hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-28 18:25:24 +02:00
Code Issues Packages Projects Releases Wiki Activity

add taint-step to XML parsers

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2021-02-04 17:08:18 +01:00
parent 1c43505d30
commit 44ca2e26a6
3 changed files with 33 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
View File

@@ -145,3 +145,4 @@ typeInferenceMismatch
| tst.js:2:13:2:20 | source() | tst.js:45:10:45:24 | x.map(x2 => x2) |
| tst.js:2:13:2:20 | source() | tst.js:47:10:47:30 | Buffer. ... 'hex') |
| tst.js:2:13:2:20 | source() | tst.js:48:10:48:22 | new Buffer(x) |
| xml.js:5:18:5:25 | source() | xml.js:8:14:8:17 | text |

10
javascript/ql/test/library-tests/TaintTracking/xml.js Normal file
View File

@@ -0,0 +1,10 @@
(function () {
var Parser = require("node-expat").Parser
var parser = new Parser();
parser.write(source());
parser.on("text", text => {
sink(text); // NOT OK
});
})();