(WIP) start adding tests for code backdooring rule

Threagile · May 24, 2024 · 69128be · 69128be
1 parent 020a961
commit 69128be
Show file tree

Hide file tree

Showing 3 changed files with 124 additions and 16 deletions.
diff --git a/pkg/security/risks/builtin/accidental_secret_leak_rule_test.go b/pkg/security/risks/builtin/accidental_secret_leak_rule_test.go
@@ -7,7 +7,7 @@ import (
 	"github.com/threagile/threagile/pkg/security/types"
 )
 
-func TestGenerateRisksEmptyModelNotRisksCreated(t *testing.T) {
+func TestAccidentalSecretLeakRuleGenerateRisksEmptyModelNotRisksCreated(t *testing.T) {
 	rule := NewAccidentalSecretLeakRule()
 
 	risks, err := rule.GenerateRisks(&types.Model{})
@@ -16,7 +16,7 @@ func TestGenerateRisksEmptyModelNotRisksCreated(t *testing.T) {
 	assert.Empty(t, risks)
 }
 
-func TestGenerateRisksOutOfScopeNotRisksCreated(t *testing.T) {
+func TestAccidentalSecretLeakRuleGenerateRisksOutOfScopeNotRisksCreated(t *testing.T) {
 	rule := NewAccidentalSecretLeakRule()
 
 	risks, err := rule.GenerateRisks(&types.Model{
@@ -31,7 +31,7 @@ func TestGenerateRisksOutOfScopeNotRisksCreated(t *testing.T) {
 	assert.Empty(t, risks)
 }
 
-func TestGenerateRisksTechAssetNotContainSecretsNotRisksCreated(t *testing.T) {
+func TestAccidentalSecretLeakRuleGenerateRisksTechAssetNotContainSecretsNotRisksCreated(t *testing.T) {
 	rule := NewAccidentalSecretLeakRule()
 
 	risks, err := rule.GenerateRisks(&types.Model{
@@ -54,7 +54,7 @@ func TestGenerateRisksTechAssetNotContainSecretsNotRisksCreated(t *testing.T) {
 	assert.Empty(t, risks)
 }
 
-func TestGenerateRisksTechAssetGitContainSecretsRisksCreated(t *testing.T) {
+func TestAccidentalSecretLeakRuleGenerateRisksTechAssetGitContainSecretsRisksCreated(t *testing.T) {
 	rule := NewAccidentalSecretLeakRule()
 
 	risks, err := rule.GenerateRisks(&types.Model{
@@ -78,7 +78,7 @@ func TestGenerateRisksTechAssetGitContainSecretsRisksCreated(t *testing.T) {
 	assert.Contains(t, risks[0].Title, "Accidental Secret Leak (Git)")
 }
 
-func TestGenerateRisksTechAssetNotGitContainSecretsRisksCreated(t *testing.T) {
+func TestAccidentalSecretLeakRuleGenerateRisksTechAssetNotGitContainSecretsRisksCreated(t *testing.T) {
 	rule := NewAccidentalSecretLeakRule()
 
 	risks, err := rule.GenerateRisks(&types.Model{
@@ -101,7 +101,7 @@ func TestGenerateRisksTechAssetNotGitContainSecretsRisksCreated(t *testing.T) {
 	assert.Equal(t, "<b>Accidental Secret Leak</b> risk at <b></b>", risks[0].Title)
 }
 
-func TestGenerateRisksTechAssetProcessStrictlyConfidentialDataAssetHighImpactRiskCreated(t *testing.T) {
+func TestAccidentalSecretLeakRuleGenerateRisksTechAssetProcessStrictlyConfidentialDataAssetHighImpactRiskCreated(t *testing.T) {
 	rule := NewAccidentalSecretLeakRule()
 
 	risks, err := rule.GenerateRisks(&types.Model{

diff --git a/pkg/security/risks/builtin/code_backdooring_rule.go b/pkg/security/risks/builtin/code_backdooring_rule.go
@@ -52,7 +52,7 @@ func (r *CodeBackdooringRule) GenerateRisks(parsedModel *types.Model) ([]*types.
 		technicalAsset := parsedModel.TechnicalAssets[id]
 		if !technicalAsset.OutOfScope && technicalAsset.Technologies.GetAttribute(types.IsDevelopmentRelevant) {
 			if technicalAsset.Internet {
-				risks = append(risks, r.createRisk(parsedModel, technicalAsset, true))
+				risks = append(risks, r.createRisk(parsedModel, technicalAsset))
 				continue
 			}
 
@@ -61,7 +61,7 @@ func (r *CodeBackdooringRule) GenerateRisks(parsedModel *types.Model) ([]*types.
 			for _, callerLink := range parsedModel.IncomingTechnicalCommunicationLinksMappedByTargetId[technicalAsset.Id] {
 				caller := parsedModel.TechnicalAssets[callerLink.SourceId]
 				if (!callerLink.VPN && caller.Internet) || caller.OutOfScope {
-					risks = append(risks, r.createRisk(parsedModel, technicalAsset, true))
+					risks = append(risks, r.createRisk(parsedModel, technicalAsset))
 					break
 				}
 			}
@@ -70,18 +70,13 @@ func (r *CodeBackdooringRule) GenerateRisks(parsedModel *types.Model) ([]*types.
 	return risks, nil
 }
 
-func (r *CodeBackdooringRule) createRisk(input *types.Model, technicalAsset *types.TechnicalAsset, elevatedRisk bool) *types.Risk {
+func (r *CodeBackdooringRule) createRisk(input *types.Model, technicalAsset *types.TechnicalAsset) *types.Risk {
 	title := "<b>Code Backdooring</b> risk at <b>" + technicalAsset.Title + "</b>"
 	impact := types.LowImpact
 	if !technicalAsset.Technologies.GetAttribute(types.CodeInspectionPlatform) {
-		if elevatedRisk {
-			impact = types.MediumImpact
-		}
+		impact = types.MediumImpact
 		if technicalAsset.HighestProcessedConfidentiality(input) >= types.Confidential || technicalAsset.HighestProcessedIntegrity(input) >= types.Critical {
-			impact = types.MediumImpact
-			if elevatedRisk {
-				impact = types.HighImpact
-			}
+			impact = types.HighImpact
 		}
 	}
 	// data breach at all deployment targets

diff --git a/pkg/security/risks/builtin/code_backdooring_rule_test.go b/pkg/security/risks/builtin/code_backdooring_rule_test.go
@@ -0,0 +1,113 @@
+package builtin
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	"github.com/threagile/threagile/pkg/security/types"
+)
+
+func TestCodeBackdooringRuleGenerateRisksEmptyModelNotRisksCreated(t *testing.T) {
+	rule := NewCodeBackdooringRule()
+
+	risks, err := rule.GenerateRisks(&types.Model{})
+
+	assert.Nil(t, err)
+	assert.Empty(t, risks)
+}
+
+func TestCodeBackdooringRuleGenerateRisksOutOfScopeNotRisksCreated(t *testing.T) {
+	rule := NewCodeBackdooringRule()
+
+	risks, err := rule.GenerateRisks(&types.Model{
+		TechnicalAssets: map[string]*types.TechnicalAsset{
+			"ta1": {
+				OutOfScope: true,
+			},
+		},
+	})
+
+	assert.Nil(t, err)
+	assert.Empty(t, risks)
+}
+
+func TestCodeBackdooringRuleGenerateRisksTechAssetNotContainSecretsNotRisksCreated(t *testing.T) {
+	rule := NewCodeBackdooringRule()
+
+	risks, err := rule.GenerateRisks(&types.Model{
+		TechnicalAssets: map[string]*types.TechnicalAsset{
+			"ta1": {
+				Technologies: types.TechnologyList{
+					{
+						Name: "tool",
+						Attributes: map[string]bool{
+							types.MayContainSecrets:                                 false,
+							types.IsUsuallyAbleToPropagateIdentityToOutgoingTargets: true,
+						},
+					},
+				},
+			},
+		},
+	})
+
+	assert.Nil(t, err)
+	assert.Empty(t, risks)
+}
+
+func TestCodeBackdooringRuleGenerateRisksTechAssetFromInternetRisksCreated(t *testing.T) {
+	rule := NewCodeBackdooringRule()
+
+	risks, err := rule.GenerateRisks(&types.Model{
+		TechnicalAssets: map[string]*types.TechnicalAsset{
+			"git-lab-ci-cd": {
+				Title:    "GitLab CI/CD",
+				Internet: true,
+				Technologies: types.TechnologyList{
+					{
+						Name: "build-pipeline",
+						Attributes: map[string]bool{
+							types.IsDevelopmentRelevant: true,
+						},
+					},
+				},
+			},
+		},
+	})
+
+	assert.Nil(t, err)
+	assert.NotEmpty(t, risks)
+	assert.Equal(t, "<b>Code Backdooring</b> risk at <b>GitLab CI/CD</b>", risks[0].Title)
+	assert.Equal(t, types.MediumImpact, risks[0].ExploitationImpact)
+}
+
+func TestCodeBackdooringRuleGenerateRisksTechAssetProcessConfidentialityRisksCreated(t *testing.T) {
+	rule := NewCodeBackdooringRule()
+
+	risks, err := rule.GenerateRisks(&types.Model{
+		TechnicalAssets: map[string]*types.TechnicalAsset{
+			"git-lab-ci-cd": {
+				Title:    "GitLab CI/CD",
+				Internet: true,
+				Technologies: types.TechnologyList{
+					{
+						Name: "build-pipeline",
+						Attributes: map[string]bool{
+							types.IsDevelopmentRelevant: true,
+						},
+					},
+				},
+				DataAssetsProcessed: []string{"critical-data-asset"},
+			},
+		},
+		DataAssets: map[string]*types.DataAsset{
+			"critical-data-asset": {
+				Integrity: types.Critical,
+			},
+		},
+	})
+
+	assert.Nil(t, err)
+	assert.NotEmpty(t, risks)
+	assert.Equal(t, "<b>Code Backdooring</b> risk at <b>GitLab CI/CD</b>", risks[0].Title)
+	assert.Equal(t, types.HighImpact, risks[0].ExploitationImpact)
+}