hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-20 14:34:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Port AsyncTaintTracking test

Browse Source
This commit is contained in:
Asger F
2023-10-05 15:07:25 +02:00
parent 09b0ba0c1f
commit 466ffdf8f5
2 changed files with 19 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/test/library-tests/frameworks/AsyncPackage/AsyncTaintTracking.expected
View File

@@ -1,3 +1,5 @@
legacyDataFlowDifference
#select
| each.js:11:9:11:16 | source() | each.js:13:12:13:15 | item |
| map.js:10:13:10:20 | source() | map.js:12:14:12:17 | item |
| map.js:20:19:20:26 | source() | map.js:23:27:23:32 | result |

24
javascript/ql/test/library-tests/frameworks/AsyncPackage/AsyncTaintTracking.ql
View File

@@ -2,14 +2,24 @@ import javascript
DataFlow::CallNode getACall(string name) { result.getCalleeName() = name }
class BasicConfig extends TaintTracking::Configuration {
BasicConfig() { this = "BasicConfig" }
module TestConfig implements DataFlow::ConfigSig {
predicate isSource(DataFlow::Node node) { node = getACall("source") }
override predicate isSource(DataFlow::Node node) { node = getACall("source") }
override predicate isSink(DataFlow::Node node) { node = getACall("sink").getAnArgument() }
predicate isSink(DataFlow::Node node) { node = getACall("sink").getAnArgument() }
}
from BasicConfig cfg, DataFlow::Node src, DataFlow::Node sink
where cfg.hasFlow(src, sink)
module TestFlow = TaintTracking::Global<TestConfig>;
class LegacyConfig extends TaintTracking::Configuration {
LegacyConfig() { this = "LegacyConfig" }
override predicate isSource(DataFlow::Node source) { TestConfig::isSource(source) }
override predicate isSink(DataFlow::Node sink) { TestConfig::isSink(sink) }
}
import testUtilities.LegacyDataFlowDiff::DataFlowDiff<TestFlow, LegacyConfig>
from DataFlow::Node src, DataFlow::Node sink
where TestFlow::flow(src, sink)
select src, sink