From 0b807a0af0f27792b4abb008ffa6f7251a519ee5 Mon Sep 17 00:00:00 2001 From: Jean <110341611+jean-michelet@users.noreply.github.com> Date: Tue, 16 Jan 2024 09:17:55 +0100 Subject: [PATCH] fix: bug#170 (#206) * Remove mockedFunction for Node.js test runner mock method * use Set to keep track literals removing doubles * add test ensuring doubles morse symbol does not trigger warnings --- src/SourceFile.js | 6 +++--- src/obfuscators/index.js | 2 +- test/obfuscated.spec.js | 7 +++++++ 3 files changed, 11 insertions(+), 4 deletions(-) diff --git a/src/SourceFile.js b/src/SourceFile.js index 5f93cf7..3b6eea2 100644 --- a/src/SourceFile.js +++ b/src/SourceFile.js @@ -30,9 +30,9 @@ export class SourceFile { computedMemberExpr: 0, memberExpr: 0, deepBinaryExpr: 0, - encodedArrayValue: 0, - morseLiteral: 0 + encodedArrayValue: 0 }; + morseLiterals = new Set(); identifiersName = []; constructor(sourceCodeString) { @@ -107,7 +107,7 @@ export class SourceFile { // Searching for morse string like "--.- --.--." if (Utils.isMorse(str)) { - this.counter.morseLiteral++; + this.morseLiterals.add(str); } } diff --git a/src/obfuscators/index.js b/src/obfuscators/index.js index 1293dbd..74d97e3 100644 --- a/src/obfuscators/index.js +++ b/src/obfuscators/index.js @@ -20,7 +20,7 @@ export function isObfuscatedCode(analysis) { else if (jjencode.verify(analysis)) { encoderName = "jjencode"; } - else if (analysis.counter.morseLiteral >= 36) { + else if (analysis.morseLiterals.size >= 36) { encoderName = "morse"; } else { diff --git a/test/obfuscated.spec.js b/test/obfuscated.spec.js index 4df4ead..5b7b186 100644 --- a/test/obfuscated.spec.js +++ b/test/obfuscated.spec.js @@ -36,6 +36,13 @@ test("should not detect 'morse' obfuscation", () => { assert.strictEqual(warnings.length, 0); }); +test("should not detect 'morse' obfuscation for high number of doubles morse symbols", () => { + const morseSymbolDoublesString = `const a = ${"'.' + '..' +".repeat(37)} '.'`; + const { warnings } = runASTAnalysis(morseSymbolDoublesString); + + assert.strictEqual(warnings.length, 0); +}); + test("should detect 'jjencode' obfuscation", () => { const trycatch = readFileSync( new URL("jjencode.js", FIXTURE_URL),