hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-29 10:45:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

changes based on review

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-02-17 14:44:10 +01:00
parent a6d644bac0
commit 2885d48ad0
4 changed files with 60 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/TaintedPath.expected
View File

@@ -1333,6 +1333,23 @@ nodes
| normalizedPaths.js:286:21:286:27 | newpath |
| normalizedPaths.js:286:21:286:27 | newpath |
| normalizedPaths.js:286:21:286:27 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath |
| normalizedPaths.js:291:17:291:42 | pathMod ... e(path) |
| normalizedPaths.js:291:17:291:42 | pathMod ... e(path) |
| normalizedPaths.js:291:17:291:42 | pathMod ... e(path) |
| normalizedPaths.js:291:17:291:42 | pathMod ... e(path) |
| normalizedPaths.js:291:38:291:41 | path |
| normalizedPaths.js:291:38:291:41 | path |
| normalizedPaths.js:291:38:291:41 | path |
| normalizedPaths.js:291:38:291:41 | path |
| normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:296:21:296:27 | newpath |
| tainted-require.js:7:19:7:37 | req.param("module") |
| tainted-require.js:7:19:7:37 | req.param("module") |
| tainted-require.js:7:19:7:37 | req.param("module") |
@@ -3732,6 +3749,10 @@ edges
| normalizedPaths.js:254:7:254:47 | path | normalizedPaths.js:283:38:283:41 | path |
| normalizedPaths.js:254:7:254:47 | path | normalizedPaths.js:283:38:283:41 | path |
| normalizedPaths.js:254:7:254:47 | path | normalizedPaths.js:283:38:283:41 | path |
| normalizedPaths.js:254:7:254:47 | path | normalizedPaths.js:291:38:291:41 | path |
| normalizedPaths.js:254:7:254:47 | path | normalizedPaths.js:291:38:291:41 | path |
| normalizedPaths.js:254:7:254:47 | path | normalizedPaths.js:291:38:291:41 | path |
| normalizedPaths.js:254:7:254:47 | path | normalizedPaths.js:291:38:291:41 | path |
| normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | normalizedPaths.js:254:7:254:47 | path |
| normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | normalizedPaths.js:254:7:254:47 | path |
| normalizedPaths.js:254:14:254:47 | pathMod ... y.path) | normalizedPaths.js:254:7:254:47 | path |
@@ -3792,6 +3813,22 @@ edges
| normalizedPaths.js:283:38:283:41 | path | normalizedPaths.js:283:17:283:42 | pathMod ... e(path) |
| normalizedPaths.js:283:38:283:41 | path | normalizedPaths.js:283:17:283:42 | pathMod ... e(path) |
| normalizedPaths.js:283:38:283:41 | path | normalizedPaths.js:283:17:283:42 | pathMod ... e(path) |
| normalizedPaths.js:291:7:291:42 | newpath | normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath | normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath | normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath | normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath | normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath | normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath | normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:291:7:291:42 | newpath | normalizedPaths.js:296:21:296:27 | newpath |
| normalizedPaths.js:291:17:291:42 | pathMod ... e(path) | normalizedPaths.js:291:7:291:42 | newpath |
| normalizedPaths.js:291:17:291:42 | pathMod ... e(path) | normalizedPaths.js:291:7:291:42 | newpath |
| normalizedPaths.js:291:17:291:42 | pathMod ... e(path) | normalizedPaths.js:291:7:291:42 | newpath |
| normalizedPaths.js:291:17:291:42 | pathMod ... e(path) | normalizedPaths.js:291:7:291:42 | newpath |
| normalizedPaths.js:291:38:291:41 | path | normalizedPaths.js:291:17:291:42 | pathMod ... e(path) |
| normalizedPaths.js:291:38:291:41 | path | normalizedPaths.js:291:17:291:42 | pathMod ... e(path) |
| normalizedPaths.js:291:38:291:41 | path | normalizedPaths.js:291:17:291:42 | pathMod ... e(path) |
| normalizedPaths.js:291:38:291:41 | path | normalizedPaths.js:291:17:291:42 | pathMod ... e(path) |
| tainted-require.js:7:19:7:37 | req.param("module") | tainted-require.js:7:19:7:37 | req.param("module") |
| tainted-sendFile.js:8:16:8:33 | req.param("gimme") | tainted-sendFile.js:8:16:8:33 | req.param("gimme") |
| tainted-sendFile.js:10:16:10:33 | req.param("gimme") | tainted-sendFile.js:10:16:10:33 | req.param("gimme") |
@@ -4578,6 +4615,7 @@ edges
| normalizedPaths.js:270:21:270:27 | newpath | normalizedPaths.js:254:33:254:46 | req.query.path | normalizedPaths.js:270:21:270:27 | newpath | This path depends on $@. | normalizedPaths.js:254:33:254:46 | req.query.path | a user-provided value |
| normalizedPaths.js:278:21:278:27 | newpath | normalizedPaths.js:254:33:254:46 | req.query.path | normalizedPaths.js:278:21:278:27 | newpath | This path depends on $@. | normalizedPaths.js:254:33:254:46 | req.query.path | a user-provided value |
| normalizedPaths.js:286:21:286:27 | newpath | normalizedPaths.js:254:33:254:46 | req.query.path | normalizedPaths.js:286:21:286:27 | newpath | This path depends on $@. | normalizedPaths.js:254:33:254:46 | req.query.path | a user-provided value |
| normalizedPaths.js:296:21:296:27 | newpath | normalizedPaths.js:254:33:254:46 | req.query.path | normalizedPaths.js:296:21:296:27 | newpath | This path depends on $@. | normalizedPaths.js:254:33:254:46 | req.query.path | a user-provided value |
| tainted-require.js:7:19:7:37 | req.param("module") | tainted-require.js:7:19:7:37 | req.param("module") | tainted-require.js:7:19:7:37 | req.param("module") | This path depends on $@. | tainted-require.js:7:19:7:37 | req.param("module") | a user-provided value |
| tainted-sendFile.js:8:16:8:33 | req.param("gimme") | tainted-sendFile.js:8:16:8:33 | req.param("gimme") | tainted-sendFile.js:8:16:8:33 | req.param("gimme") | This path depends on $@. | tainted-sendFile.js:8:16:8:33 | req.param("gimme") | a user-provided value |
| tainted-sendFile.js:10:16:10:33 | req.param("gimme") | tainted-sendFile.js:10:16:10:33 | req.param("gimme") | tainted-sendFile.js:10:16:10:33 | req.param("gimme") | This path depends on $@. | tainted-sendFile.js:10:16:10:33 | req.param("gimme") | a user-provided value |

8
javascript/ql/test/query-tests/Security/CWE-022/TaintedPath/normalizedPaths.js
View File

@@ -287,4 +287,12 @@ app.get('/relative-startswith', (req, res) => {
} else {
fs.readFileSync(newpath); // OK!
}
let newpath = pathModule.normalize(path);
var relativePath = pathModule.relative(pathModule.normalize(workspaceDir), newpath);
if (pathModule.normalize(relativePath).indexOf('../')) {
fs.readFileSync(newpath); // OK!
} else {
fs.readFileSync(newpath); // NOT OK!
}
});