hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-06 15:44:01 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
9432fec612e338f9fdf0844e2be5867560d2ac13
codeql/javascript/ql/src/Security/CWE-730/ServerCrash.qhelp
Max Schaefer 9432fec612 JavaScript: Improve qhelp for js/server-crash. 
The examples now use `fs.access` instead of the deprecated `fs.exists`. I have also rewritten the async/await example, since as of Node.js v15 the default behaviour for uncaught exceptions has changed to terminating the process instead of logging a warning, making the previous advice incorrect.
2023-07-17 14:44:23 +01:00

83 lines
1.9 KiB
XML
Raw Blame History

<!DOCTYPE qhelp PUBLIC
"-//Semmle//qhelp//EN"
"qhelp.dtd">
<qhelp>
<overview>
<p>
Servers handle requests from clients until terminated
deliberately by a server administrator. A client request that results
in an uncaught server-side exception causes the current server
response generation to fail, and should not have an effect on
subsequent client requests.
</p>
<p>
Under some circumstances, uncaught exceptions can however
cause the entire server to terminate abruptly. Such a behavior is
highly undesirable, especially if it gives malicious users the ability
to turn off the server at will, which is an efficient
denial-of-service attack.
</p>
</overview>
<recommendation>
<p>
Ensure that the processing of client requests can not cause
uncaught exceptions to terminate the entire server abruptly.
</p>
</recommendation>
<example>
<p>
The following server code checks if a client-provided file path is valid
before saving data to it. It would be reasonable to expect that the
server responds with an error response to client requests with invalid
file paths. However, the server instead throws an exception, which is
uncaught in the context of the asynchronous callback invocation
(<code>fs.access(...)</code>). This causes the entire server to
terminate abruptly.
</p>
<sample src="examples/server-crash.BAD.js"/>
<p>
To remedy this, the server can catch the exception explicitly with
a <code>try/catch</code> block, and generate an appropriate error
response instead:
</p>
<sample src="examples/server-crash.GOOD-A.js"/>
<p>
To simplify exception handling, it may be advisable to switch to
async/await syntax instead of using callbacks, which allows wrapping the
entire request handler in a <code>try/catch</code> block:
</p>
<sample src="examples/server-crash.GOOD-B.js"/>
</example>
<references>
</references>
</qhelp>
Reference in New Issue View Git Blame Copy Permalink