All files / src/rules dangerous_statement.ts

86.54% Statements 45/52
84.78% Branches 39/46
100% Functions 7/7
86.54% Lines 45/52

Press n or j to go to the next uncovered block, b, p or k for the previous block.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 901x 1x 1x 1x 1x     1x   14529x   14529x   14529x   14529x 14529x 14529x 14529x 14529x 14529x 14529x 14529x     1x   7265x     21663x                 4x       7008x       114x       134x   134x 732x 732x 732x 1x 731x 1x 730x 1x 729x 1x 728x   728x   728x   728x   728x   728x   728x       732x 4x       134x        
import * as Statements from "../abap/2_statements/statements";
import {Issue} from "../issue";
import {ABAPRule} from "./_abap_rule";
import {BasicRuleConfig} from "./_basic_rule_config";
import {IRuleMetadata, RuleTag} from "./_irule";
import {ABAPFile} from "../abap/abap_file";
 
export class DangerousStatementConf extends BasicRuleConfig {
  /** Detects execSQL (dynamic SQL) */
  public execSQL: boolean = true;
  /** Detects kernel calls */
  public kernelCall: boolean = true;
  /** Detects SYSTEM-CALL */
  public systemCall: boolean = true;
  /** Detects INSERT REPORT */
  public insertReport: boolean = true;
  public generateDynpro: boolean = true;
  public generateReport: boolean = true;
  public generateSubroutine: boolean = true;
  public deleteReport: boolean = true;
  public deleteTextpool: boolean = true;
  public deleteDynpro: boolean = true;
  public importDynpro: boolean = true;
}
 
export class DangerousStatement extends ABAPRule {
 
  private conf = new DangerousStatementConf();
 
  public getMetadata(): IRuleMetadata {
    return {
      key: "dangerous_statement",
      title: "Dangerous statement",
      shortDescription: `Detects potentially dangerous statements`,
      tags: [RuleTag.SingleFile, RuleTag.Security],
    };
  }
 
  private getDescription(statement: string): string {
    return "Potential dangerous statement " + statement;
  }
 
  public getConfig() {
    return this.conf;
  }
 
  public setConfig(conf: DangerousStatementConf) {
    this.conf = conf;
  }
 
  public runParsed(file: ABAPFile) {
    const issues: Issue[] = [];
 
    for (const statementNode of file.getStatements()) {
      const statement = statementNode.get();
      let message: string | undefined = undefined;
      if (this.conf.execSQL && statement instanceof Statements.ExecSQL) {
        message = "EXEC SQL";
      } else if (this.conf.kernelCall && statement instanceof Statements.CallKernel) {
        message = "KERNEL CALL";
      } else if (this.conf.systemCall && statement instanceof Statements.SystemCall) {
        message = "SYSTEM-CALL";
      } else if (this.conf.insertReport && statement instanceof Statements.InsertReport) {
        message = "INSERT REPORT";
      } else Iif (this.conf.generateDynpro && statement instanceof Statements.GenerateDynpro) {
        message = "GENERATE DYNPRO";
      } else Iif (this.conf.generateReport && statement instanceof Statements.GenerateReport) {
        message = "GENERATE REPORT";
      } else Iif (this.conf.generateSubroutine && statement instanceof Statements.GenerateSubroutine) {
        message = "GENERATE SUBROUTINE";
      } else Iif (this.conf.deleteReport && statement instanceof Statements.DeleteReport) {
        message = "DELETE REPORT";
      } else Iif (this.conf.deleteTextpool && statement instanceof Statements.DeleteTextpool) {
        message = "DELETE TEXTPOOL";
      } else Iif (this.conf.deleteDynpro && statement instanceof Statements.DeleteDynpro) {
        message = "DELETE DYNPRO";
      } else Iif (this.conf.importDynpro && statement instanceof Statements.ImportDynpro) {
        message = "IMPORT DYNPRO";
      }
 
      if (message) {
        issues.push(Issue.atStatement(file, statementNode, this.getDescription(message), this.getMetadata().key, this.conf.severity));
      }
    }
 
    return issues;
  }
 
}