hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-24 16:25:15 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Add implicit taint read of array elements

Browse Source
This commit is contained in:
Asger F
2024-08-19 14:15:02 +02:00
parent df42e7c527
commit 371f7ef551
3 changed files with 6 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/lib/semmle/javascript/dataflow/internal/TaintTrackingPrivate.qll
View File

@@ -61,5 +61,5 @@ predicate defaultTaintSanitizer(DataFlow::Node node) {
bindingset[node]
predicate defaultImplicitTaintRead(DataFlow::Node node, ContentSet c) {
exists(node) and
c = ContentSet::promiseValue()
c = [ContentSet::promiseValue(), ContentSet::arrayElement()]
}