laxmanhalaki/Re_Backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

VAPT done

Browse Source
This commit is contained in:
Aaditya Jaiswal 2026-03-31 19:38:13 +05:30
parent 2b2a1bc6ce
commit 42e6c2356b
1 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

20
src/services/form16.service.ts
View File

@ -2624,6 +2624,26 @@ export function parse26asTxtFile(buffer: Buffer): { rows: any[]; errors: string[
const errors: string[] = [];
if (rawLines.length === 0) return { rows: [], errors };
// Lightweight, non-blocking sanity logging detect obviously suspicious uploads without rejecting them.
try {
const totalLines = rawLines.length;
const sampleLines = rawLines.slice(0, Math.min(200, totalLines));
const caretLines = sampleLines.filter((l) => (l.match(/\^/g) || []).length >= 5).length;
const hasDatePattern = sampleLines.some((l) => /\b\d{1,2}-[A-Za-z]{3}-\d{4}\b/.test(l));
const hasTanLike = sampleLines.some((l) => /\b[A-Z]{4}[A-Z0-9]{5}[A-Z]\b/i.test(l));
const suspicious =
totalLines < 5 ||
(caretLines === 0 && !hasDatePattern && !hasTanLike);
if (suspicious) {
logger.warn(
'[Form16] 26AS TXT upload appears suspicious (non-blocking): ' +
`lines=${totalLines}, caretLines=${caretLines}, hasDatePattern=${hasDatePattern}, hasTanLike=${hasTanLike}`
);
}
} catch {
// Never block parsing due to logging issues
}
const firstLine = rawLines[0];
let delimiter = detectDelimiter(firstLine);
if (delimiter !== '^') {