hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 11:45:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

aggregate the tests in library-tests/SensitiveActions into a single .ql file

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-10-20 13:08:55 +02:00
parent d678cc17ba
commit 003854ebe7
11 changed files with 53 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
javascript/ql/test/library-tests/SensitiveActions/CleartextPasswordExpr.expected
View File

@@ -1,10 +0,0 @@
| tst.js:1:1:1:8 | password |
| tst.js:2:1:2:8 | PassWord |
| tst.js:3:1:3:21 | myPassw ... eartext |
| tst.js:4:1:4:10 | x.password |
| tst.js:5:1:5:11 | getPassword |
| tst.js:5:1:5:13 | getPassword() |
| tst.js:6:1:6:13 | x.getPassword |
| tst.js:6:1:6:15 | x.getPassword() |
| tst.js:7:1:7:15 | get("password") |
| tst.js:8:1:8:17 | x.get("password") |

5
javascript/ql/test/library-tests/SensitiveActions/CleartextPasswordExpr.ql
View File

@@ -1,5 +0,0 @@
import javascript
import semmle.javascript.security.SensitiveActions
from CleartextPasswordExpr e
select e

9
javascript/ql/test/library-tests/SensitiveActions/DummyPasswords.expected
View File

@@ -1,9 +0,0 @@
| | true |
| XXXXXXXX | true |
| abcdefgh | false |
| admin | true |
| change_me | true |
| example_password | true |
| insert-auth-from-gui | true |
| root | true |
| sOKY6ccizpmvF*32so%Q | false |

4
javascript/ql/test/library-tests/SensitiveActions/ProcessTermination.expected
View File

@@ -1,4 +0,0 @@
| tst.js:18:1:18:3 | e() |
| tst.js:19:1:19:6 | exit() |
| tst.js:23:1:23:25 | require ... .exit() |
| tst.js:24:1:24:21 | global. ... .exit() |

4
javascript/ql/test/library-tests/SensitiveActions/ProcessTermination.ql
View File

@@ -1,4 +0,0 @@
import javascript
from NodeJSLib::ProcessTermination e
select e

4
javascript/ql/test/library-tests/SensitiveActions/SensitiveAction.expected
View File

@@ -1,4 +0,0 @@
| tst.js:18:1:18:3 | e() |
| tst.js:19:1:19:6 | exit() |
| tst.js:23:1:23:25 | require ... .exit() |
| tst.js:24:1:24:21 | global. ... .exit() |

3
javascript/ql/test/library-tests/SensitiveActions/SensitiveAction.ql
View File

@@ -1,3 +0,0 @@
import javascript
select any(SensitiveAction a)

11
javascript/ql/test/library-tests/SensitiveActions/SensitiveExpr.expected
View File

@@ -1,11 +0,0 @@
| tst.js:1:1:1:8 | password |
| tst.js:2:1:2:8 | PassWord |
| tst.js:3:1:3:21 | myPassw ... eartext |
| tst.js:4:1:4:10 | x.password |
| tst.js:5:1:5:11 | getPassword |
| tst.js:5:1:5:13 | getPassword() |
| tst.js:6:1:6:13 | x.getPassword |
| tst.js:6:1:6:15 | x.getPassword() |
| tst.js:7:1:7:15 | get("password") |
| tst.js:8:1:8:17 | x.get("password") |
| tst.js:21:1:21:6 | secret |

3
javascript/ql/test/library-tests/SensitiveActions/SensitiveExpr.ql
View File

@@ -1,3 +0,0 @@
import javascript
select any(SensitiveExpr a)

43
javascript/ql/test/library-tests/SensitiveActions/tests.expected Normal file
View File

@@ -0,0 +1,43 @@
cleartextPasswordExpr
| tst.js:1:1:1:8 | password |
| tst.js:2:1:2:8 | PassWord |
| tst.js:3:1:3:21 | myPassw ... eartext |
| tst.js:4:1:4:10 | x.password |
| tst.js:5:1:5:11 | getPassword |
| tst.js:5:1:5:13 | getPassword() |
| tst.js:6:1:6:13 | x.getPassword |
| tst.js:6:1:6:15 | x.getPassword() |
| tst.js:7:1:7:15 | get("password") |
| tst.js:8:1:8:17 | x.get("password") |
dummyPasswords
| | true |
| XXXXXXXX | true |
| abcdefgh | false |
| admin | true |
| change_me | true |
| example_password | true |
| insert-auth-from-gui | true |
| root | true |
| sOKY6ccizpmvF*32so%Q | false |
processTermination
| tst.js:18:1:18:3 | e() |
| tst.js:19:1:19:6 | exit() |
| tst.js:23:1:23:25 | require ... .exit() |
| tst.js:24:1:24:21 | global. ... .exit() |
sensitiveAction
| tst.js:18:1:18:3 | e() |
| tst.js:19:1:19:6 | exit() |
| tst.js:23:1:23:25 | require ... .exit() |
| tst.js:24:1:24:21 | global. ... .exit() |
sensitiveExpr
| tst.js:1:1:1:8 | password |
| tst.js:2:1:2:8 | PassWord |
| tst.js:3:1:3:21 | myPassw ... eartext |
| tst.js:4:1:4:10 | x.password |
| tst.js:5:1:5:11 | getPassword |
| tst.js:5:1:5:13 | getPassword() |
| tst.js:6:1:6:13 | x.getPassword |
| tst.js:6:1:6:15 | x.getPassword() |
| tst.js:7:1:7:15 | get("password") |
| tst.js:8:1:8:17 | x.get("password") |
| tst.js:21:1:21:6 | secret |

13
javascript/ql/test/library-tests/SensitiveActions/DummyPasswords.ql → javascript/ql/test/library-tests/SensitiveActions/tests.ql
View File

@@ -1,6 +1,8 @@
import javascript
import semmle.javascript.security.SensitiveActions
query predicate cleartextPasswordExpr(CleartextPasswordExpr e) { any() }
string getASamplePassword() {
result = "abcdefgh" or
result = "sOKY6ccizpmvF*32so%Q" or
@@ -13,8 +15,13 @@ string getASamplePassword() {
result = "root"
}
from string password, boolean isDummy
where
query predicate dummyPasswords(string password, boolean isDummy) {
password = getASamplePassword() and
if PasswordHeuristics::isDummyPassword(password) then isDummy = true else isDummy = false
select password, isDummy
}
query predicate processTermination(NodeJSLib::ProcessTermination term) { any() }
query predicate sensitiveAction(SensitiveAction ac) { any() }
query predicate sensitiveExpr(SensitiveExpr e) { any() }