Skip to content

Commit

Permalink
Flexible match count, fix tests
Browse files Browse the repository at this point in the history
  • Loading branch information
timokoessler committed Dec 9, 2024
1 parent 8c403cc commit 3cec1c7
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 26 deletions.
30 changes: 8 additions & 22 deletions library/helpers/attackPath.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,8 @@ t.test("it gets paths to payload", async (t) => {
d: [12, "test", "payload"],
};

t.same(get("payload", testObj1), [".a.b.c", ".d.[2]"]);
t.same(get("payload", testObj1), [".a.b.c"]);
t.same(get("payload", testObj1, 2), [".a.b.c", ".d.[2]"]);
t.same(get("test", testObj1), [".d.[1]"]);
t.same(get("notfound", testObj1), []);

Expand All @@ -26,15 +27,11 @@ t.test("it gets paths to payload", async (t) => {
);

t.same(
get("string", [
get(
"string",
1,
true,
null,
undefined,
{ test: "test" },
"string",
]),
["string", 1, true, null, undefined, { test: "test" }, "string"],
2
),
[".[0]", ".[6]"]
);

Expand All @@ -58,19 +55,8 @@ t.test("it works with jwt", async (t) => {
t.same(get("notfound", testObj2), []);
});

t.test("maximum match count of 10", async (t) => {
t.test("set max count", async (t) => {
const testArr = Array.from({ length: 20 }, () => "test");

t.same(get("test", testArr), [
".[0]",
".[1]",
".[2]",
".[3]",
".[4]",
".[5]",
".[6]",
".[7]",
".[8]",
".[9]",
]);
t.same(get("test", testArr, 5), [".[0]", ".[1]", ".[2]", ".[3]", ".[4]"]);
});
9 changes: 5 additions & 4 deletions library/helpers/attackPath.ts
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
import { isPlainObject } from "./isPlainObject";
import { tryDecodeAsJWT } from "./tryDecodeAsJWT";

// Maximum match count to return
const MAX_MATCH_COUNT = 1;
// Default match count to return
const DEFAULT_MATCH_COUNT = 1;

export type PathPart =
| { type: "jwt" }
Expand Down Expand Up @@ -33,14 +33,15 @@ export function buildPathToPayload(pathToPayload: PathPart[]): string {

export function getPathsToPayload(
attackPayload: string,
obj: unknown
obj: unknown,
matchCount = DEFAULT_MATCH_COUNT
): string[] {
const matches: string[] = [];

const attackPayloadLowercase = attackPayload.toLowerCase();

const traverse = (value: unknown, path: PathPart[] = []) => {
if (matches.length >= MAX_MATCH_COUNT) {
if (matches.length >= matchCount) {
return;
}

Expand Down

0 comments on commit 3cec1c7

Please sign in to comment.