hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of git.semmle.com:Semmle/ql into CVE74

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-02-20 12:19:32 +01:00
parent 63036aa444 f6af5da7f7
commit 03e295ef11
9 changed files with 810 additions and 754 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1492
javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
View File

File diff suppressed because it is too large Load Diff

25
javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.js
View File

@@ -115,11 +115,34 @@ var server = http.createServer(function(req, res) {
});
var server = http.createServer(function(req, res) {
let path = url.parse(req.url, true).query.path;
if (path) { // sanitization
path = path.replace(/[\]\[*,;'"`<>\\?\/]/g, ''); // remove all invalid characters from states plus slashes
path = path.replace(/\.\./g, ''); // remove all ".."
}
res.write(fs.readFileSync(path)); // OK. Is sanitized above.
});
var server = http.createServer(function(req, res) {
let path = url.parse(req.url, true).query.path;
if (!path) {
} else { // sanitization
path = path.replace(/[\]\[*,;'"`<>\\?\/]/g, ''); // remove all invalid characters from states plus slashes
path = path.replace(/\.\./g, ''); // remove all ".."
}
res.write(fs.readFileSync(path)); // OK. Is sanitized above.
});
var server = http.createServer(function(req, res) {
let path = url.parse(req.url, true).query.path;
require('send')(req, path); // NOT OK
});
var server = http.createServer(function(req, res) {