const { ruleId, ruleFile, testBase } = getEnvironment(__dirname) + +describe(ruleId, () => { + const invoke = createInvoker(ruleId, ruleFile, testBase) + + test("bad", () => { + const testCase = "bad.php" + expect(invoke(testCase)).toMatchSnapshot() + }) + + test("ok", () => { + const testCase = "ok.php" + expect(invoke(testCase)).toMatchSnapshot() + }) +}) diff --git a/tests/php/symfony/cookies/testdata/bad.php b/tests/php/symfony/cookies/testdata/bad.php new file mode 100644 index 000000000..f991e03ab --- /dev/null +++ b/tests/php/symfony/cookies/testdata/bad.php @@ -0,0 +1,6 @@ +headers->setCookie(Cookie::create('foo', $user->email)); +$response->headers->setCookie(new Cookie('foo', $user->email)); diff --git a/tests/php/symfony/cookies/testdata/ok.php b/tests/php/symfony/cookies/testdata/ok.php new file mode 100644 index 000000000..f135785e0 --- /dev/null +++ b/tests/php/symfony/cookies/testdata/ok.php @@ -0,0 +1,6 @@ +headers->setCookie(Cookie::create('foo', $ok)); +$response->headers->setCookie(new Cookie('foo', $ok));