JS: Add test case for graph ql variableValues injection

2025-12-16 16:53:25 +01:00 · 2025-09-17 12:21:21 +02:00
parent 6d461d6b50
commit 6c18b4de40
1 changed files with 20 additions and 0 deletions
--- a/javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/graph-ql.js
+++ b/javascript/ql/test/query-tests/Security/CWE-094/CodeInjection/graph-ql.js
@@ -33,4 +33,24 @@ app.post('/graphql', async (req, res) => {
    variableValues: variables
  });
  res.json(result);
+
+  const root1 = {
+    greet: ({ name, title }) => {
+      return eval(name + title).toString(); // $ MISSING: Alert[js/code-injection]
+    }
+  };
+  graphql({
+    schema: buildSchema(`
+    type Query {
+      greet(name: String!, title: String): String
+    }
+  `),
+    source: `
+      query GreetUser($name: String!, $title: String) {
+        greet(name: $name, title: $title)
+      }
+    `,
+    rootValue: root1,
+    variableValues: variables
+  });
 });