hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Update TaintTracking test

Browse Source
This commit is contained in:
Asger F
2023-10-06 15:12:18 +02:00
parent b5ad36686e
commit 2eff07f476
20 changed files with 598 additions and 157 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
javascript/ql/test/library-tests/TaintTracking/stringification-read-steps.js Normal file
View File

@@ -0,0 +1,31 @@
import 'dummy';
function makeObject() {
return {
foo: {
bar: {
baz: source()
}
}
};
}
function test() {
const object = makeObject();
sink(object); // OK
sink(JSON.stringify(object)); // NOT OK
sink(object); // OK
}
function testCapture() {
const object = makeObject();
sink(object); // OK
sink(JSON.stringify(object)); // NOT OK
sink(object); // OK - use-use flow should not see the effects of the implicit read in JSON.stringify
function capture() {
object;
}
}