synced/qryn
1
0
Fork 0
mirror of https://github.com/metrico/qryn.git synced 2025-03-14 10:07:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix security alerts

Browse Source
This commit is contained in:
akvlad
2024-09-03 15:28:08 +03:00
parent 316b392f2e
commit 422c99225e
5 changed files with 2568 additions and 2554 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
jest.config.js
View File

@ -2,6 +2,6 @@ const path = require('path')
module.exports = {
setupFilesAfterEnv: [path.join(__dirname, '/test/jest.setup.js')],
moduleNameMapper: {
'^axios$': 'axios/dist/node/axios.cjs'
'^axios$': require.resolve('axios'),//'axios/dist/node/axios.cjs'
}
}

40
parser/bnf.js
View File

@ -79,21 +79,35 @@ compiler._ParseScript = compiler.ParseScript
compiler.ParseScript = function (script) {
const qLiterals = []
const aqLiterals = []
const quotedStrings = script.replaceAll(/"([^"\\]|\\.)*"/g, (str) => {
if (str.length < 512) {
return str
let _script = script
let res = ''
let qsMatch = _script.match(/^([^"]*)("([^"\\]|\\.)*")?/)
while (qsMatch && qsMatch[0]) {
let repl = qsMatch[2] || ''
if (repl.length > 512) {
qLiterals.push(repl)
repl = `"QL_${qLiterals.length - 1}"`
}
qLiterals.push(str)
return `"QL_${qLiterals.length - 1}"`
})
const aQuotedStrings = quotedStrings.replaceAll(/`([^`\\]|\\.)*`/g, (str) => {
if (str.length < 512) {
return str
res = res + qsMatch[1] + repl
_script = _script.slice(qsMatch[0].length)
qsMatch = _script.match(/^([^"]*)("([^"\\]|\\.)*")?/)
}
_script = res
res = ''
qsMatch = _script.match(/^([^`]*)(`([^`\\]|\\.)*`)?/)
while (qsMatch && qsMatch[0]) {
let repl = qsMatch[2] || ''
if (repl.length > 512) {
aqLiterals.push(repl)
repl = `\`AL_${qLiterals.length - 1}\``
}
aqLiterals.push(str)
return `\`AL_${aqLiterals.length - 1}\``
})
const parsedScript = this._ParseScript(aQuotedStrings)
res = res + qsMatch[1] + repl
_script = _script.slice(qsMatch[0].length)
qsMatch = _script.match(/^([^`]*)(`([^`\\]|\\.)*`)?/)
}
const parsedScript = this._ParseScript(res)
if (!parsedScript) {
return parsedScript
}

4
qryn_node.js
View File

@ -124,7 +124,7 @@ let fastify = require('fastify')({
done()
}))
await fastify.register(require('@fastify/compress'), {
encodings: ['gzip'],
encodings: ['gzip']/*,
zlib: {
createGzip: () => {
const deflator = new pako.Deflate({ gzip: true })
@ -152,7 +152,7 @@ let fastify = require('fastify')({
}
return res
}
}
}*/
})
await fastify.register(require('@fastify/url-data'))
await fastify.register(require('@fastify/websocket'))

150
test/__snapshots__/parser.test.js.snap
View File

@ -1,8 +1,8 @@
// Jest Snapshot v1, https://goo.gl/fbAQLP
exports[`should compile regex 1`] = `
"SCRIPT: abcd\\\\(
SYNTAX: abcd\\\\(
"SCRIPT: abcd\\(
SYNTAX: abcd\\(
literal: a
letter: a
literal: b
@ -11,20 +11,20 @@ exports[`should compile regex 1`] = `
letter: c
literal: d
letter: d
literal: \\\\(
quoted_brack: \\\\(
literal: \\(
quoted_brack: \\(
"
`;
exports[`should compile regex 2`] = `
"SCRIPT: (a\\\\(bc)
SYNTAX: (a\\\\(bc)
any_group: (a\\\\(bc)
group_tail: a\\\\(bc
"SCRIPT: (a\\(bc)
SYNTAX: (a\\(bc)
any_group: (a\\(bc)
group_tail: a\\(bc
literal: a
letter: a
literal: \\\\(
quoted_brack: \\\\(
literal: \\(
quoted_brack: \\(
literal: b
letter: b
literal: c
@ -33,26 +33,26 @@ exports[`should compile regex 2`] = `
`;
exports[`should compile regex 3`] = `
"SCRIPT: (?<label1>a[^\\\\[\\\\(\\\\)]bc)
SYNTAX: (?<label1>a[^\\\\[\\\\(\\\\)]bc)
any_group: (?<label1>a[^\\\\[\\\\(\\\\)]bc)
"SCRIPT: (?<label1>a[^\\[\\(\\)]bc)
SYNTAX: (?<label1>a[^\\[\\(\\)]bc)
any_group: (?<label1>a[^\\[\\(\\)]bc)
group_name: ?<label1>
label: label1
group_tail: a[^\\\\[\\\\(\\\\)]bc
group_tail: a[^\\[\\(\\)]bc
literal: a
letter: a
literal: [
letter: [
literal: ^
letter: ^
literal: \\\\
letter: \\\\
literal: \\
letter: \\
literal: [
letter: [
literal: \\\\(
quoted_brack: \\\\(
literal: \\\\)
quoted_brack: \\\\)
literal: \\(
quoted_brack: \\(
literal: \\)
quoted_brack: \\)
literal: ]
letter: ]
literal: b
@ -63,28 +63,28 @@ exports[`should compile regex 3`] = `
`;
exports[`should compile regex 4`] = `
"SCRIPT: (a(?<label1>[^\\\\[\\\\(\\\\)]bc))
SYNTAX: (a(?<label1>[^\\\\[\\\\(\\\\)]bc))
any_group: (a(?<label1>[^\\\\[\\\\(\\\\)]bc))
group_tail: a(?<label1>[^\\\\[\\\\(\\\\)]bc)
"SCRIPT: (a(?<label1>[^\\[\\(\\)]bc))
SYNTAX: (a(?<label1>[^\\[\\(\\)]bc))
any_group: (a(?<label1>[^\\[\\(\\)]bc))
group_tail: a(?<label1>[^\\[\\(\\)]bc)
literal: a
letter: a
any_group: (?<label1>[^\\\\[\\\\(\\\\)]bc)
any_group: (?<label1>[^\\[\\(\\)]bc)
group_name: ?<label1>
label: label1
group_tail: [^\\\\[\\\\(\\\\)]bc
group_tail: [^\\[\\(\\)]bc
literal: [
letter: [
literal: ^
letter: ^
literal: \\\\
letter: \\\\
literal: \\
letter: \\
literal: [
letter: [
literal: \\\\(
quoted_brack: \\\\(
literal: \\\\)
quoted_brack: \\\\)
literal: \\(
quoted_brack: \\(
literal: \\)
quoted_brack: \\)
literal: ]
letter: ]
literal: b
@ -95,18 +95,18 @@ exports[`should compile regex 4`] = `
`;
exports[`should compile regex 5`] = `
"SCRIPT: (a[\\\\(\\\\)]+(?<l2>b)(?<label1>[^\\\\[\\\\(\\\\)]bc))
SYNTAX: (a[\\\\(\\\\)]+(?<l2>b)(?<label1>[^\\\\[\\\\(\\\\)]bc))
any_group: (a[\\\\(\\\\)]+(?<l2>b)(?<label1>[^\\\\[\\\\(\\\\)]bc))
group_tail: a[\\\\(\\\\)]+(?<l2>b)(?<label1>[^\\\\[\\\\(\\\\)]bc)
"SCRIPT: (a[\\(\\)]+(?<l2>b)(?<label1>[^\\[\\(\\)]bc))
SYNTAX: (a[\\(\\)]+(?<l2>b)(?<label1>[^\\[\\(\\)]bc))
any_group: (a[\\(\\)]+(?<l2>b)(?<label1>[^\\[\\(\\)]bc))
group_tail: a[\\(\\)]+(?<l2>b)(?<label1>[^\\[\\(\\)]bc)
literal: a
letter: a
literal: [
letter: [
literal: \\\\(
quoted_brack: \\\\(
literal: \\\\)
quoted_brack: \\\\)
literal: \\(
quoted_brack: \\(
literal: \\)
quoted_brack: \\)
literal: ]
letter: ]
literal: +
@ -117,22 +117,22 @@ exports[`should compile regex 5`] = `
group_tail: b
literal: b
letter: b
any_group: (?<label1>[^\\\\[\\\\(\\\\)]bc)
any_group: (?<label1>[^\\[\\(\\)]bc)
group_name: ?<label1>
label: label1
group_tail: [^\\\\[\\\\(\\\\)]bc
group_tail: [^\\[\\(\\)]bc
literal: [
letter: [
literal: ^
letter: ^
literal: \\\\
letter: \\\\
literal: \\
letter: \\
literal: [
letter: [
literal: \\\\(
quoted_brack: \\\\(
literal: \\\\)
quoted_brack: \\\\)
literal: \\(
quoted_brack: \\(
literal: \\)
quoted_brack: \\)
literal: ]
letter: ]
literal: b
@ -142,71 +142,71 @@ exports[`should compile regex 5`] = `
"
`;
exports[`should erase names 1`] = `"abcd\\\\("`;
exports[`should erase names 1`] = `"abcd\\("`;
exports[`should erase names 2`] = `"(a\\\\(bc)"`;
exports[`should erase names 2`] = `"(a\\(bc)"`;
exports[`should erase names 3`] = `"(a[^\\\\[\\\\(\\\\)]bc)"`;
exports[`should erase names 3`] = `"(a[^\\[\\(\\)]bc)"`;
exports[`should erase names 4`] = `"(a([^\\\\[\\\\(\\\\)]bc))"`;
exports[`should erase names 4`] = `"(a([^\\[\\(\\)]bc))"`;
exports[`should erase names 5`] = `"(a[\\\\(\\\\)]+(b)([^\\\\[\\\\(\\\\)]bc))"`;
exports[`should erase names 5`] = `"(a[\\(\\)]+(b)([^\\[\\(\\)]bc))"`;
exports[`should get named groups 1`] = `Array []`;
exports[`should get named groups 1`] = `[]`;
exports[`should get named groups 2`] = `
Array [
Object {
"val": "a\\\\(bc",
[
{
"val": "a\\(bc",
},
]
`;
exports[`should get named groups 3`] = `
Array [
Object {
[
{
"name": "label1",
"val": "a[^\\\\[\\\\(\\\\)]bc",
"val": "a[^\\[\\(\\)]bc",
},
]
`;
exports[`should get named groups 4`] = `
Array [
Object {
"val": "a(?<label1>[^\\\\[\\\\(\\\\)]bc)",
[
{
"val": "a(?<label1>[^\\[\\(\\)]bc)",
},
Object {
{
"name": "label1",
"val": "[^\\\\[\\\\(\\\\)]bc",
"val": "[^\\[\\(\\)]bc",
},
]
`;
exports[`should get named groups 5`] = `
Array [
Object {
"val": "a[\\\\(\\\\)]+(?<l2>b)(?<label1>[^\\\\[\\\\(\\\\)]bc)",
[
{
"val": "a[\\(\\)]+(?<l2>b)(?<label1>[^\\[\\(\\)]bc)",
},
Object {
{
"name": "l2",
"val": "b",
},
Object {
{
"name": "label1",
"val": "[^\\\\[\\\\(\\\\)]bc",
"val": "[^\\[\\(\\)]bc",
},
]
`;
exports[`should process regex 1`] = `
Object {
"labels": Array [
Object {
{
"labels": [
{
"name": "helper",
"val": "[a-zA-Z0-9]+",
},
Object {
{
"name": "token",
"val": "[a-zA-Z]+",
},

4926
test/__snapshots__/transpiler.test.js.snap
View File

File diff suppressed because it is too large Load Diff