hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-05-01 03:35:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

JS: Add test case

Browse Source
This commit is contained in:
Asger F
2019-04-12 11:09:19 +01:00
parent 5101a5bc3d
commit 720555be45
2 changed files with 19 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
javascript/ql/test/library-tests/TaintTracking/BasicTaintTracking.expected
View File

@@ -1,3 +1,5 @@
| access-path-sanitizer.js:2:18:2:25 | source() | access-path-sanitizer.js:4:8:4:12 | obj.x |
| access-path-sanitizer.js:2:18:2:25 | source() | access-path-sanitizer.js:15:10:15:14 | obj.x |
| addexpr.js:4:10:4:17 | source() | addexpr.js:7:8:7:8 | x |
| addexpr.js:11:15:11:22 | source() | addexpr.js:21:8:21:12 | value |
| advanced-callgraph.js:2:13:2:20 | source() | advanced-callgraph.js:6:22:6:22 | v |

17
javascript/ql/test/library-tests/TaintTracking/access-path-sanitizer.js Normal file
View File

@@ -0,0 +1,17 @@
function foo() {
let obj = { x: source() };
sink(obj.x); // NOT OK
if (isSafe(obj.x)) {
sink(obj.x); // OK
}
if (typeof obj === "object" && isSafe(obj.x)) {
sink(obj.x); // OK
}
if (isSafe(obj.x) && typeof obj === "object") {
sink(obj.x); // OK - but flagged anyway
}
}