hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 05:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3599 from asger-semmle/js/nameditem

Browse Source 
Approved by esbena
This commit is contained in:
semmle-qlci
2020-06-25 17:34:14 +01:00
committed by GitHub
parent b759856ccb b867512db4
commit 056e1a8c4b
6 changed files with 18 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
javascript/ql/test/library-tests/DOM/Customizations.expected
View File

@@ -1,8 +1,11 @@
test_documentRef
| customization.js:2:13:2:31 | customGetDocument() |
| nameditems.js:1:1:1:8 | document |
test_locationRef
| customization.js:3:3:3:14 | doc.location |
test_domValueRef
| customization.js:4:3:4:28 | doc.get ... 'test') |
| nameditems.js:1:1:1:30 | documen ... ('foo') |
| nameditems.js:1:1:2:19 | documen ... em('x') |
| tst.js:49:3:49:8 | window |
| tst.js:50:3:50:8 | window |

2
javascript/ql/test/library-tests/DOM/nameditems.js Normal file
View File

@@ -0,0 +1,2 @@
document.getElementById('foo')
.namedItem('x');

5
javascript/ql/test/query-tests/Security/CWE-079/Xss.expected
View File

@@ -331,6 +331,8 @@ nodes
| tst.js:194:54:194:60 | tainted |
| tst.js:195:45:195:51 | tainted |
| tst.js:195:45:195:51 | tainted |
| tst.js:196:49:196:55 | tainted |
| tst.js:196:49:196:55 | tainted |
| tst.js:200:9:200:42 | tainted |
| tst.js:200:19:200:35 | document.location |
| tst.js:200:19:200:35 | document.location |
@@ -749,6 +751,8 @@ edges
| tst.js:187:9:187:42 | tainted | tst.js:194:54:194:60 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:195:45:195:51 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:195:45:195:51 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:196:49:196:55 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:196:49:196:55 | tainted |
| tst.js:187:19:187:35 | document.location | tst.js:187:19:187:42 | documen ... .search |
| tst.js:187:19:187:35 | document.location | tst.js:187:19:187:42 | documen ... .search |
| tst.js:187:19:187:42 | documen ... .search | tst.js:187:9:187:42 | tainted |
@@ -925,6 +929,7 @@ edges
| tst.js:192:33:192:39 | tainted | tst.js:187:19:187:35 | document.location | tst.js:192:33:192:39 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:187:19:187:35 | document.location | user-provided value |
| tst.js:194:54:194:60 | tainted | tst.js:187:19:187:35 | document.location | tst.js:194:54:194:60 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:187:19:187:35 | document.location | user-provided value |
| tst.js:195:45:195:51 | tainted | tst.js:187:19:187:35 | document.location | tst.js:195:45:195:51 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:187:19:187:35 | document.location | user-provided value |
| tst.js:196:49:196:55 | tainted | tst.js:187:19:187:35 | document.location | tst.js:196:49:196:55 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:187:19:187:35 | document.location | user-provided value |
| tst.js:202:67:202:73 | tainted | tst.js:200:19:200:35 | document.location | tst.js:202:67:202:73 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:200:19:200:35 | document.location | user-provided value |
| tst.js:203:67:203:73 | tainted | tst.js:200:19:200:35 | document.location | tst.js:203:67:203:73 | tainted | Cross-site scripting vulnerability due to $@. | tst.js:200:19:200:35 | document.location | user-provided value |
| tst.js:215:28:215:46 | this.state.tainted1 | tst.js:200:19:200:35 | document.location | tst.js:215:28:215:46 | this.state.tainted1 | Cross-site scripting vulnerability due to $@. | tst.js:200:19:200:35 | document.location | user-provided value |

4
javascript/ql/test/query-tests/Security/CWE-079/XssWithAdditionalSources.expected
View File

@@ -331,6 +331,8 @@ nodes
| tst.js:194:54:194:60 | tainted |
| tst.js:195:45:195:51 | tainted |
| tst.js:195:45:195:51 | tainted |
| tst.js:196:49:196:55 | tainted |
| tst.js:196:49:196:55 | tainted |
| tst.js:200:9:200:42 | tainted |
| tst.js:200:19:200:35 | document.location |
| tst.js:200:19:200:35 | document.location |
@@ -753,6 +755,8 @@ edges
| tst.js:187:9:187:42 | tainted | tst.js:194:54:194:60 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:195:45:195:51 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:195:45:195:51 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:196:49:196:55 | tainted |
| tst.js:187:9:187:42 | tainted | tst.js:196:49:196:55 | tainted |
| tst.js:187:19:187:35 | document.location | tst.js:187:19:187:42 | documen ... .search |
| tst.js:187:19:187:35 | document.location | tst.js:187:19:187:42 | documen ... .search |
| tst.js:187:19:187:42 | documen ... .search | tst.js:187:9:187:42 | tainted |

2
javascript/ql/test/query-tests/Security/CWE-079/tst.js
View File

@@ -193,7 +193,7 @@ function references() {
document.getElementsByClassName()[0].innerHTML = tainted; // NOT OK
getElementsByClassName()[0].innerHTML = tainted; // NOT OK
getElementsByClassName().item().innerHTML = tainted; // NOT OK, but not supported
getElementsByClassName().item().innerHTML = tainted; // NOT OK
}
function react(){