hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 10:15:14 +02:00
Code Issues Packages Projects Releases Wiki Activity

Add sink model for mkdirp and update tests for path injection alerts.

Browse Source
This commit is contained in:
Napalys
2025-04-02 16:29:18 +02:00
parent 533f1a93e2
commit 3fa24d6026
3 changed files with 42 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
javascript/ql/lib/ext/mkdirp.model.yml Normal file
View File

@@ -0,0 +1,6 @@
extensions:
- addsTo:
pack: codeql/javascript-all
extensible: sinkModel
data:
- ["mkdirp", "Member[nativeSync,native,manual,manualSync,mkdirpNative,mkdirpManual,mkdirpManualSync,mkdirpNativeSync,mkdirpSync].Argument[0]", "path-injection"]