Remove filename from error output

pdehaan · pdehaan · commit 4fb6db2aa092 · 2017-06-02T18:05:17.000-07:00
diff --git a/rules/detect-buffer-noassert.js b/rules/detect-buffer-noassert.js
@@ -47,11 +47,6 @@ module.exports = function(context) {
         "writeDoubleBE"
     ];
 
-
-    var getSource = function (token) {
-        return token.loc.start.line+ ':  ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
-    }
-
     return {
         "MemberExpression": function (node) {
             var index;
@@ -63,7 +58,7 @@ module.exports = function(context) {
 
             if (index && node.parent && node.parent.arguments && node.parent.arguments[index] &&  node.parent.arguments[index].value) {
                 var token = context.getTokens(node)[0];
-                return context.report(node, 'Found Buffer.' + node.property.name + ' with noAssert flag set true:\n\t' + getSource(token));
+                return context.report(node, 'Found Buffer.' + node.property.name + ' with noAssert flag set true');
                 
             }
         }
diff --git a/rules/detect-child-process.js b/rules/detect-child-process.js
@@ -13,10 +13,6 @@ module.exports = function(context) {
 
     "use strict";
 
-    var getSource = function (token) {
-        return token.loc.start.line+ ':  ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
-    }
-
     return {
         "CallExpression": function (node) {
             var token = context.getTokens(node)[0];
@@ -28,15 +24,15 @@ module.exports = function(context) {
                     } else if (node.parent.type === 'AssignmentExpression' && node.parent.operator === '=') {
                         names.push(node.parent.left.name);
                     }
-                    return context.report(node, 'Found require("child_process")\n\t' + getSource(token));
+                    return context.report(node, 'Found require("child_process")');
                 }
             }
         },
         "MemberExpression": function (node) {
             var token = context.getTokens(node)[0];
             if (node.property.name === 'exec' && names.indexOf(node.object.name) > -1) {
                 if (node.parent && node.parent.arguments  && node.parent.arguments[0].type !== 'Literal') {
-                    return context.report(node, 'Found child_process.exec() with non Literal first argument\n\t' + getSource(token));
+                    return context.report(node, 'Found child_process.exec() with non Literal first argument');
                 }
             }
         }
diff --git a/rules/detect-new-buffer.js b/rules/detect-new-buffer.js
@@ -1,11 +1,4 @@
 module.exports = function (context) {
-
-    var getSource = function (node) {
-        var token = context.getTokens(node)[0];
-        return token.loc.start.line+ ':  ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
-    }
-
-
     // Detects instances of new Buffer(argument)
     // where argument is any non literal value.
     return {
@@ -14,7 +7,7 @@ module.exports = function (context) {
           node.arguments[0] &&
           node.arguments[0].type != 'Literal') {
 
-          return context.report(node, "Found new Buffer\n\t" + getSource(node));
+          return context.report(node, "Found new Buffer");
         }
 
 
diff --git a/rules/detect-non-literal-fs-filename.js b/rules/detect-non-literal-fs-filename.js
@@ -15,10 +15,6 @@ module.exports = function(context) {
 
     "use strict";
 
-    var getSource = function (token) {
-        return token.loc.start.line+ ':  ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
-    }
-
     return {
         "MemberExpression": function (node) {
             var result = [];
@@ -36,13 +32,13 @@ module.exports = function(context) {
 
             if (result.length > 0) {
                 var token = context.getTokens(node)[0];
-                return context.report(node, 'Found fs.' + node.property.name + ' with non literal argument at index ' + result.join(',') + '\n\t' + getSource(token));
+                return context.report(node, 'Found fs.' + node.property.name + ' with non literal argument at index ' + result.join(','));
             }
 
 
             /*
             if (node.parent && node.parent.arguments && node.parent.arguments[index].value) {
-                return context.report(node, 'found Buffer.' + node.property.name + ' with noAssert flag set true:\n\t' + getSource(token));
+                return context.report(node, 'found Buffer.' + node.property.name + ' with noAssert flag set true');
 
             }
             */
diff --git a/rules/detect-non-literal-regexp.js b/rules/detect-non-literal-regexp.js
@@ -12,16 +12,13 @@ module.exports = function(context) {
 
         "use strict";
 
-        var getSource = function(token) {
-                return token.loc.start.line + ':  ' + context.getSourceLines().slice(token.loc.start.line - 1, token.loc.end.line).join('\n\t');
-        }
         return {
                 "NewExpression": function(node) {
                         if (node.callee.name === 'RegExp') {
                                 var args = node.arguments;
                                 if (args && args.length > 0 && args[0].type !== 'Literal') {
                                         var token = context.getTokens(node)[0];
-                                        return context.report(node, 'Found non-literal argument to RegExp Constructor\n\t' + getSource(token));
+                                        return context.report(node, 'Found non-literal argument to RegExp Constructor');
                                 }
                         }
 
diff --git a/rules/detect-non-literal-require.js b/rules/detect-non-literal-require.js
@@ -11,17 +11,13 @@ module.exports = function(context) {
 
     "use strict";
 
-    var getSource = function (token) {
-        return token.loc.start.line+ ':  ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
-    }
-
     return {
         "CallExpression": function (node) {
             if (node.callee.name === 'require') {
                 var args = node.arguments;
                 if (args && args.length > 0 && args[0].type !== 'Literal') {
                     var token = context.getTokens(node)[0];
-                    return context.report(node, 'Found non-literal argument in require\n\t' + getSource(token));
+                    return context.report(node, 'Found non-literal argument in require');
                 }
             }
 
diff --git a/rules/detect-object-injection.js b/rules/detect-object-injection.js
@@ -59,13 +59,13 @@ var isChanged = false;
                     var token = context.getTokens(node)[0];
                     if (node.property.type === 'Identifier') {
                         if (node.parent.type === 'VariableDeclarator') {
-   context.report(node, 'Variable Assigned to Object Injection Sink: ' + context.getFilename() + ': ' + token.loc.start.line+ '\n\t' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t') + '\n\n');
+   context.report(node, 'Variable Assigned to Object Injection Sink');
     
                         } else if (node.parent.type === 'CallExpression') {
                         //    console.log(node.parent)
-  context.report(node, 'Function Call Object Injection Sink: ' + context.getFilename() + ': ' + token.loc.start.line+ '\n\t' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t') + '\n\n');
+  context.report(node, 'Function Call Object Injection Sink');
                         } else {
-                        context.report(node, 'Generic Object Injection Sink: ' + context.getFilename() + ': ' + token.loc.start.line+ '\n\t' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t') + '\n\n');
+                        context.report(node, 'Generic Object Injection Sink');
     
                         }
 
diff --git a/rules/detect-possible-timing-attacks.js b/rules/detect-possible-timing-attacks.js
@@ -32,10 +32,6 @@ module.exports = function(context) {
 
     "use strict";
 
-    var getSource = function (token) {
-        return token.loc.start.line+ ':  ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
-    }
-
     return {
         "IfStatement": function(node) {
             if (node.test && node.test.type === 'BinaryExpression') {
@@ -46,14 +42,14 @@ module.exports = function(context) {
                     if (node.test.left) {
                     var left = containsKeyword(node.test.left);
                         if (left) {
-                            return context.report(node, "Potential timing attack, left side: " + left + '\n\t' + getSource(token));
+                            return context.report(node, "Potential timing attack, left side: " + left);
                         }
                     }
 
                     if (node.test.right) {
                     var right = containsKeyword(node.test.right);
                         if (right) {
-                            return context.report(node, "Potential timing attack, right side: " + right + '\n\t' + getSource(token));
+                            return context.report(node, "Potential timing attack, right side: " + right);
                         }
                     }
                 }
diff --git a/rules/detect-pseudoRandomBytes.js b/rules/detect-pseudoRandomBytes.js
@@ -11,15 +11,11 @@ module.exports = function(context) {
 
     "use strict";
 
-    var getSource = function (token) {
-        return token.loc.start.line+ ':  ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');
-    }
-
     return {
         "MemberExpression": function (node) {
             if (node.property.name === 'pseudoRandomBytes') {
                 var token = context.getTokens(node)[0];
-                return context.report(node, 'Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers:\n\t' + getSource(token));
+                return context.report(node, 'Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers');
             }
         }
 
diff --git a/test/detect-buffer-noassert.js b/test/detect-buffer-noassert.js
@@ -14,7 +14,7 @@ tester.run(ruleName, Rule, {
   invalid: [
     {
       code: invalid,
-      errors: [{ message: `Found Buffer.readUInt8 with noAssert flag set true:\n\t1:  ${invalid}` }]
+      errors: [{ message: 'Found Buffer.readUInt8 with noAssert flag set true' }]
     }
   ]
 });
@@ -24,7 +24,7 @@ tester.run(`${ruleName} (false)`, Rule, {
   invalid: [
     {
       code: invalid,
-      errors: [{ message: `Found Buffer.readUInt8 with noAssert flag set true:\n\t1:  ${invalid}` }]
+      errors: [{ message: 'Found Buffer.readUInt8 with noAssert flag set true' }]
     }
   ]
 });
diff --git a/test/detect-child-process.js b/test/detect-child-process.js
@@ -16,7 +16,7 @@ tester.run(`${ruleName} (require("child_process"))`, Rule, {
   invalid: [
     {
       code: invalidRequire,
-      errors: [{ message: `Found require("child_process")\n\t1:  ${invalidRequire}` }]
+      errors: [{ message: 'Found require("child_process")' }]
     }
   ]
 });
@@ -28,8 +28,8 @@ tester.run(`${ruleName} (child_process.exec() wih non literal 1st arg.)`, Rule,
     {
       code: invalidExec,
       errors: [
-        { message: `Found require("child_process")\n\t1:  ${invalidExec}` },
-        { message: `Found child_process.exec() with non Literal first argument\n\t1:  ${invalidExec}` }]
+        { message: 'Found require("child_process")' },
+        { message: 'Found child_process.exec() with non Literal first argument' }]
     }
   ]
 });
diff --git a/test/detect-new-buffer.js b/test/detect-new-buffer.js
@@ -12,7 +12,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
   invalid: [
     {
       code: invalid,
-      errors: [{ message: `Found new Buffer\n\t1:  ${invalid}` }]
+      errors: [{ message: 'Found new Buffer' }]
     }
   ]
 });
diff --git a/test/detect-non-literal-fs-filename.js b/test/detect-non-literal-fs-filename.js
@@ -13,7 +13,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
   invalid: [
     {
       code: invalid,
-      errors: [{ message: `Found fs.open with non literal argument at index 0\n\t1:  ${invalid}` }]
+      errors: [{ message: 'Found fs.open with non literal argument at index 0' }]
     }
   ]
 });
diff --git a/test/detect-non-literal-regexp.js b/test/detect-non-literal-regexp.js
@@ -12,7 +12,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
   invalid: [
     {
       code: invalid,
-      errors: [{ message: `Found non-literal argument to RegExp Constructor\n\t1:  ${invalid}` }]
+      errors: [{ message: 'Found non-literal argument to RegExp Constructor' }]
     }
   ]
 });
diff --git a/test/detect-non-literal-require.js b/test/detect-non-literal-require.js
@@ -12,7 +12,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
   invalid: [
     {
       code: invalid,
-      errors: [{ message: `Found non-literal argument in require\n\t1:  ${invalid}` }]
+      errors: [{ message: 'Found non-literal argument in require' }]
     }
   ]
 });
diff --git a/test/detect-object-injection.js b/test/detect-object-injection.js
@@ -19,7 +19,7 @@ const invalidGeneric = 'var a = {}; a[b] = 4';
 //   invalid: [
 //     {
 //       code: invalidVariable,
-//       errors: [{ message: `Variable Assigned to Object Injection Sink: <input>: 1\n\t${invalidVariable}\n\n` }]
+//       errors: [{ message: 'Variable Assigned to Object Injection Sink' }]
 //     }
 //   ]
 // });
@@ -41,7 +41,7 @@ tester.run(`${ruleName} (Generic)`, Rule, {
   invalid: [
     {
       code: invalidGeneric,
-      errors: [{ message: `Generic Object Injection Sink: <input>: 1\n\t${invalidGeneric}\n\n` }]
+      errors: [{ message: 'Generic Object Injection Sink' }]
     }
   ]
 });
diff --git a/test/detect-possible-timing-attacks.js b/test/detect-possible-timing-attacks.js
@@ -19,7 +19,7 @@ tester.run(`${ruleName} (left side)`, Rule, {
   invalid: [
     {
       code: invalidLeft,
-      errors: [{ message: `Potential timing attack, left side: true\n\t1:  ${invalidLeft}` }]
+      errors: [{ message: 'Potential timing attack, left side: true' }]
     }
   ]
 });
@@ -30,7 +30,7 @@ tester.run(`${ruleName} (right side)`, Rule, {
   invalid: [
     {
       code: invalidRigth,
-      errors: [{ message: `Potential timing attack, right side: true\n\t1:  ${invalidRigth}` }]
+      errors: [{ message: 'Potential timing attack, right side: true' }]
     }
   ]
 });
diff --git a/test/detect-pseudoRandomBytes.js b/test/detect-pseudoRandomBytes.js
@@ -12,7 +12,7 @@ tester.run(ruleName, require(`../rules/${ruleName}`), {
   invalid: [
     {
       code: invalid,
-      errors: [{ message: `Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers:\n\t1:  ${invalid}` }]
+      errors: [{ message: 'Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers' }]
     }
   ]
 });

Original file line number	Diff line number	Diff line change
`@@ -13,10 +13,6 @@ module.exports = function(context) {`
`13`	`13`
`14`	`14`	`"use strict";`
`15`	`15`
`16`		`- var getSource = function (token) {`
`17`		`- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');`
`18`		`- }`
`19`		`-`
`20`	`16`	`return {`
`21`	`17`	`"CallExpression": function (node) {`
`22`	`18`	`var token = context.getTokens(node)[0];`
`@@ -28,15 +24,15 @@ module.exports = function(context) {`
`28`	`24`	`} else if (node.parent.type === 'AssignmentExpression' && node.parent.operator === '=') {`
`29`	`25`	`names.push(node.parent.left.name);`
`30`	`26`	`}`
`31`		`- return context.report(node, 'Found require("child_process")\n\t' + getSource(token));`
	`27`	`+ return context.report(node, 'Found require("child_process")');`
`32`	`28`	`}`
`33`	`29`	`}`
`34`	`30`	`},`
`35`	`31`	`"MemberExpression": function (node) {`
`36`	`32`	`var token = context.getTokens(node)[0];`
`37`	`33`	`if (node.property.name === 'exec' && names.indexOf(node.object.name) > -1) {`
`38`	`34`	`if (node.parent && node.parent.arguments && node.parent.arguments[0].type !== 'Literal') {`
`39`		`- return context.report(node, 'Found child_process.exec() with non Literal first argument\n\t' + getSource(token));`
	`35`	`+ return context.report(node, 'Found child_process.exec() with non Literal first argument');`
`40`	`36`	`}`
`41`	`37`	`}`
`42`	`38`	`}`
Original file line number	Diff line number	Diff line change
`@@ -32,10 +32,6 @@ module.exports = function(context) {`
`32`	`32`
`33`	`33`	`"use strict";`
`34`	`34`
`35`		`- var getSource = function (token) {`
`36`		`- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');`
`37`		`- }`
`38`		`-`
`39`	`35`	`return {`
`40`	`36`	`"IfStatement": function(node) {`
`41`	`37`	`if (node.test && node.test.type === 'BinaryExpression') {`
`@@ -46,14 +42,14 @@ module.exports = function(context) {`
`46`	`42`	`if (node.test.left) {`
`47`	`43`	`var left = containsKeyword(node.test.left);`
`48`	`44`	`if (left) {`
`49`		`- return context.report(node, "Potential timing attack, left side: " + left + '\n\t' + getSource(token));`
	`45`	`+ return context.report(node, "Potential timing attack, left side: " + left);`
`50`	`46`	`}`
`51`	`47`	`}`
`52`	`48`
`53`	`49`	`if (node.test.right) {`
`54`	`50`	`var right = containsKeyword(node.test.right);`
`55`	`51`	`if (right) {`
`56`		`- return context.report(node, "Potential timing attack, right side: " + right + '\n\t' + getSource(token));`
	`52`	`+ return context.report(node, "Potential timing attack, right side: " + right);`
`57`	`53`	`}`
`58`	`54`	`}`
`59`	`55`	`}`
Original file line number	Diff line number	Diff line change
`@@ -11,15 +11,11 @@ module.exports = function(context) {`
`11`	`11`
`12`	`12`	`"use strict";`
`13`	`13`
`14`		`- var getSource = function (token) {`
`15`		`- return token.loc.start.line+ ': ' + context.getSourceLines().slice(token.loc.start.line-1, token.loc.end.line).join('\n\t');`
`16`		`- }`
`17`		`-`
`18`	`14`	`return {`
`19`	`15`	`"MemberExpression": function (node) {`
`20`	`16`	`if (node.property.name === 'pseudoRandomBytes') {`
`21`	`17`	`var token = context.getTokens(node)[0];`
`22`		`- return context.report(node, 'Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers:\n\t' + getSource(token));`
	`18`	`+ return context.report(node, 'Found crypto.pseudoRandomBytes which does not produce cryptographically strong numbers');`
`23`	`19`	`}`
`24`	`20`	`}`
`25`	`21`
Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ tester.run(ruleName, Rule, {`
`14`	`14`	`invalid: [`
`15`	`15`	`{`
`16`	`16`	`code: invalid,`
`17`		- errors: [{ message: `Found Buffer.readUInt8 with noAssert flag set true:\n\t1: ${invalid}` }]
	`17`	`+ errors: [{ message: 'Found Buffer.readUInt8 with noAssert flag set true' }]`
`18`	`18`	`}`
`19`	`19`	`]`
`20`	`20`	`});`
@@ -24,7 +24,7 @@ tester.run(`${ruleName} (false)`, Rule, {
`24`	`24`	`invalid: [`
`25`	`25`	`{`
`26`	`26`	`code: invalid,`
`27`		- errors: [{ message: `Found Buffer.readUInt8 with noAssert flag set true:\n\t1: ${invalid}` }]
	`27`	`+ errors: [{ message: 'Found Buffer.readUInt8 with noAssert flag set true' }]`
`28`	`28`	`}`
`29`	`29`	`]`
`30`	`30`	`});`