hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 19:26:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

adjust test case for XML entity expansion

Browse Source
This commit is contained in:
Erik Krogh Kristensen
2020-09-24 09:53:06 +02:00
parent 83f0514475
commit 6163e6cf5f
2 changed files with 17 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
javascript/ql/test/query-tests/Security/CWE-611/Xxe.expected
View File

@@ -16,12 +16,12 @@ nodes
| libxml.noent.js:14:27:14:47 | req.par ... e-xml") |
| libxml.noent.js:14:27:14:47 | req.par ... e-xml") |
| libxml.noent.js:14:27:14:47 | req.par ... e-xml") |
| libxml.noent.js:16:26:16:34 | req.files |
| libxml.noent.js:16:26:16:34 | req.files |
| libxml.noent.js:16:26:16:43 | req.files.products |
| libxml.noent.js:16:26:16:48 | req.fil ... ts.data |
| libxml.noent.js:16:26:16:65 | req.fil ... 'utf8') |
| libxml.noent.js:16:26:16:65 | req.fil ... 'utf8') |
| libxml.noent.js:16:27:16:35 | req.files |
| libxml.noent.js:16:27:16:35 | req.files |
| libxml.noent.js:16:27:16:44 | req.files.products |
| libxml.noent.js:16:27:16:49 | req.fil ... ts.data |
| libxml.noent.js:16:27:16:66 | req.fil ... 'utf8') |
| libxml.noent.js:16:27:16:66 | req.fil ... 'utf8') |
| libxml.sax.js:6:22:6:42 | req.par ... e-xml") |
| libxml.sax.js:6:22:6:42 | req.par ... e-xml") |
| libxml.sax.js:6:22:6:42 | req.par ... e-xml") |
@@ -39,11 +39,11 @@ edges
| libxml.noent.js:6:21:6:41 | req.par ... e-xml") | libxml.noent.js:6:21:6:41 | req.par ... e-xml") |
| libxml.noent.js:11:21:11:41 | req.par ... e-xml") | libxml.noent.js:11:21:11:41 | req.par ... e-xml") |
| libxml.noent.js:14:27:14:47 | req.par ... e-xml") | libxml.noent.js:14:27:14:47 | req.par ... e-xml") |
| libxml.noent.js:16:26:16:34 | req.files | libxml.noent.js:16:26:16:43 | req.files.products |
| libxml.noent.js:16:26:16:34 | req.files | libxml.noent.js:16:26:16:43 | req.files.products |
| libxml.noent.js:16:26:16:43 | req.files.products | libxml.noent.js:16:26:16:48 | req.fil ... ts.data |
| libxml.noent.js:16:26:16:48 | req.fil ... ts.data | libxml.noent.js:16:26:16:65 | req.fil ... 'utf8') |
| libxml.noent.js:16:26:16:48 | req.fil ... ts.data | libxml.noent.js:16:26:16:65 | req.fil ... 'utf8') |
| libxml.noent.js:16:27:16:35 | req.files | libxml.noent.js:16:27:16:44 | req.files.products |
| libxml.noent.js:16:27:16:35 | req.files | libxml.noent.js:16:27:16:44 | req.files.products |
| libxml.noent.js:16:27:16:44 | req.files.products | libxml.noent.js:16:27:16:49 | req.fil ... ts.data |
| libxml.noent.js:16:27:16:49 | req.fil ... ts.data | libxml.noent.js:16:27:16:66 | req.fil ... 'utf8') |
| libxml.noent.js:16:27:16:49 | req.fil ... ts.data | libxml.noent.js:16:27:16:66 | req.fil ... 'utf8') |
| libxml.sax.js:6:22:6:42 | req.par ... e-xml") | libxml.sax.js:6:22:6:42 | req.par ... e-xml") |
| libxml.saxpush.js:6:15:6:35 | req.par ... e-xml") | libxml.saxpush.js:6:15:6:35 | req.par ... e-xml") |
#select
@@ -52,6 +52,6 @@ edges
| libxml.noent.js:6:21:6:41 | req.par ... e-xml") | libxml.noent.js:6:21:6:41 | req.par ... e-xml") | libxml.noent.js:6:21:6:41 | req.par ... e-xml") | A $@ is parsed as XML without guarding against external entity expansion. | libxml.noent.js:6:21:6:41 | req.par ... e-xml") | user-provided value |
| libxml.noent.js:11:21:11:41 | req.par ... e-xml") | libxml.noent.js:11:21:11:41 | req.par ... e-xml") | libxml.noent.js:11:21:11:41 | req.par ... e-xml") | A $@ is parsed as XML without guarding against external entity expansion. | libxml.noent.js:11:21:11:41 | req.par ... e-xml") | user-provided value |
| libxml.noent.js:14:27:14:47 | req.par ... e-xml") | libxml.noent.js:14:27:14:47 | req.par ... e-xml") | libxml.noent.js:14:27:14:47 | req.par ... e-xml") | A $@ is parsed as XML without guarding against external entity expansion. | libxml.noent.js:14:27:14:47 | req.par ... e-xml") | user-provided value |
| libxml.noent.js:16:26:16:65 | req.fil ... 'utf8') | libxml.noent.js:16:26:16:34 | req.files | libxml.noent.js:16:26:16:65 | req.fil ... 'utf8') | A $@ is parsed as XML without guarding against external entity expansion. | libxml.noent.js:16:26:16:34 | req.files | user-provided value |
| libxml.noent.js:16:27:16:66 | req.fil ... 'utf8') | libxml.noent.js:16:27:16:35 | req.files | libxml.noent.js:16:27:16:66 | req.fil ... 'utf8') | A $@ is parsed as XML without guarding against external entity expansion. | libxml.noent.js:16:27:16:35 | req.files | user-provided value |
| libxml.sax.js:6:22:6:42 | req.par ... e-xml") | libxml.sax.js:6:22:6:42 | req.par ... e-xml") | libxml.sax.js:6:22:6:42 | req.par ... e-xml") | A $@ is parsed as XML without guarding against external entity expansion. | libxml.sax.js:6:22:6:42 | req.par ... e-xml") | user-provided value |
| libxml.saxpush.js:6:15:6:35 | req.par ... e-xml") | libxml.saxpush.js:6:15:6:35 | req.par ... e-xml") | libxml.saxpush.js:6:15:6:35 | req.par ... e-xml") | A $@ is parsed as XML without guarding against external entity expansion. | libxml.saxpush.js:6:15:6:35 | req.par ... e-xml") | user-provided value |

7
javascript/ql/test/query-tests/Security/CWE-611/libxml.noent.js
View File

@@ -11,7 +11,10 @@ express().post('/some/path', function(req, res) {
libxmljs.parseXml(req.param("some-xml"), { noent: true });
// NOT OK: unguarded entity expansion
libxmljs.parseXmlString(req.param("some-xml"), {noent:true,noblanks:true})
libxmljs.parseXmlString(req.param("some-xml"), {noent:true})
// NOT OK: unguarded entity expansion
libxmljs.parseXmlString(req.files.products.data.toString('utf8'), {noent:true,noblanks:true})
libxmljs.parseXmlString(req.files.products.data.toString('utf8'), {noent:true})
// OK - no entity expansion
libxmljs.parseXmlString(req.files.products.data.toString('utf8'), {noent:false})
});