hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-05 13:45:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Port BuildArtifactLeak

Browse Source
This commit is contained in:
Asger F
2023-10-05 09:12:49 +02:00
parent 85617c292e
commit 2296a273c4
3 changed files with 82 additions and 60 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
javascript/ql/src/Security/CWE-312/BuildArtifactLeak.ql
View File

@@ -15,10 +15,10 @@
import javascript
import semmle.javascript.security.dataflow.BuildArtifactLeakQuery
import DataFlow::PathGraph
import BuildArtifactLeakFlow::PathGraph
from Configuration cfg, DataFlow::PathNode source, DataFlow::PathNode sink
where cfg.hasFlowPath(source, sink)
from BuildArtifactLeakFlow::PathNode source, BuildArtifactLeakFlow::PathNode sink
where BuildArtifactLeakFlow::flowPath(source, sink)
select sink.getNode(), source, sink, "This creates a build artifact that depends on $@.",
source.getNode(),
"sensitive data returned by" + source.getNode().(CleartextLogging::Source).describe()