Skip to content

Commit

Permalink
remove spawnSync not needed test
Browse files Browse the repository at this point in the history
  • Loading branch information
@IlyasShabi
IlyasShabi committed Dec 18, 2024
1 parent 55130e3 commit 709d0c3
Show file tree
Hide file tree
Showing 2 changed files with 0 additions and 40 deletions.
12 changes: 0 additions & 12 deletions packages/dd-trace/test/appsec/rasp/command_injection.integration.spec.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -129,17 +129,5 @@ describe('RASP - command_injection - integration', () => {
'/cmdi/execFileSync/out-of-express-scope?command=cat /etc/passwd 1>&2 ; echo .', 4, 'exec'
)
})

it('should abort spawnSync operation handled by express', async () => {
await testRequestBlocked(
'/cmdi/spawnSync?command=/sbin/reboot', 4, 'exec'
)
})

it('should abort spawnSync operation outside of express scope', async () => {
await testRequestBlocked(
'/cmdi/spawnSync/out-of-express-scope?command=/sbin/reboot', 4, 'exec'
)
})
})
})
28 changes: 0 additions & 28 deletions packages/dd-trace/test/appsec/rasp/resources/shi-app/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -53,34 +53,6 @@ app.get('/cmdi/execFileSync/out-of-express-scope', async (req, res) => {
})
})

app.get('/cmdi/spawnSync', async (req, res) => {
const result = childProcess.spawnSync(req.query.command)

if (result.error?.name === 'DatadogRaspAbortError') {
res.status(403).json({
error: 'DatadogRaspAbortError'
})
return
}

res.end('OK')
})

app.get('/cmdi/spawnSync/out-of-express-scope', async (req, res) => {
process.nextTick(() => {
const result = childProcess.spawnSync(req.query.command)

if (result.error?.name === 'DatadogRaspAbortError') {
res.status(403).json({
error: 'DatadogRaspAbortError'
})
return
}

res.end('OK')
})
})

app.listen(port, () => {
process.send({ port })
})

0 comments on commit 709d0c3

Please sign in to comment.