hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 03:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

add taint step through arrify

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2021-07-15 11:24:50 +02:00
parent e64f29fe8f
commit 5ff7d208b7
4 changed files with 25 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
View File

@@ -12,6 +12,8 @@ typeInferenceMismatch
| array-mutation.js:31:33:31:40 | source() | array-mutation.js:32:8:32:8 | h |
| array-mutation.js:35:36:35:43 | source() | array-mutation.js:36:8:36:8 | i |
| array-mutation.js:39:17:39:24 | source() | array-mutation.js:40:8:40:8 | j |
| arrays.js:2:15:2:22 | source() | arrays.js:5:10:5:20 | arrify(foo) |
| arrays.js:2:15:2:22 | source() | arrays.js:8:10:8:22 | arrayIfy(foo) |
| booleanOps.js:2:11:2:18 | source() | booleanOps.js:4:8:4:8 | x |
| booleanOps.js:2:11:2:18 | source() | booleanOps.js:13:10:13:10 | x |
| booleanOps.js:2:11:2:18 | source() | booleanOps.js:19:10:19:10 | x |

9
javascript/ql/test/library-tests/TaintTracking/arrays.js Normal file
View File

@@ -0,0 +1,9 @@
function test() {
var foo = source();
const arrify = require("arrify");
sink(arrify(foo)); // NOT OK
const arrayIfy = require("array-ify");
sink(arrayIfy(foo)); // NOT OK
}