Merge pull request #1680 from juice-shop/fix/code-snippet-dos

Fix Bug Causing `GET /snippets` Response To Grow on Every API Call
juice-shop · Sep 26, 2021 · caa7a43 · caa7a43
2 parents aa5adc1 + 4b8d500
commit caa7a43
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 5 deletions.
diff --git a/package.json b/package.json
@@ -198,6 +198,7 @@
     "@types/frisby": "^2.0.10",
     "@types/fs-extra": "^9.0.6",
     "@types/glob": "^7.1.3",
+    "@types/graceful-fs": "^4.1.5",
     "@types/i18n": "^0.12.0",
     "@types/jest": "^26.0.20",
     "@types/js-yaml": "^3.12.6",

diff --git a/routes/vulnCodeSnippet.ts b/routes/vulnCodeSnippet.ts
@@ -4,22 +4,31 @@
  */
 
 import { Request, Response, NextFunction } from 'express'
+import fs from 'graceful-fs'
+import actualFs from 'fs'
+
 const utils = require('../lib/utils')
 const challenges = require('../data/datacache').challenges
 const path = require('path')
-const fs = require('graceful-fs')
-fs.gracefulify(require('fs'))
 
-export const SNIPPET_PATHS = ['./server.ts', './routes', './lib', './data', './frontend/src/app']
+fs.gracefulify(actualFs)
+
+export const SNIPPET_PATHS = Object.freeze(['./server.ts', './routes', './lib', './data', './frontend/src/app'])
 
 const cache: any = {}
 
-export const fileSniff = async (paths: string[], match: RegExp) => {
+interface Match {
+  path: string
+  match: string
+}
+
+export const fileSniff = async (paths: readonly string[], match: RegExp): Promise<Match[]> => {
   const matches = []
   for (const currPath of paths) {
     if (fs.lstatSync(currPath).isDirectory()) {
       const files = fs.readdirSync(currPath)
-      for (const file of files) paths.push(path.resolve(currPath, file))
+      const moreMatches = await fileSniff(files.map(file => path.resolve(currPath, file)), match)
+      matches.push(...moreMatches)
     } else {
       const data = fs.readFileSync(currPath)
       const code = data.toString()