add tests for type-tracking promises

2025-12-24 12:46:34 +01:00 · 2020-03-25 20:01:15 +01:00
parent 9a78d38df0
commit 00181e059b
3 changed files with 17 additions and 0 deletions
--- a/javascript/ql/test/library-tests/Promises/flow.qll
+++ b/javascript/ql/test/library-tests/Promises/flow.qll
@@ -1,4 +1,5 @@
 import javascript
+private import semmle.javascript.dataflow.internal.StepSummary

 class Configuration extends DataFlow::Configuration {
  Configuration() { this = "PromiseDataFlowFlowTestingConfig" }
@@ -32,3 +33,7 @@ query predicate exclusiveTaintFlow(DataFlow::Node source, DataFlow::Node sink) {
  not any(Configuration c).hasFlow(source, sink) and
  any(TaintConfig c).hasFlow(source, sink)
 }
+
+query predicate typetrack(DataFlow::SourceNode succ, DataFlow::SourceNode pred, StepSummary summary) {
+  succ = PromiseTypeTracking::promiseStep(pred, summary)
+}
--- a/javascript/ql/test/library-tests/Promises/promises.js
+++ b/javascript/ql/test/library-tests/Promises/promises.js
@@ -74,3 +74,10 @@
    resolver.resolve(source);
    resolver.promise.then(val => { var sink = val });
 })();
+
+(function(source) {
+    var promise = Promise.resolve(source);
+    promise.then(function (val) {
+        var sink = val;
+    });
+})();
--- a/javascript/ql/test/library-tests/frameworks/Concepts/tst-file-names.js
+++ b/javascript/ql/test/library-tests/frameworks/Concepts/tst-file-names.js
@@ -45,3 +45,8 @@ var bool = globule.isMatch('**/*.js', ["foo.js"])
 var map1 = globule.findMapping("foo/*.js")
 var map2 = globule.mapping({src: ["a.js", "b.js"]})
 var map3 = globule.mapping(["foo/a.js", "foo/b.js"])
+
+async function bar() {
+  var foo = globby(_);
+  var files = await foo;
+}