hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-17 01:03:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

aggregate the tests in library-tests/frameworks/Vue into a single .ql file

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-10-14 14:46:04 +02:00
parent 26a5d62a87
commit 1e537db103
16 changed files with 146 additions and 137 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
javascript/ql/test/library-tests/frameworks/Vue/Instance.expected
View File

@@ -1,20 +0,0 @@
| single-component-file-1.vue:0:0:0:0 | single-component-file-1.vue |
| single-file-component-2.vue:0:0:0:0 | single-file-component-2.vue |
| single-file-component-3.vue:0:0:0:0 | single-file-component-3.vue |
| single-file-component-4.vue:0:0:0:0 | single-file-component-4.vue |
| single-file-component-5.vue:0:0:0:0 | single-file-component-5.vue |
| tst.js:3:1:10:2 | new Vue ... 2\\n\\t}\\n}) |
| tst.js:12:1:16:2 | new Vue ... \\t}),\\n}) |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) |
| tst.js:37:1:39:2 | new Vue ... nger\\n}) |
| tst.js:41:17:47:2 | Vue.ext ... \\n }\\n}) |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) |
| tst.js:51:17:57:2 | Vue.ext ... \\n }\\n}) |
| tst.js:58:1:61:2 | new Vue ... 42 }\\n}) |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) |
| tst.js:77:20:83:2 | Vue.ext ... \\n }\\n}) |
| tst.js:85:1:87:2 | new Vue ... e; }\\n}) |
| tst.js:94:2:96:3 | new Vue ... f,\\n\\t}) |
| tst.js:99:2:104:3 | new Vue ... \\t\\t}\\n\\t}) |

3
javascript/ql/test/library-tests/frameworks/Vue/Instance.ql
View File

@@ -1,3 +0,0 @@
import javascript
select any(Vue::Instance i)

2
javascript/ql/test/library-tests/frameworks/Vue/InstanceHeapStep.expected
View File

@@ -1,2 +0,0 @@
| tst.js:102:20:102:29 | this.dataA | tst.js:100:18:100:19 | 42 | tst.js:102:20:102:29 | this.dataA |
| tst.js:102:20:102:29 | this.dataA | tst.js:102:20:102:23 | this | tst.js:102:20:102:29 | this.dataA |

5
javascript/ql/test/library-tests/frameworks/Vue/InstanceHeapStep.ql
View File

@@ -1,5 +0,0 @@
import javascript
from Vue::InstanceHeapStep step, DataFlow::Node pred, DataFlow::Node succ
where step.step(pred, succ)
select step, pred, succ

27
javascript/ql/test/library-tests/frameworks/Vue/Instance_getAPropertyValue.expected
View File

@@ -1,27 +0,0 @@
| single-component-file-1.vue:0:0:0:0 | single-component-file-1.vue | dataA | single-component-file-1.vue:6:40:6:41 | 42 |
| single-file-component-3.vue:0:0:0:0 | single-file-component-3.vue | dataA | single-file-component-3-script.js:4:37:4:38 | 42 |
| single-file-component-4.vue:0:0:0:0 | single-file-component-4.vue | dataA | single-file-component-4.vue:15:14:15:15 | 42 |
| single-file-component-4.vue:0:0:0:0 | single-file-component-4.vue | message | single-file-component-4.vue:12:23:12:30 | 'Hello!' |
| single-file-component-5.vue:0:0:0:0 | single-file-component-5.vue | dataA | single-file-component-5.vue:13:14:13:15 | 42 |
| single-file-component-5.vue:0:0:0:0 | single-file-component-5.vue | message | single-file-component-5.vue:10:23:10:30 | 'Hello!' |
| tst.js:3:1:10:2 | new Vue ... 2\\n\\t}\\n}) | dataA | tst.js:8:10:8:11 | 42 |
| tst.js:12:1:16:2 | new Vue ... \\t}),\\n}) | dataA | tst.js:14:10:14:11 | 42 |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) | dataA | tst.js:20:10:20:11 | 42 |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) | dataB | tst.js:24:17:24:20 | true |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) | x | tst.js:31:12:31:13 | 42 |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) | y | tst.js:32:19:32:20 | 42 |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) | z2 | tst.js:33:36:33:37 | 42 |
| tst.js:41:17:47:2 | Vue.ext ... \\n }\\n}) | fromSuper | tst.js:44:18:44:19 | 42 |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) | fromSub | tst.js:49:19:49:20 | 42 |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) | fromSuper | tst.js:44:18:44:19 | 42 |
| tst.js:51:17:57:2 | Vue.ext ... \\n }\\n}) | fromSuper | tst.js:54:18:54:19 | 42 |
| tst.js:58:1:61:2 | new Vue ... 42 }\\n}) | fromSub | tst.js:60:19:60:20 | 42 |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | fromMixin1 | tst.js:64:32:64:33 | 42 |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | fromMixin2 | tst.js:64:61:64:62 | 42 |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | fromSub | tst.js:65:19:65:20 | 42 |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | fromMixinValue | tst.js:69:28:69:29 | 42 |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | fromSub | tst.js:74:19:74:20 | 42 |
| tst.js:77:20:83:2 | Vue.ext ... \\n }\\n}) | deadExtended | tst.js:80:21:80:22 | 42 |
| tst.js:85:1:87:2 | new Vue ... e; }\\n}) | created | tst.js:86:38:86:41 | true |
| tst.js:94:2:96:3 | new Vue ... f,\\n\\t}) | dataA | tst.js:89:22:89:23 | 42 |
| tst.js:99:2:104:3 | new Vue ... \\t\\t}\\n\\t}) | dataA | tst.js:100:18:100:19 | 42 |

4
javascript/ql/test/library-tests/frameworks/Vue/Instance_getAPropertyValue.ql
View File

@@ -1,4 +0,0 @@
import javascript
from Vue::Instance i, string name
select i, name, i.getAPropertyValue(name)

28
javascript/ql/test/library-tests/frameworks/Vue/Instance_getOption.expected
View File

@@ -1,28 +0,0 @@
| single-component-file-1.vue:0:0:0:0 | single-component-file-1.vue | data | single-component-file-1.vue:6:11:6:45 | functio ... 42 } } |
| single-file-component-3.vue:0:0:0:0 | single-file-component-3.vue | data | single-file-component-3-script.js:4:8:4:42 | functio ... 42 } } |
| single-file-component-4.vue:0:0:0:0 | single-file-component-4.vue | render | single-file-component-4.vue:9:13:9:22 | (h) => { } |
| tst.js:3:1:10:2 | new Vue ... 2\\n\\t}\\n}) | data | tst.js:7:8:9:2 | {\\n\\t\\tdataA: 42\\n\\t} |
| tst.js:3:1:10:2 | new Vue ... 2\\n\\t}\\n}) | render | tst.js:4:10:6:2 | functio ... c);\\n\\t} |
| tst.js:12:1:16:2 | new Vue ... \\t}),\\n}) | data | tst.js:13:8:15:3 | () => ( ... 42\\n\\t}) |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) | data | tst.js:19:8:21:3 | () => ( ... 42\\n\\t}) |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) | methods | tst.js:22:11:26:2 | {\\n\\t\\tmet ... \\n\\t\\t}\\n\\t} |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) | computed | tst.js:30:12:34:2 | {\\n\\t\\tx: ... } }\\n\\t} |
| tst.js:37:1:39:2 | new Vue ... nger\\n}) | template | tst.js:38:12:38:17 | danger |
| tst.js:41:17:47:2 | Vue.ext ... \\n }\\n}) | data | tst.js:42:9:46:3 | functio ... };\\n } |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) | data | tst.js:42:9:46:3 | functio ... };\\n } |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) | data | tst.js:49:8:49:22 | { fromSub: 42 } |
| tst.js:51:17:57:2 | Vue.ext ... \\n }\\n}) | data | tst.js:52:9:56:3 | functio ... };\\n } |
| tst.js:58:1:61:2 | new Vue ... 42 }\\n}) | data | tst.js:60:8:60:22 | { fromSub: 42 } |
| tst.js:58:1:61:2 | new Vue ... 42 }\\n}) | mixins | tst.js:59:10:59:18 | Extended2 |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | data | tst.js:64:18:64:35 | { fromMixin1: 42 } |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | data | tst.js:64:47:64:64 | { fromMixin2: 42 } |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | data | tst.js:65:8:65:22 | { fromSub: 42 } |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | mixins | tst.js:64:10:64:67 | [{data: ... 42 } }] |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | data | tst.js:70:20:70:28 | mixinData |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | data | tst.js:74:8:74:22 | { fromSub: 42 } |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | mixins | tst.js:73:10:73:15 | mixins |
| tst.js:77:20:83:2 | Vue.ext ... \\n }\\n}) | data | tst.js:78:9:82:3 | functio ... };\\n } |
| tst.js:85:1:87:2 | new Vue ... e; }\\n}) | created | tst.js:86:11:86:44 | functio ... true; } |
| tst.js:94:2:96:3 | new Vue ... f,\\n\\t}) | data | tst.js:95:9:95:9 | f |
| tst.js:99:2:104:3 | new Vue ... \\t\\t}\\n\\t}) | data | tst.js:100:9:100:21 | { dataA: 42 } |
| tst.js:99:2:104:3 | new Vue ... \\t\\t}\\n\\t}) | methods | tst.js:101:12:103:3 | {\\n\\t\\t\\tm: ... ; }\\n\\t\\t} |

4
javascript/ql/test/library-tests/frameworks/Vue/Instance_getOption.ql
View File

@@ -1,4 +0,0 @@
import javascript
from Vue::Instance i, string name
select i, name, i.getOption(name)

20
javascript/ql/test/library-tests/frameworks/Vue/TemplateElement.expected
View File

@@ -1,20 +0,0 @@
| single-component-file-1.vue:1:1:3:11 | <template>...</> |
| single-component-file-1.vue:2:5:10:8 | <p>...</> |
| single-component-file-1.vue:4:1:8:9 | <script>...</> |
| single-component-file-1.vue:9:1:10:8 | <style>...</> |
| single-file-component-2.vue:1:1:3:11 | <template>...</> |
| single-file-component-2.vue:2:5:11:8 | <p>...</> |
| single-file-component-2.vue:4:1:9:9 | <script>...</> |
| single-file-component-2.vue:10:1:11:8 | <style>...</> |
| single-file-component-3.vue:1:1:3:11 | <template>...</> |
| single-file-component-3.vue:2:5:7:8 | <p>...</> |
| single-file-component-3.vue:4:1:5:9 | <script>...</> |
| single-file-component-3.vue:6:1:7:8 | <style>...</> |
| single-file-component-4.vue:1:1:3:11 | <template>...</> |
| single-file-component-4.vue:2:5:20:9 | <p>...</> |
| single-file-component-4.vue:4:1:18:9 | <script>...</> |
| single-file-component-4.vue:19:1:20:8 | <style>...</> |
| single-file-component-5.vue:1:1:3:11 | <template>...</> |
| single-file-component-5.vue:2:5:18:9 | <p>...</> |
| single-file-component-5.vue:4:1:16:9 | <script>...</> |
| single-file-component-5.vue:17:1:18:8 | <style>...</> |

3
javascript/ql/test/library-tests/frameworks/Vue/TemplateElement.ql
View File

@@ -1,3 +0,0 @@
import javascript
select any(Vue::Template::Element e)

4
javascript/ql/test/library-tests/frameworks/Vue/VHtmlSourceWrite.expected
View File

@@ -1,4 +0,0 @@
| single-component-file-1.vue:6:40:6:41 | 42 | single-component-file-1.vue:6:40:6:41 | 42 | single-component-file-1.vue:2:8:2:21 | v-html=dataA |
| single-file-component-3-script.js:4:37:4:38 | 42 | single-file-component-3-script.js:4:37:4:38 | 42 | single-file-component-3.vue:2:8:2:21 | v-html=dataA |
| single-file-component-4.vue:15:14:15:15 | 42 | single-file-component-4.vue:15:14:15:15 | 42 | single-file-component-4.vue:2:8:2:21 | v-html=dataA |
| single-file-component-5.vue:13:14:13:15 | 42 | single-file-component-5.vue:13:14:13:15 | 42 | single-file-component-5.vue:2:8:2:21 | v-html=dataA |

6
javascript/ql/test/library-tests/frameworks/Vue/VHtmlSourceWrite.ql
View File

@@ -1,6 +0,0 @@
import javascript
import semmle.javascript.security.dataflow.DomBasedXss
from DomBasedXss::VHtmlSourceWrite w, DataFlow::Node pred, DataFlow::Node succ
where w.step(pred, succ)
select w, pred, succ

7
javascript/ql/test/library-tests/frameworks/Vue/XssSink.expected
View File

@@ -1,7 +0,0 @@
| single-component-file-1.vue:2:8:2:21 | v-html=dataA |
| single-file-component-2.vue:2:8:2:21 | v-html=dataA |
| single-file-component-3.vue:2:8:2:21 | v-html=dataA |
| single-file-component-4.vue:2:8:2:21 | v-html=dataA |
| single-file-component-5.vue:2:8:2:21 | v-html=dataA |
| tst.js:5:13:5:13 | a |
| tst.js:38:12:38:17 | danger |

4
javascript/ql/test/library-tests/frameworks/Vue/XssSink.ql
View File

@@ -1,4 +0,0 @@
import javascript
import semmle.javascript.security.dataflow.DomBasedXss
select any(DomBasedXss::Sink s)

115
javascript/ql/test/library-tests/frameworks/Vue/tests.expected Normal file
View File

@@ -0,0 +1,115 @@
instance_getAPropertyValue
| single-component-file-1.vue:0:0:0:0 | single-component-file-1.vue | dataA | single-component-file-1.vue:6:40:6:41 | 42 |
| single-file-component-3.vue:0:0:0:0 | single-file-component-3.vue | dataA | single-file-component-3-script.js:4:37:4:38 | 42 |
| single-file-component-4.vue:0:0:0:0 | single-file-component-4.vue | dataA | single-file-component-4.vue:15:14:15:15 | 42 |
| single-file-component-4.vue:0:0:0:0 | single-file-component-4.vue | message | single-file-component-4.vue:12:23:12:30 | 'Hello!' |
| single-file-component-5.vue:0:0:0:0 | single-file-component-5.vue | dataA | single-file-component-5.vue:13:14:13:15 | 42 |
| single-file-component-5.vue:0:0:0:0 | single-file-component-5.vue | message | single-file-component-5.vue:10:23:10:30 | 'Hello!' |
| tst.js:3:1:10:2 | new Vue ... 2\\n\\t}\\n}) | dataA | tst.js:8:10:8:11 | 42 |
| tst.js:12:1:16:2 | new Vue ... \\t}),\\n}) | dataA | tst.js:14:10:14:11 | 42 |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) | dataA | tst.js:20:10:20:11 | 42 |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) | dataB | tst.js:24:17:24:20 | true |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) | x | tst.js:31:12:31:13 | 42 |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) | y | tst.js:32:19:32:20 | 42 |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) | z2 | tst.js:33:36:33:37 | 42 |
| tst.js:41:17:47:2 | Vue.ext ... \\n }\\n}) | fromSuper | tst.js:44:18:44:19 | 42 |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) | fromSub | tst.js:49:19:49:20 | 42 |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) | fromSuper | tst.js:44:18:44:19 | 42 |
| tst.js:51:17:57:2 | Vue.ext ... \\n }\\n}) | fromSuper | tst.js:54:18:54:19 | 42 |
| tst.js:58:1:61:2 | new Vue ... 42 }\\n}) | fromSub | tst.js:60:19:60:20 | 42 |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | fromMixin1 | tst.js:64:32:64:33 | 42 |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | fromMixin2 | tst.js:64:61:64:62 | 42 |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | fromSub | tst.js:65:19:65:20 | 42 |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | fromMixinValue | tst.js:69:28:69:29 | 42 |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | fromSub | tst.js:74:19:74:20 | 42 |
| tst.js:77:20:83:2 | Vue.ext ... \\n }\\n}) | deadExtended | tst.js:80:21:80:22 | 42 |
| tst.js:85:1:87:2 | new Vue ... e; }\\n}) | created | tst.js:86:38:86:41 | true |
| tst.js:94:2:96:3 | new Vue ... f,\\n\\t}) | dataA | tst.js:89:22:89:23 | 42 |
| tst.js:99:2:104:3 | new Vue ... \\t\\t}\\n\\t}) | dataA | tst.js:100:18:100:19 | 42 |
instance_getOption
| single-component-file-1.vue:0:0:0:0 | single-component-file-1.vue | data | single-component-file-1.vue:6:11:6:45 | functio ... 42 } } |
| single-file-component-3.vue:0:0:0:0 | single-file-component-3.vue | data | single-file-component-3-script.js:4:8:4:42 | functio ... 42 } } |
| single-file-component-4.vue:0:0:0:0 | single-file-component-4.vue | render | single-file-component-4.vue:9:13:9:22 | (h) => { } |
| tst.js:3:1:10:2 | new Vue ... 2\\n\\t}\\n}) | data | tst.js:7:8:9:2 | {\\n\\t\\tdataA: 42\\n\\t} |
| tst.js:3:1:10:2 | new Vue ... 2\\n\\t}\\n}) | render | tst.js:4:10:6:2 | functio ... c);\\n\\t} |
| tst.js:12:1:16:2 | new Vue ... \\t}),\\n}) | data | tst.js:13:8:15:3 | () => ( ... 42\\n\\t}) |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) | data | tst.js:19:8:21:3 | () => ( ... 42\\n\\t}) |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) | methods | tst.js:22:11:26:2 | {\\n\\t\\tmet ... \\n\\t\\t}\\n\\t} |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) | computed | tst.js:30:12:34:2 | {\\n\\t\\tx: ... } }\\n\\t} |
| tst.js:37:1:39:2 | new Vue ... nger\\n}) | template | tst.js:38:12:38:17 | danger |
| tst.js:41:17:47:2 | Vue.ext ... \\n }\\n}) | data | tst.js:42:9:46:3 | functio ... };\\n } |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) | data | tst.js:42:9:46:3 | functio ... };\\n } |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) | data | tst.js:49:8:49:22 | { fromSub: 42 } |
| tst.js:51:17:57:2 | Vue.ext ... \\n }\\n}) | data | tst.js:52:9:56:3 | functio ... };\\n } |
| tst.js:58:1:61:2 | new Vue ... 42 }\\n}) | data | tst.js:60:8:60:22 | { fromSub: 42 } |
| tst.js:58:1:61:2 | new Vue ... 42 }\\n}) | mixins | tst.js:59:10:59:18 | Extended2 |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | data | tst.js:64:18:64:35 | { fromMixin1: 42 } |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | data | tst.js:64:47:64:64 | { fromMixin2: 42 } |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | data | tst.js:65:8:65:22 | { fromSub: 42 } |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) | mixins | tst.js:64:10:64:67 | [{data: ... 42 } }] |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | data | tst.js:70:20:70:28 | mixinData |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | data | tst.js:74:8:74:22 | { fromSub: 42 } |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) | mixins | tst.js:73:10:73:15 | mixins |
| tst.js:77:20:83:2 | Vue.ext ... \\n }\\n}) | data | tst.js:78:9:82:3 | functio ... };\\n } |
| tst.js:85:1:87:2 | new Vue ... e; }\\n}) | created | tst.js:86:11:86:44 | functio ... true; } |
| tst.js:94:2:96:3 | new Vue ... f,\\n\\t}) | data | tst.js:95:9:95:9 | f |
| tst.js:99:2:104:3 | new Vue ... \\t\\t}\\n\\t}) | data | tst.js:100:9:100:21 | { dataA: 42 } |
| tst.js:99:2:104:3 | new Vue ... \\t\\t}\\n\\t}) | methods | tst.js:101:12:103:3 | {\\n\\t\\t\\tm: ... ; }\\n\\t\\t} |
instance
| single-component-file-1.vue:0:0:0:0 | single-component-file-1.vue |
| single-file-component-2.vue:0:0:0:0 | single-file-component-2.vue |
| single-file-component-3.vue:0:0:0:0 | single-file-component-3.vue |
| single-file-component-4.vue:0:0:0:0 | single-file-component-4.vue |
| single-file-component-5.vue:0:0:0:0 | single-file-component-5.vue |
| tst.js:3:1:10:2 | new Vue ... 2\\n\\t}\\n}) |
| tst.js:12:1:16:2 | new Vue ... \\t}),\\n}) |
| tst.js:18:1:27:2 | Vue.com ... }\\n\\t}\\n}) |
| tst.js:29:1:35:2 | new Vue ... }\\n\\t}\\n}) |
| tst.js:37:1:39:2 | new Vue ... nger\\n}) |
| tst.js:41:17:47:2 | Vue.ext ... \\n }\\n}) |
| tst.js:48:1:50:2 | new Ext ... 42 }\\n}) |
| tst.js:51:17:57:2 | Vue.ext ... \\n }\\n}) |
| tst.js:58:1:61:2 | new Vue ... 42 }\\n}) |
| tst.js:63:1:66:2 | new Vue ... 42 }\\n}) |
| tst.js:72:1:75:2 | new Vue ... 42 }\\n}) |
| tst.js:77:20:83:2 | Vue.ext ... \\n }\\n}) |
| tst.js:85:1:87:2 | new Vue ... e; }\\n}) |
| tst.js:94:2:96:3 | new Vue ... f,\\n\\t}) |
| tst.js:99:2:104:3 | new Vue ... \\t\\t}\\n\\t}) |
instance_heapStep
| tst.js:102:20:102:29 | this.dataA | tst.js:100:18:100:19 | 42 | tst.js:102:20:102:29 | this.dataA |
| tst.js:102:20:102:29 | this.dataA | tst.js:102:20:102:23 | this | tst.js:102:20:102:29 | this.dataA |
templateElement
| single-component-file-1.vue:1:1:3:11 | <template>...</> |
| single-component-file-1.vue:2:5:10:8 | <p>...</> |
| single-component-file-1.vue:4:1:8:9 | <script>...</> |
| single-component-file-1.vue:9:1:10:8 | <style>...</> |
| single-file-component-2.vue:1:1:3:11 | <template>...</> |
| single-file-component-2.vue:2:5:11:8 | <p>...</> |
| single-file-component-2.vue:4:1:9:9 | <script>...</> |
| single-file-component-2.vue:10:1:11:8 | <style>...</> |
| single-file-component-3.vue:1:1:3:11 | <template>...</> |
| single-file-component-3.vue:2:5:7:8 | <p>...</> |
| single-file-component-3.vue:4:1:5:9 | <script>...</> |
| single-file-component-3.vue:6:1:7:8 | <style>...</> |
| single-file-component-4.vue:1:1:3:11 | <template>...</> |
| single-file-component-4.vue:2:5:20:9 | <p>...</> |
| single-file-component-4.vue:4:1:18:9 | <script>...</> |
| single-file-component-4.vue:19:1:20:8 | <style>...</> |
| single-file-component-5.vue:1:1:3:11 | <template>...</> |
| single-file-component-5.vue:2:5:18:9 | <p>...</> |
| single-file-component-5.vue:4:1:16:9 | <script>...</> |
| single-file-component-5.vue:17:1:18:8 | <style>...</> |
vhtmlSourceWrite
| single-component-file-1.vue:6:40:6:41 | 42 | single-component-file-1.vue:6:40:6:41 | 42 | single-component-file-1.vue:2:8:2:21 | v-html=dataA |
| single-file-component-3-script.js:4:37:4:38 | 42 | single-file-component-3-script.js:4:37:4:38 | 42 | single-file-component-3.vue:2:8:2:21 | v-html=dataA |
| single-file-component-4.vue:15:14:15:15 | 42 | single-file-component-4.vue:15:14:15:15 | 42 | single-file-component-4.vue:2:8:2:21 | v-html=dataA |
| single-file-component-5.vue:13:14:13:15 | 42 | single-file-component-5.vue:13:14:13:15 | 42 | single-file-component-5.vue:2:8:2:21 | v-html=dataA |
xssSink
| single-component-file-1.vue:2:8:2:21 | v-html=dataA |
| single-file-component-2.vue:2:8:2:21 | v-html=dataA |
| single-file-component-3.vue:2:8:2:21 | v-html=dataA |
| single-file-component-4.vue:2:8:2:21 | v-html=dataA |
| single-file-component-5.vue:2:8:2:21 | v-html=dataA |
| tst.js:5:13:5:13 | a |
| tst.js:38:12:38:17 | danger |

31
javascript/ql/test/library-tests/frameworks/Vue/tests.ql Normal file
View File

@@ -0,0 +1,31 @@
import javascript
query predicate instance_getAPropertyValue(Vue::Instance i, string name, DataFlow::Node prop) {
i.getAPropertyValue(name) = prop
}
query predicate instance_getOption(Vue::Instance i, string name, DataFlow::Node prop) {
i.getOption(name) = prop
}
query predicate instance(Vue::Instance i) { any() }
query predicate instance_heapStep(
Vue::InstanceHeapStep step, DataFlow::Node pred, DataFlow::Node succ
) {
step.step(pred, succ)
}
query predicate templateElement(Vue::Template::Element template) { any() }
import semmle.javascript.security.dataflow.DomBasedXss
query predicate vhtmlSourceWrite(
DomBasedXss::VHtmlSourceWrite w, DataFlow::Node pred, DataFlow::Node succ
) {
w.step(pred, succ)
}
import semmle.javascript.security.dataflow.DomBasedXss
query predicate xssSink(DomBasedXss::Sink s) { any() }