JS: Add: dataflow step for static method of groupBy from Map.

2026-04-25 16:55:19 +02:00 · 2024-11-20 13:34:11 +01:00
parent 6344f83e4b
commit 58faa2d71e
4 changed files with 27 additions and 5 deletions
--- a/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
+++ b/javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
@@ -246,10 +246,15 @@ typeInferenceMismatch
 | tst.js:2:13:2:20 | source() | tst.js:70:10:70:18 | xReversed |
 | tst.js:2:13:2:20 | source() | tst.js:72:10:72:31 | Map.gro ... z => z) |
 | tst.js:2:13:2:20 | source() | tst.js:74:10:74:34 | Object. ... z => z) |
+| tst.js:2:13:2:20 | source() | tst.js:78:55:78:58 | item |
 | tst.js:2:13:2:20 | source() | tst.js:79:14:79:20 | grouped |
 | tst.js:75:22:75:29 | source() | tst.js:75:10:75:52 | Map.gro ... (item)) |
+| tst.js:75:22:75:29 | source() | tst.js:75:47:75:50 | item |
+| tst.js:82:23:82:30 | source() | tst.js:83:58:83:61 | item |
 | tst.js:82:23:82:30 | source() | tst.js:84:14:84:20 | grouped |
 | tst.js:87:22:87:29 | source() | tst.js:90:14:90:25 | taintedValue |
+| tst.js:93:22:93:29 | source() | tst.js:96:14:96:25 | taintedValue |
+| tst.js:93:22:93:29 | source() | tst.js:97:14:97:26 | map.get(true) |
 | xml.js:5:18:5:25 | source() | xml.js:8:14:8:17 | text |
 | xml.js:12:17:12:24 | source() | xml.js:13:14:13:19 | result |
 | xml.js:23:18:23:25 | source() | xml.js:20:14:20:17 | attr |
--- a/javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected
+++ b/javascript/ql/test/library-tests/TaintTracking/DataFlowTracking.expected
@@ -112,3 +112,5 @@
 | thisAssignments.js:7:19:7:26 | source() | thisAssignments.js:8:10:8:20 | this.field2 |
 | tst.js:2:13:2:20 | source() | tst.js:4:10:4:10 | x |
 | tst.js:2:13:2:20 | source() | tst.js:54:14:54:19 | unsafe |
+| tst.js:93:22:93:29 | source() | tst.js:96:14:96:25 | taintedValue |
+| tst.js:93:22:93:29 | source() | tst.js:97:14:97:26 | map.get(true) |
--- a/javascript/ql/test/library-tests/TaintTracking/tst.js
+++ b/javascript/ql/test/library-tests/TaintTracking/tst.js
@@ -75,12 +75,12 @@ function test() {
    sink(Map.groupBy(source(), (item) => sink(item))); // NOT OK

    { 
-        const grouped = Map.groupBy(x, (item) => sink(item)); // NOT OK -- Should be tainted, but it is not
+        const grouped = Map.groupBy(x, (item) => sink(item)); // NOT OK
        sink(grouped); // NOT OK
    }
    {
        const list = [source()];
-        const grouped = Map.groupBy(list, (item) => sink(item)); // NOT OK -- Should be tainted, but it is not
+        const grouped = Map.groupBy(list, (item) => sink(item)); // NOT OK
        sink(grouped); // NOT OK
    }
    {
@@ -93,7 +93,7 @@ function test() {
        const data = source();
        const map = Map.groupBy(data, item => item);
        const taintedValue = map.get(true); 
-        sink(taintedValue); // NOT OK -- Should be tainted, but it is not
-        sink(map.get(true)); // NOT OK -- Should be tainted, but it is not
+        sink(taintedValue); // NOT OK
+        sink(map.get(true)); // NOT OK
    }
 }